------------------------------------------------------------------ --- Changelog.all ----------- Wed Jan 27 07:35:55 UTC 2021 ------ ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------ 2021-1-23 - Jan 23 2021 ------------------- ------------------------------------------------------------------ ++++ sudo: - Fix Heap-based buffer overflow in Sudo [bsc#1181090,CVE-2021-3156] * sudo-CVE-2021-3156.patch - Possible Dir Existence Test due to Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239] * sudo-CVE-2021-23239.patch - Possible Symlink Attack in SELinux Context in `sudoedit` [bsc#1180685, CVE-2021-23240] * sudo-CVE-2021-23240.patch - User Could Enable Debug Settings not Intended for it [bsc#1180687] * sudo-fix-bsc-1180687.patch ------------------------------------------------------------------ ------------------ 2021-1-14 - Jan 14 2021 ------------------- ------------------------------------------------------------------ ++++ patterns-microos: - added system-group-kvm ------------------------------------------------------------------ ------------------ 2021-1-13 - Jan 13 2021 ------------------- ------------------------------------------------------------------ ++++ patterns-microos: - adjust pattern descriptions to product rename ------------------------------------------------------------------ ------------------ 2021-1-12 - Jan 12 2021 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix patch metadata - fix Patch-mainline: patches.suse/sched-fair-Check-for-idle-core-in-wake_affine.patch - commit b5830a4 - blacklist.conf: 4f8af077a02e docs: Fix reST markup when linking to sections - commit 28e1ebf ++++ openldap2: - bsc#1178909 CVE-2020-25709 CVE-2020-25710 - Resolves two issues where openldap would crash due to malformed inputs. * patch: 0209-ITS-9383-remove-assert-in-certificateListValidate.patch * patch: 0210-ITS-9384-remove-assert-in-obsolete-csnNormalize23.patch ++++ libzypp: - Rephrase solver problem descriptions (jsc#SLE-8482) - Adapt to changed gpg2/libgpgme behavior (bsc#1180721) - Multicurl backend breaks with with unknown filesize (fixes #277) - version 17.25.6 (22) ++++ zypper: - Fix source-download commnds help (bsc#1180663) - man: Recommend to use the --non-interactive global option rather than the command option -y (bsc#1179816) - Extend apt packagemap (fixes #366) - --quitet: Fix install summary to write nothing if there's nothing todo (bsc#1180077) - Prefer /run over /var/run. - version 1.14.42 ------------------------------------------------------------------ ------------------ 2021-1-11 - Jan 11 2021 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/resctrl: Don't move a task to the same resource group (bsc#1152489). - commit 8a696c5 - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (bsc#1152489). - commit 309f3cb - x86/mtrr: Correct the range check before performing MTRR type lookups (bsc#1152489). - commit 41cceca - x86/mm: Fix leak of pmd ptlock (bsc#1152489). - commit cb571f0 - btrfs: fix missing delalloc new bit for new delalloc ranges (bsc#1180773). - btrfs: make btrfs_dirty_pages take btrfs_inode (bsc#1180773). - btrfs: make btrfs_set_extent_delalloc take btrfs_inode (bsc#1180773). - commit fba9b10 - IB/hfi1: Ensure correct mm is used at all times (bsc#1179878 CVE-2020-27835). - IB/hfi1: Remove module parameter for KDETH qpns (bsc#1179878). - IB/hfi1: Remove kobj from hfi1_devdata (bsc#1179878). - commit 79bac5c - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() (git-fixes). - commit 6e1e482 - USB: serial: iuu_phoenix: fix DMA from stack (git-fixes). - usb: gadget: configfs: Preserve function ordering after bind failure (git-fixes). - usb: gadget: select CONFIG_CRC32 (git-fixes). - usb: usbip: vhci_hcd: protect shift size (git-fixes). - usb: gadget: f_uac2: reset wMaxPacketSize (git-fixes). - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (git-fixes). - USB: yurex: fix control-URB timeout handling (git-fixes). - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (git-fixes). - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (git-fixes). - USB: gadget: legacy: fix return error code in acm_ms_bind() (git-fixes). - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (git-fixes). - staging: mt7621-dma: Fix a resource leak in an error handling path (git-fixes). - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (git-fixes). - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe() (git-fixes). - dmaengine: xilinx_dma: check dma_async_device_register return value (git-fixes). - dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk() (git-fixes). - dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function (git-fixes). - i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated (git-fixes). - i2c: sprd: use a specific timeout to avoid system hang up issue (git-fixes). - wan: ds26522: select CONFIG_BITREVERSE (git-fixes). - wil6210: select CONFIG_CRC32 (git-fixes). - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (git-fixes). - spi: stm32: FIFO threshold level - fix align packet size (git-fixes). - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev (git-fixes). - dmaengine: at_hdmac: add missing kfree() call in at_dma_xlate() (git-fixes). - dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate() (git-fixes). - dmaengine: at_hdmac: Substitute kzalloc with kmalloc (git-fixes). - commit da0ba2f - sched/fair: Check for idle core in wake_affine (git fixes (sched)). - commit 2caffed - arm64: mm: Fix ARCH_LOW_ADDRESS_LIMIT when !CONFIG_ZONE_DMA (git-fixes). - commit 52bc22f - blacklist.conf: 2c2b3ad2c4c8 ("spi: spi-fsl-dspi: Use max_native_cs instead of num_chipselect to set SPI_MCR") Depends on 7d93aecdb58d4 ("spi: Add generic support for unused native cs with cs-gpios") which at the moment is not worth back-porting as it'll break kABI. - commit bafcdfd ++++ yast2: - Ensure the libzypp target is initialized when downloading the skelcd packages (to verify the GPG signatures) (bsc#1179773) - 4.2.89 ------------------------------------------------------------------ ------------------ 2021-1-8 - Jan 8 2021 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm: bail out of nouveau_channel_new if channel init fails (CVE-2020-25639 bsc#1176846). - commit 1ef70aa - nvme-multipath: fix bogus request queue reference put (bsc#1175389). - commit ef51578 - Move "btrfs: qgroup: don't try to wait flushing if we're already holding a transaction (bsc#1179575)." to sorted section - commit 464edf7 ------------------------------------------------------------------ ------------------ 2021-1-7 - Jan 7 2021 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: 44623b2818f4 crypto: x86/crc32c - fix building with clang ias - commit 4260c52 - x86/mm/numa: Remove uninitialized_var() usage (bsc#1152489). - commit ec737c3 - series.conf: refresh - update upstream reference and resort: patches.suse/ibmvnic-continue-fatal-error-reset-after-passive-ini.patch - commit c554179 - Update kabi files. - update from January 2021 maintenance update submission (commit 4ff469b6e1a0) - commit a9bc2aa - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes). - commit e4eab60 - ALSA: hda/realtek - Modify Dell platform name (git-fixes). - ALSA: hda/realtek - Supported Dell fixed type headset (git-fixes). - ALSA: hda/realtek: Remove dummy lineout on Acer TravelMate P648/P658 (git-fixes). - commit 5e10442 - r8169: work around power-saving bug on some chip versions (git-fixes). - ALSA: pcm: Clear the full allocated memory at hw_params (git-fixes). - rtc: pl031: fix resource leak in pl031_probe (git-fixes). - rtc: sun6i: Fix memleak in sun6i_rtc_clk_init (git-fixes). - i3c master: fix missing destroy_workqueue() on error in i3c_master_register (git-fixes). - misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() (git-fixes). - xhci: Give USB2 ports time to enter U3 in bus suspend (git-fixes). - USB: dummy-hcd: Fix uninitialized array use in init() (git-fixes). - Bluetooth: hci_h5: close serdev device and free hu in h5_close (git-fixes). - media: gp8psk: initialize stats at power control logic (git-fixes). - staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() (git-fixes). - commit 57824b9 - ALSA: hda/via: Fix runtime PM for Clevo W35xSS (git-fixes). - ALSA: usb-audio: Add quirk for RC-505 (git-fixes). - ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (git-fixes). - ALSA: hda/realtek: Add two "Intel Reference board" SSID in the ALC256 (git-fixes). - ALSA: hda/realtek: Add mute LED quirk for more HP laptops (git-fixes). - ALSA: hda/conexant: add a new hda codec CX11970 (git-fixes). - ALSA: usb-audio: Add quirk for BOSS AD-10 (git-fixes). - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (git-fixes). - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (git-fixes). - commit 3b01e24 ------------------------------------------------------------------ ------------------ 2021-1-6 - Jan 6 2021 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - lib/string: remove unnecessary #undefs (git-fixes). - bitmap: remove unused function declaration (git-fixes). - swiotlb: using SIZE_MAX needs limits.h included (git-fixes). - swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb" (git-fixes). - kdb: Fix pager search for multi-line strings (git-fixes). - kgdb: Drop malformed kernel doc comment (git-fixes). - commit 28d99cb - EDAC/amd64: Fix PCI component registration (bsc#1152489). - commit 6c4ae9b ------------------------------------------------------------------ ------------------ 2021-1-5 - Jan 5 2021 ------------------- ------------------------------------------------------------------ ++++ bcache-tools: - bcache.h: fix typo from SUUP to SUPP (jsc#SLE-9807) 0019-bcache.h-fix-typo-from-SUUP-to-SUPP.patch - bcache-tools: only call set_bucket_size() for cache device (jsc#SLE-9807) 0020-bcache-tools-only-call-set_bucket_size-for-cache-dev.patch - bcache.h: add BCH_FEATURE_INCOMPAT_LARGE_BUCKET to BCH_FEATURE_INCOMPAT_SUPP (jsc#SLE-9807) 0021-bcache.h-add-BCH_FEATURE_INCOMPAT_LARGE_BUCKET-to-BC.patch - bcache-tools: check incompatible feature set (jsc#SLE-9807) 0022-bcache-tools-check-incompatible-feature-set.patch - bcache-tools: introduce BCH_FEATURE_INCOMPAT_LOG_LARGE_BUCKET_SIZE for large bucket (jsc#SLE-9807) 0023-bcache-tools-introduce-BCH_FEATURE_INCOMPAT_LOG_LARG.patch - bcache-tools: display obsoleted bucket size configuration (jsc#SLE-9807) 0024-bcache-tools-display-obsoleted-bucket-size-configura.patch - bcache-tools: recover the missing sb.csum for showing bcache device super block (jsc#SLE-9807) 0025-bcache-tools-recover-the-missing-sb.csum-for-showing.patch - bcache-tools: only call to_cache_sb() for bcache device in may_add_item() (jsc#SLE-9807) 0026-bcache-tools-only-call-to_cache_sb-for-bcache-device.patch - bcache-tools: improve column alignment for "bcache show - m" output (jsc#SLE-9807) 0027-bcache-tools-improve-column-alignment-for-bcache-sho.patch ++++ lvm2-device-mapper: - lvm2 should use 'external_device_info_source="udev"' by default (bsc#1179691) - change lvm.conf item external_device_info_source from none to udev - comment out lvm.conf item preferred_names by default (bsc#1179738) - comment out preferred_names ++++ kernel-default: - target: fix XCOPY NAA identifier lookup (CVE-2020-28374, bsc#1178372). - commit 3e5427c - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (CVE-2020-36158 bsc#1180559). - commit 3e80605 - btrfs: do not commit logs and transactions during link and rename operations (bsc#1180566). - btrfs: do not take the log_mutex of the subvolume when pinning the log (bsc#1180566). - btrfs: delete duplicated words + other fixes in comments (bsc#1180566). - commit 916e8ac - md/cluster: fix deadlock when node is doing resync job (bsc#1163727). - md/cluster: block reshape with remote resync job (bsc#1163727). - md/bitmap: fix memory leak of temporary bitmap (bsc#1163727). - md/bitmap: md_bitmap_get_counter returns wrong blocks (bsc#1163727). - md/bitmap: md_bitmap_read_sb uses wrong bitmap blocks (bsc#1163727). - md-cluster: fix rmmod issue when md_cluster convert bitmap to none (bsc#1163727). - md-cluster: fix safemode_delay value when converting to clustered bitmap (bsc#1163727). - md-cluster: fix wild pointer of unlock_all_bitmaps() (bsc#1163727). - commit 7522976 ++++ lvm2: - lvm2 should use 'external_device_info_source="udev"' by default (bsc#1179691) - change lvm.conf item external_device_info_source from none to udev - comment out lvm.conf item preferred_names by default (bsc#1179738) - comment out preferred_names ++++ mdadm: - Incremental: Remove redundant spare movement logic (bsc#1180220)) 0112-Incremental-Remove-redundant-spare-movement-logic.patch ------------------------------------------------------------------ ------------------ 2021-1-4 - Jan 4 2021 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: add missing check for nocow and compression inode flags (bsc#1178780). - commit 98b0ffc - Revert "ceph: allow rename operation under different quota realms" (bsc#1180541). - commit 1a2a0a7 - Refresh patches.suse/ceph-downgrade-warning-from-mdsmap-decode-to-debug.patch. - Refresh patches.suse/ceph-fix-race-in-concurrent-_ceph_remove_cap-invocations.patch. Patches have been merged into mainline; refreshing Git-commit and Path-mainline tags in patches. - commit d338d00 - powerpc/pci: Remove LSI mappings on device teardown (bsc#1172145 ltc#184630). - commit a2fd2d8 - blacklist.conf: adab66b71abf ("Revert: "ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS"") We do not support metag and sparc64 archs. - commit 99ad074 - blacklist.conf: d9a9280a0d0a ("seq_buf: Avoid type mismatch for seq_buf_init") It breaks kABI. It is not worth the hassle to backport. - commit 7c29506 - bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address() (git-fixes). - commit e888e29 - blacklist.conf: 310e3a4b5a4f ("tracing: Remove WARN_ON in start_thread()") CONFIG_HWLAT_TRACER is not set anywhere. - commit 4f64022 - ocfs2: fix unbalanced locking (bsc#1180506). - commit b54b08a - remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio() (git-fixes). - remoteproc: qcom: fix reference leak in adsp_start (git-fixes). - remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable (git-fixes). - serial_core: Check for port state when tty is in error state (git-fixes). - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (git-fixes). - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (git-fixes). - USB: gadget: f_acm: add support for SuperSpeed Plus (git-fixes). - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (git-fixes). - media: gspca: Fix memory leak in probe (git-fixes). - media: saa7146: fix array overflow in vidioc_s_audio() (git-fixes). - media: max2175: fix max2175_set_csm_mode() error code (git-fixes). - media: imx214: Fix stop streaming (git-fixes). - media: msi2500: assign SPI bus number dynamically (git-fixes). - media: siano: fix memory leak of debugfs members in smsdvb_hotplug (git-fixes). - media: sunxi-cir: ensure IR is handled when it is continuous (git-fixes). - media: solo6x10: fix missing snd_card_free in error handling case (git-fixes). - media: ipu3-cio2: Remove traces of returned buffers (git-fixes). - media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE (git-fixes). - media: ipu3-cio2: Validate mbus format in setting subdev format (git-fixes). - media: ipu3-cio2: Serialise access to pad format (git-fixes). - media: ipu3-cio2: Return actual subdev format (git-fixes). - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm() (git-fixes). - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (git-fixes). - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm() (git-fixes). - media: tm6000: Fix sizeof() mismatches (git-fixes). - iwlwifi: pcie: add one missing entry for AX210 (git-fixes). - commit 1e25d62 - gpio: mvebu: update Armada XP per-CPU comment (git-fixes). - dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() (git-fixes). - HID: i2c-hid: add Vero K147 to descriptor override (git-fixes). - iio:imu:bmi160: Fix too large a buffer (git-fixes). - crypto: atmel-i2c - select CONFIG_BITREVERSE (git-fixes). - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() (git-fixes). - crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (git-fixes). - crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd (git-fixes). - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (git-fixes). - Input: cros_ec_keyb - send 'scancodes' in addition to key events (git-fixes). - commit 48f3c1f - ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G (git-fixes). - ALSA: hda/realtek: Apply jack fixup for Quanta NL3 (git-fixes). - ALSA: hda/realtek: Add quirk for MSI-GP73 (git-fixes). - ALSA: pcm: oss: Fix a few more UBSAN fixes (git-fixes). - ALSA: usb-audio: Disable sample read check if firmware doesn't give back (git-fixes). - ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices (git-fixes). - ALSA: core: memalloc: add page alignment for iram (git-fixes). - ACPI: PNP: compare the string length in the matching_id() (git-fixes). - clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI (git-fixes). - clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne (git-fixes). - clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() (git-fixes). - clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path (git-fixes). - crypto: af_alg - avoid undefined behavior accessing salg_name (git-fixes). - crypto: inside-secure - Fix sizeof() mismatch (git-fixes). - crypto: talitos - Fix return type of current_desc_hdr() (git-fixes). - crypto: talitos - Endianess in current_desc_hdr() (git-fixes). - cfg80211: initialize rekey_data (git-fixes). - commit 57d3bee ++++ openldap2: - bsc#1179503 - fix proxy retry binds to a remote server * patch: 0208-ITS-9400-back-ldap-fix-retry-binds.patch ------------------------------------------------------------------ ------------------ 2020-12-31 - Dec 31 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Updated to upstream version 2.1.3 as 2.1.3-suse, for bsc#1179908, including: * uip: check for TCP urgent pointer past end of frame * uip: check for u8 overflow when processing TCP options * uip: check for header length underflow during checksum calculation * fwparam_ppc: Fix memory leak in fwparam_ppc.c * iscsiuio: Remove unused macro IFNAMSIZ defined in iscsid_ipc.c * fwparam_ppc: Fix illegal memory access in fwparam_ppc.c * sysfs: Verify parameter of sysfs_device_get() * fwparam_ppc: Fix NULL pointer dereference in find_devtree() * open-iscsi: Clean user_param list when process exit * iscsi_net_util: Fix NULL pointer dereference in find_vlan_dev() * open-iscsi: Fix NULL pointer dereference in mgmt_ipc_read_req() * open-iscsi: Fix invalid pointer deference in find_initiator() * iscsiuio: Fix invalid parameter when call fstat() * iscsi-iname: Verify open() return value before calling read() * iscsi_sysfs: Fix NULL pointer deference in iscsi_sysfs_read_iface ++++ kernel-default: - series.conf: cleanup - move unsortable patch out of sorted section: patches.suse/ibmvnic-fix-NULL-pointer-dereference.patch - update upstream reference: patches.suse/ibmvnic-continue-fatal-error-reset-after-passive-ini.patch - commit a0b2ce7 ------------------------------------------------------------------ ------------------ 2020-12-30 - Dec 30 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ibmvnic: continue fatal error reset after passive init (bsc#1171078 ltc#184239 git-fixes). - commit e6ea824 - powerpc/bitops: Fix possible undefined behaviour with fls() and fls64() (bsc#1156395). - commit e90809a - powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (bsc#1065729). - commit b5cc99b - powerpc/xmon: Change printk() to pr_cont() (bsc#1065729). - commit 9125964 - powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (bsc#1065729). - commit 7bcd26b - powerpc/eeh_cache: Fix a possible debugfs deadlock (bsc#1156395). - commit bfd7479 - powerpc: Avoid broken GCC __attribute__((optimize)) (bsc#1156395). - commit 3d98ea5 - powerpc/smp: Add __init to init_big_cores() (bsc#1109695 ltc#171067 git-fixes). - commit 88fe3ed - Refresh patches.suse/powerpc-rtas-fix-typo-of-ibm-open-errinjct-in-rtas-f.patch Refresh to upstream version. - commit f0055e2 - powerpc/pseries/hibernation: remove redundant cacheinfo update (bsc#1138374 ltc#178199 git-fixes). - commit e904a78 - Revert "powerpc/pseries/hotplug-cpu: Remove double free in error path" (bsc#1065729). - commit 243e39e - blacklist.conf: Add e91d8d78237d mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING The option is not enabled. - commit 65fee6f - PCI: Fix overflow in command-line resource alignment requests (git-fixes). - commit 1dd80ec - ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231 git-fixes). - commit 59feb80 - Refresh patches.suse/powercap-Restrict-energy-meter-to-root-access.patch. Now in mainline - commit 414492a - blacklist.conf: fix already added by other patch - commit ed48336 - blacklist.conf: already gone in by another ID - commit 7020218 - usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes). - commit 6f94554 - blacklist.conf: fix not relevant for our config - commit 47a12a9 ------------------------------------------------------------------ ------------------ 2020-12-29 - Dec 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - USB: UAS: introduce a quirk to set no_write_same (git-fixes). - commit bda3ea7 - USB: add RESET_RESUME quirk for Snapscan 1212 (git-fixes). - commit 0912116 - blk-mq: Remove 'running from the wrong CPU' warning (bsc#1174486). - commit 5a12d1c - watchdog: coh901327: add COMMON_CLK dependency (git-fixes). - watchdog: qcom: Avoid context switch in restart handler (git-fixes). - watchdog: Fix potential dereferencing of null pointer (git-fixes). - watchdog: sprd: change to use usleep_range() instead of busy loop (git-fixes). - watchdog: sprd: check busy bit before new loading rather than after that (git-fixes). - watchdog: sprd: remove watchdog disable from resume fail path (git-fixes). - watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (git-fixes). - watchdog: armada_37xx: Add missing dependency on HAS_IOMEM (git-fixes). - commit 705ed83 - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (bsc#1180117). - commit 2f3db03 - Re-import the upstream uvcvideo fix; one more fix will be added later (bsc#1180117) - commit 0da5ae4 ++++ timezone: - timezone update 2020f (bsc#1177460) * 'make rearguard_tarballs' no longer generates a bad rearguard.zi, fixing a 2020e bug. ------------------------------------------------------------------ ------------------ 2020-12-28 - Dec 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/constraints.in: more disk space for aarch64 binary builds (bsc#1180261) Tumbleweed KotD builds already consume ~30 GB of disk space and SLE15-SP3 builds sometimes exceed even 32 GB, resulting in build failures. Thus the exception providing only 30 GB for aarch64 binary builds is no longer sustainable and if requiring 35 GB limits the portfolio of available builders, we need to address that. - commit 07b084b - x86/topology: Set cpu_die_id only if DIE_TYPE found (bsc#1152489). - commit 6e7d005 - EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId (bsc#1152489). - commit 72ce98e - x86/CPU/AMD: Remove amd_get_nb_id() (bsc#1152489). - commit be1bad6 - x86/CPU/AMD: Save AMD NodeId as cpu_die_id (bsc#1152489). - commit af076e7 - EDAC/amd64: Do not load on family 0x15, model 0x13 (bsc#1179763). - commit 877e64a - rpm: drop /usr/bin/env in interpreter specification OBS checks don't like /usr/bin/env in script interpreter lines but upstream developers tend to use it. A proper solution would be fixing the depedency extraction and drop the OBS check error but that's unlikely to happen so that we have to work around the problem on our side and rewrite the interpreter lines in scripts before collecting files for packages instead. - commit 0ec5324 ------------------------------------------------------------------ ------------------ 2020-12-23 - Dec 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - nvmet-tcp: fix maxh2cdata icresp parameter (bsc#1179892). - commit 8a7b72b - x86/ima: use correct identifier for SetupMode variable (bsc#1152489). - commit 9b27f4f ++++ timezone: - timezone update 2020e (bsc#1177460) * Volgograd switches to Moscow time on 2020-12-27 at 02:00. ------------------------------------------------------------------ ------------------ 2020-12-22 - Dec 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: 3d51507f29f2 x86/entry/32: Add missing ASM_CLAC to general_protection entry - commit 1aa31e3 - fix patch metadata - fix Patch-mainline: patches.suse/mm-memory_failure-always-pin-the-page-in-madvise_inj.patch - commit 4f786fa - selftests/bpf: Print reason when a tester could not run a program (bsc#1155518). - selftests/bpf: Fix invalid use of strncat in test_sockmap (bsc#1155518). - samples: bpf: Refactor test_cgrp2_sock2 program with libbpf (bsc#1155518). - samples/bpf: Remove unused test_ipip.sh (bsc#1155518). - selftest/bpf: Add missed ip6ip6 test back (bsc#1155518). - selftests/bpf/test_offload.py: Reset ethtool features after failed setting (bsc#1155518). - commit 82533c7 - clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (git-fixes). - clk: sunxi-ng: Make sure divider tables have sentinel (git-fixes). - clk: s2mps11: Fix a resource leak in error handling paths in the probe function (git-fixes). - clk: ingenic: Fix divider calculation with div tables (git-fixes). - clk: at91: sam9x60: remove atmel,osc-bypass support (git-fixes). - clk: ti: Fix memleak in ti_fapll_synth_setup (git-fixes). - clk: mediatek: Make mtk_clk_register_mux() a static function (git-fixes). - clk: tegra: Fix duplicated SE clock entry (git-fixes). - clk: tegra: Do not return 0 on failure (git-fixes). - lan743x: fix for potential NULL pointer dereference with bare card (git-fixes). - commit 21d14d2 ------------------------------------------------------------------ ------------------ 2020-12-21 - Dec 21 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mm,memory_failure: always pin the page in madvise_inject_error (bsc#1180258). - commit 7fb306a - x86/mm/ident_map: Check for errors from ident_pud_init() (bsc#1152489). - commit 37afaed - fix patches metadata - fix Patch-mainline: patches.suse/IB-isert-Fix-unaligned-immediate-data-handling.patch patches.suse/IB-mthca-fix-return-value-of-error-branch-in-mthca_i.patch patches.suse/IB-rdmavt-Fix-sizeof-mismatch.patch patches.suse/IB-srpt-Fix-memory-leak-in-srpt_add_one.patch patches.suse/IB-uverbs-Set-IOVA-on-IB-MR-in-uverbs-layer.patch patches.suse/RDMA-bnxt_re-Do-not-add-user-qps-to-flushlist.patch patches.suse/RDMA-core-Fix-bogus-WARN_ON-during-ib_unregister_dev.patch patches.suse/RDMA-core-Fix-reported-speed-and-width.patch patches.suse/RDMA-core-Fix-return-error-value-in-_ib_modify_qp-to.patch patches.suse/RDMA-core-Free-DIM-memory-in-error-unwind.patch patches.suse/RDMA-core-Stop-DIM-before-destroying-CQ.patch patches.suse/RDMA-counter-Allow-manually-bind-QPs-with-different-.patch patches.suse/RDMA-counter-Only-bind-user-QPs-in-auto-mode.patch patches.suse/RDMA-hns-Bugfix-for-memory-window-mtpt-configuration.patch patches.suse/RDMA-netlink-Remove-CAP_NET_RAW-check-when-dump-a-ra.patch patches.suse/RDMA-pvrdma-Fix-missing-kfree-in-pvrdma_register_dev.patch patches.suse/RDMA-qedr-Endianness-warnings-cleanup.patch patches.suse/RDMA-qedr-Fix-memory-leak-in-iWARP-CM.patch patches.suse/RDMA-qedr-SRQ-s-bug-fixes.patch patches.suse/RDMA-rxe-Drop-pointless-checks-in-rxe_init_ports.patch patches.suse/RDMA-rxe-Fix-memleak-in-rxe_mem_init_user.patch patches.suse/RDMA-rxe-Fix-skb-lifetime-in-rxe_rcv_mcast_pkt.patch patches.suse/RDMA-rxe-Fix-the-parent-sysfs-read-when-the-interfac.patch patches.suse/RDMA-rxe-Handle-skb_clone-failure-in-rxe_recv.c.patch patches.suse/RDMA-rxe-Prevent-access-to-wr-next-ptr-afrer-wr-is-p.patch patches.suse/RDMA-rxe-Remove-unused-rxe_mem_map_pages.patch patches.suse/RDMA-rxe-Return-void-from-rxe_init_port_param.patch patches.suse/RDMA-rxe-Return-void-from-rxe_mem_init_dma.patch patches.suse/RDMA-rxe-Skip-dgid-check-in-loopback-mode.patch patches.suse/RDMA-srpt-Fix-typo-in-srpt_unregister_mad_agent-docs.patch - commit 2dad798 - fix patches metadata - fix Patch-mainline: patches.suse/scsi-mpt3sas-add-bypass_dirty_port_flag-parameter patches.suse/scsi-mpt3sas-add-module-parameter-multipath_on_hba patches.suse/scsi-mpt3sas-allocate-memory-for-hba_port-objects patches.suse/scsi-mpt3sas-bump-driver-version-to-35-101-00-00 patches.suse/scsi-mpt3sas-define-hba_port-structure patches.suse/scsi-mpt3sas-get-device-objects-using-sas_address-portid patches.suse/scsi-mpt3sas-get-sas_device-objects-using-device-s-rphy patches.suse/scsi-mpt3sas-handle-vses-vphy-object-during-hba-reset patches.suse/scsi-mpt3sas-handling-hba-vses-device patches.suse/scsi-mpt3sas-rearrange-scsih_mark_responding_sas_device patches.suse/scsi-mpt3sas-rename-transport_del_phy_from_an_existing_port patches.suse/scsi-mpt3sas-set-valid-physicalport-in-smppassthrough patches.suse/scsi-mpt3sas-update-hba_port-objects-after-host-reset patches.suse/scsi-mpt3sas-update-hba_port-s-sas_address-phy_mask - commit a2950eb - EDAC/i10nm: Use readl() to access MMIO registers (bsc#1152489). - commit a3a0100 - series.conf: cleanup - update upstream reference and resort: patches.suse/powerpc-perf-Fix-crash-with-is_sier_available-when-p.patch - commit adb35a0 - rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time (git-fixes). - rtc: hym8563: enable wakeup when applicable (git-fixes). - commit 52e449a ++++ libidn2: - The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later, match factory licenses (bsc#1180138) ------------------------------------------------------------------ ------------------ 2020-12-20 - Dec 20 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - power: supply: bq24190_charger: fix reference leak (git-fixes). - power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching (git-fixes). - HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() (git-fixes). - pwm: lp3943: Dynamically allocate PWM chip base (git-fixes). - pwm: zx: Add missing cleanup in error path (git-fixes). - commit 22a0fb4 ------------------------------------------------------------------ ------------------ 2020-12-18 - Dec 18 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: core: Fix VPD LUN ID designator priorities (bsc#1178049). - commit efdf30e - scsi: mpt3sas: Bump driver version to 35.101.00.00 (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Add module parameter multipath_on_hba (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Handle vSES vphy object during HBA reset (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Add bypass_dirty_port_flag parameter (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Handling HBA vSES device (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Update hba_port objects after host reset (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Get sas_device objects using device's rphy (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Get device objects using sas_address & portID (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Update hba_port's sas_address & phy_mask (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Allocate memory for hba_port objects (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Define hba_port structure (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: A small correction in _base_process_reply_queue (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix sync irqs (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Detect tampered Aero and Sea adapters (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Remove pci-dma-compat wrapper API (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Remove superfluous memset() (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Update driver version to 35.100.00.00 (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Postprocessing of target and LUN reset (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Add functions to check if any cmd is outstanding on Target and LUN (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Rename and export interrupt mask/unmask functions (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Cancel the running work during host reset (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Dump system registers for debugging (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Memset config_cmds.reply buffer with zeros (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Don't call disable_irq from IRQ poll handler (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix set but unused variable (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix error returns in BRM_status_show (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix unlock imbalance (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix memset() in non-RDPQ mode (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix reply queue count in non RDPQ mode (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Fix double free warnings (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Disable DIF when prot_mask set to zero (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Capture IOC data for debugging purposes (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Use true, false for ioc->use_32bit_dma (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Remove NULL check before freeing function (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Update mpt3sas version to 33.101.00.00 (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Handle RDPQ DMA allocation in same 4G region (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Separate out RDPQ allocation to new function (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Rename function name is_MSB_are_same (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: Don't change the DMA coherent mask after allocations (jsc#SLE-16914, bsc#1177733). - scsi: mpt3sas: use true,false for bool variables (jsc#SLE-16914, bsc#1177733). - commit 5bf7889 ------------------------------------------------------------------ ------------------ 2020-12-17 - Dec 17 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tracing: Fix race in trace_open and buffer resize call (CVE-2020-27825 bsc#1179960). - commit c590ed4 - ring-buffer: speed up buffer resets by avoiding synchronize_rcu for each CPU (CVE-2020-27825 bsc#1179960). - commit d308278 - ring-buffer: Make resize disable per cpu buffer instead of total buffer (CVE-2020-27825 bsc#1179960). - commit 95e9004 - Drop a backported uvcvideo patch that caused a regression (bsc#1180117) Also blacklisting the commit - commit b185b93 - x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1152489). - x86/resctrl: Remove unused struct mbm_state::chunks_bw (bsc#1152489). - commit b4996a1 - nvmet-fc: fix missing check for no hostport struct (bsc#1176942). - commit 7fab8fc - scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1171688 bsc#1172733). - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix the call trace for flush workqueue (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix N2N and NVMe connect retry failure (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix FW initialization error on big endian machines (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix crash during driver load on big endian machines (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Don't check for fw_started while posting NVMe command (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Tear down session if FW say it is down (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Limit interrupt vectors to number of CPUs (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Change post del message from debug level to log level (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (bsc#1171688 bsc#1172733). - scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (bsc#1171688 bsc#1172733). - commit 298833c - scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1171688 bsc#1172733). Replace patches.suse/qla2xxx-return-ebusy-on-fcport-deletion.patch with upstream version. - scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Fix return of uninitialized value in rval (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Do not consume srb greedily (bsc#1171688 bsc#1172733). - scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688 bsc#1172733). - commit 3c29fc6 - x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (bsc#1152489). - commit 994c3ae - scsi: qla2xxx: Use constant when it is known (bsc#1171688 bsc#1172733). Refresh: - patches.suse/qla2xxx-return-ebusy-on-fcport-deletion.patch - commit cfc1ae5 - scsi: lpfc: Fix fall-through warnings for Clang (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Correct null ndlp reference on routine exit (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Use generic power management (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix variable 'vport' set but not used in lpfc_sli4_abts_err_handler() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix missing prototype for lpfc_nvmet_prep_abort_wqe() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix set but unused variables in lpfc_dev_loss_tmo_handler() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix set but not used warnings from Rework remote port lock handling (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix missing prototype warning for lpfc_fdmi_vendor_attr_mi() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix memory leak on lcb_context (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Remove dead code on second !ndlp check (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix pointer defereference before it is null checked issue (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Update changed file copyrights for 2020 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4 handlers (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Convert SCSI path to use common I/O submission path (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Enable common send_io interface for SCSI and NVMe (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Enable common wqe_template support for both SCSI and NVMe (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Refactor WQE structure definitions for common use (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix NPIV Fabric Node reference counting (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix NPIV discovery and Fabric Node detection (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Unsolicited ELS leaves node in incorrect state while dropping it (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI ultimately fails (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Rework remote port lock handling (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix removal of SCSI transport device get and put on dev structure (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Rework locations of ndlp reference taking (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Rework remote port ref counting and node freeing (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_nvmet: Fix-up some formatting and doc-rot issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_nvme: Fix some kernel-doc related issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_nvme: Remove unused variable 'phba' (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_bsg: Provide correct documentation for a bunch of functions (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc misdemeanours (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined functions (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Reject CT request for MIB commands (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Add FDMI Vendor MIB support (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Enlarge max_sectors in scsi host templates (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix duplicate wq_create_version check (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix scheduling call while in softirq context in lpfc_unreg_rpi (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: Remove unneeded break statements (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Remove unneeded variable 'status' in lpfc_fcp_cpu_map_store() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Remove set but not used 'qp' (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix spelling mistake "Cant" -> "Can't" (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Extend the RDF FPIN Registration descriptor for additional events (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500). - commit 6c7ebde - soc: amlogic: canvas: add missing put_device() call in meson_canvas_get() (git-fixes). - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (git-fixes). - soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes). - soc: ti: knav_qmss: fix reference leak in knav_queue_probe (git-fixes). - soc: qcom: smp2p: Safely acquire spinlock without IRQs (git-fixes). - soc: mediatek: Check if power domains can be powered on at boot time (git-fixes). - soc/tegra: fuse: Fix index bug in get_process_id (git-fixes). - soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() (git-fixes). - soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (git-fixes). - spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts (git-fixes). - commit 37de46f - platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC (git-fixes). - Refresh patches.suse/platform-x86-intel-vbtn-Allow-switch-events-on-Acer-.patch. - commit b789099 - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (git-fixes). - mtd: rawnand: gpmi: Fix the random DMA timeout issue (git-fixes). - mtd: rawnand: meson: Fix a resource leak in init (git-fixes). - pinctrl: amd: remove debounce filter setting in IRQ type setting (git-fixes). - platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet (git-fixes). - platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (git-fixes). - platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen (git-fixes). - platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e (git-fixes). - commit 3fd302b - mtd: rawnand: gpmi: fix reference count leak in gpmi ops (git-fixes). - mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments (git-fixes). - mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read (git-fixes). - mtd: spinand: Fix OOB read (git-fixes). - mfd: rt5033: Fix errorneous defines (git-fixes). - Input: cm109 - do not stomp on control URB (git-fixes). - Input: i8042 - add Acer laptops to the i8042 reset list (git-fixes). - iwlwifi: mvm: fix kernel panic in case of assert during CSA (git-fixes). - iwlwifi: pcie: limit memory read spin time (git-fixes). - commit d3789b9 - series.conf: refresh - update upstream references and resort: patches.suse/scsi-fnic-avoid-looping-in-trans-eth-on-unload patches.suse/scsi-fnic-change-shost_printk-to-fnic_fcs_dbg patches.suse/scsi-fnic-change-shost_printk-to-fnic_main_dbg patches.suse/scsi-fnic-set-scsi_set_resid-only-for-underflow patches.suse/scsi-fnic-validate-io_req-before-others - commit 3190615 - series.conf: refresh - update upstream reference and resort: patches.suse/ibmvnic-add-some-debugs.patch - commit 5542884 ------------------------------------------------------------------ ------------------ 2020-12-16 - Dec 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix regression in "epoll: Keep a reference on files added to the check list" (bsc#1180031, git-fixes). - commit 775fe31 - RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1152489) - commit b808e1d - RDMA/rxe: Handle skb_clone() failure in rxe_recv.c (bsc#1152489) - commit ad662c6 - RDMA/qedr: Endianness warnings cleanup (bsc#1152489) - commit c3cca6a - do_epoll_ctl(): clean the failure exits up a bit (bsc#1180031,CVE-2020-0466). - epoll: Keep a reference on files added to the check list (bsc#1180031). - commit 5e9b787 - blacklist.conf: bcee52789588 ("tracing: Fix userstacktrace option for instances") The kernel is missing many prerequisities. It is not worth it as it is. - commit e39f16a - Update patch reference for wireless fix (CVE-2020-27068 bsc#1180086) - commit 170f743 - platform/x86: mlx-platform: remove an unused variable (git-fixes). - USB: serial: option: add interface-number sanity check to flag handling (git-fixes). - commit bff4f99 - USB: serial: mos7720: fix parallel-port state restore (git-fixes). - xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (git-fixes). - commit f265436 - USB: serial: digi_acceleport: fix write-wakeup deadlocks (git-fixes). - USB: serial: keyspan_pda: fix write unthrottling (git-fixes). - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free (git-fixes). - USB: serial: keyspan_pda: fix write-wakeup use-after-free (git-fixes). - USB: serial: keyspan_pda: fix stalled writes (git-fixes). - USB: serial: keyspan_pda: fix write deadlock (git-fixes). - USB: serial: keyspan_pda: fix dropped unthrottle interrupts (git-fixes). - usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes). - usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (git-fixes). - usb: mtu3: fix memory corruption in mtu3_debugfs_regset() (git-fixes). - commit 7596d48 - spi: atmel-quadspi: Fix AHB memory accesses (git-fixes). - spi: mt7621: Disable clock in probe error path (git-fixes). - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (git-fixes). - usb/max3421: fix return error code in max3421_probe() (git-fixes). - commit 6c576b3 - spi: davinci: Fix use-after-free on unbind (git-fixes). - spi: fix resource leak for drivers without .remove callback (git-fixes). - spi: mxs: fix reference leak in mxs_spi_probe (git-fixes). - spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (git-fixes). - spi: pic32: Don't leak DMA channels in probe error path (git-fixes). - spi: synquacer: Disable clock in probe error path (git-fixes). - wimax: fix duplicate initializer warning (git-fixes). - commit 51e204b - spi: sprd: fix reference leak in sprd_spi_remove (git-fixes). - spi: atmel-quadspi: Disable clock in probe error path (git-fixes). - spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (git-fixes). - spi: tegra114: fix reference leak in tegra spi ops (git-fixes). - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (git-fixes). - spi: tegra20-slink: fix reference leak in slink ops of tegra20 (git-fixes). - spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe (git-fixes). - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (git-fixes). - spi: stm32: fix reference leak in stm32_spi_resume (git-fixes). - spi: spi-mem: fix reference leak in spi_mem_access_start (git-fixes). - commit 51236be - soc: qcom: geni: More properly switch to DMA mode (git-fixes). - spi: spi-mem: Fix passing zero to 'PTR_ERR' warning (git-fixes). - spi: img-spfi: fix reference leak in img_spfi_resume (git-fixes). - regulator: mcp16502: add linear_min_sel (git-fixes). - regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x (git-fixes). - speakup: fix uninitialized flush_lock (git-fixes). - slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI (git-fixes). - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (git-fixes). - rsi: fix error return code in rsi_reset_card() (git-fixes). - commit 8a400aa - PCI: iproc: Fix out-of-bound array accesses (git-fixes). - platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (git-fixes). - platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (git-fixes). - platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 (git-fixes). - platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (git-fixes). - platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (git-fixes). - Revert "platform/x86: wmi: Destroy on cleanup rather than unregister" (git-fixes). - platform/chrome: cros_ec_spi: Don't overwrite spi::mode (git-fixes). - regmap: Remove duplicate `type` field from regmap `regcache_sync` trace event (git-fixes). - qtnfmac: fix error return code in qtnf_pcie_probe() (git-fixes). - commit 4690027 - PCI: brcmstb: Initialize "tmp" before use (git-fixes). - PCI: Fix pci_slot_release() NULL pointer dereference (git-fixes). - memstick: r592: Fix error return in r592_probe() (git-fixes). - mmc: pxamci: Fix error return code in pxamci_probe (git-fixes). - memstick: fix a double-free bug in memstick_check (git-fixes). - staging: olpc_dcon: Do not call platform_device_unregister() in dcon_probe() (git-fixes). - nfc: s3fwrn5: Release the nfc firmware (git-fixes). - orinoco: Move context allocation after processing the skb (git-fixes). - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (git-fixes). - commit e021aed - Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes). - Input: omap4-keypad - fix runtime PM error handling (git-fixes). - Input: ads7846 - fix unaligned access on 7845 (git-fixes). - Input: ads7846 - fix integer overflow on Rt calculation (git-fixes). - Input: ads7846 - fix race that causes missing releases (git-fixes). - iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (git-fixes). - iio:adc:ti-ads124s08: Fix alignment and data leak issues (git-fixes). - iio:adc:ti-ads124s08: Fix buffer being too long (git-fixes). - iwlwifi: mvm: hook up missing RX handlers (git-fixes). - mac80211: don't set set TDLS STA bandwidth wider than possible (git-fixes). - commit 2fd9b35 - cpufreq: vexpress-spc: Add missing MODULE_ALIAS (git-fixes). - Revert "i2c: i2c-qcom-geni: Fix DMA transfer race" (git-fixes). - iio:pressure:mpl3115: Force alignment of buffer (git-fixes). - iio:magnetometer:mag3110: Fix alignment and data leak issues (git-fixes). - iio:light:st_uvis25: Fix timestamp alignment and prevent data leak (git-fixes). - iio:light:rpr0521: Fix timestamp alignment and prevent data leak (git-fixes). - iio: buffer: Fix demux update (git-fixes). - extcon: max77693: Fix modalias string (git-fixes). - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (git-fixes). - commit 59cf4f4 - cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes). - cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes). - cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes). - cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE (git-fixes). - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes). - cpufreq: ap806: Add missing MODULE_DEVICE_TABLE (git-fixes). - staging: comedi: mf6x4: Fix AI end-of-conversion detection (git-fixes). - bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (git-fixes). - commit 172d8d6 - Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware() (git-fixes). - Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware() (git-fixes). - Bluetooth: hci_h5: fix memory leak in h5_close (git-fixes). - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (git-fixes). - Bluetooth: Fix null pointer dereference in hci_event_packet() (git-fixes). - ath10k: Release some resources in an error handling path (git-fixes). - ath10k: Fix an error handling path (git-fixes). - ath6kl: fix enum-conversion warning (git-fixes). - commit 35aef63 - Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks" (git-fixes). - commit 2779aa4 - IB/srpt: Fix memory leak in srpt_add_one (bsc#1152489) - commit da75bee - RDMA/hns: Bugfix for memory window mtpt configuration (bsc#1152489) - commit 4f3475b - IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1152489) - commit c98a089 - RDMA/pvrdma: Fix missing kfree() in pvrdma_register_device() (bsc#1152489) - commit baad43e - RDMA/qedr: Fix memory leak in iWARP CM (bsc#1152489) - commit db44ceb - RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt() (bsc#1152489) - commit 1de4514 - IB/rdmavt: Fix sizeof mismatch (bsc#1152489) - commit 677c5ba - inet_ecn: Fix endianness of checksum update when setting ECT(1) (git-fixes). - commit 492cf46 - ASoC: amd: change clk_get() to devm_clk_get() and add missed checks (git-fixes). - ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (git-fixes). - ASoC: meson: fix COMPILE_TEST error (git-fixes). - ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes). - ASoC: wm8998: Fix PM disable depth imbalance on error (git-fixes). - ASoC: pcm: DRAIN support reactivation (git-fixes). - ASoC: ti: davinci-mcasp: remove always zero of davinci_mcasp_get_dt_params (git-fixes). - ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode (git-fixes). - ASoC: tegra20-spdif: remove "default m" (git-fixes). - ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control() (git-fixes). - ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes). - ASoC: SOF: control: fix size checks for ext_bytes control .get() (git-fixes). - commit 8f99a8a - ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes). - ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes). - commit 4d4db90 - ALSA: hda: Fix regressions on clear and reconfig sysfs (git-fixes). - commit f6ae090 - ALSA: pcm: oss: Fix potential out-of-bounds shift (git-fixes). - ALSA: rawmidi: Access runtime->avail always in spinlock (git-fixes). - ALSA: seq: remove useless function (git-fixes). - commit 87f324b - ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button (git-fixes). - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (git-fixes). - ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 (git-fixes). - ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop (git-fixes). - ALSA: hda/hdmi: packet buffer index must be set before reading value (git-fixes). - ALSA: hda/hdmi: always print pin NIDs as hexadecimal (git-fixes). - ALSA: hda/proc - print DP-MST connections (git-fixes). - commit b46aa44 - ALSA: usb-audio: Fix potential out-of-bounds shift (git-fixes). - ALSA: usb-audio: Fix control 'access overflow' errors from chmap (git-fixes). - ALSA: usb-audio: Add implicit fb support for Steinberg UR22 (git-fixes). - ALSA: usb-audio: Add quirk for Pioneer DJ DDJ-SR2 (git-fixes). - ALSA: usb-audio: Add support for Pioneer DJ DDJ-RR controller (git-fixes). - commit cbe79ef - Move upstreamed USB-audio patches into sorted section - commit 6078fcf - scsi: fnic: Validate io_req before others (bsc#1175079). - scsi: fnic: Set scsi_set_resid() only for underflow (bsc#1175079). - scsi: fnic: Change shost_printk() to FNIC_MAIN_DBG() (bsc#1175079). - scsi: fnic: Avoid looping in TRANS ETH on unload (bsc#1175079). - scsi: fnic: Change shost_printk() to FNIC_FCS_DBG() (bsc#1175079). - commit 140fd58 ------------------------------------------------------------------ ------------------ 2020-12-15 - Dec 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched/fair: Fix overutilized update in enqueue_task_fair() (git-fixes) - commit aad16e5 - sched: correct SD_flags returned by tl->sd_flags() (git-fixes) - commit 323fa02 - sched/fair: Refill bandwidth before scaling (git-fixes) - commit 6f148d9 - sched/fair: Fix race between runtime distribution and (git-fixes) - commit 73cd7f5 - sched/fair: Fix wrong cpu selecting from isolated domain (git-fixes) - commit c4c367e - Update patches.suse/HID-Fix-slab-out-of-bounds-read-in-hid_field_extract.patch (bsc#1180052). Patch identified as security issue. bsc added. - commit 88ee41b - mm: memcg: fix memcg reclaim soft lockup (VM Functionality, bsc#1180056). - commit 3a73547 - crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (git-fixes). - commit e1943c2 - Update patch reference for audit security fix (CVE-2020-0444 bsc#1180027) - commit 8236de7 - Update patch reference for HID security fix (CVE-2020-0465 bsc#1180029) - commit c0d38cb ------------------------------------------------------------------ ------------------ 2020-12-14 - Dec 14 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: qgroup: don't try to wait flushing if we're already holding a transaction (bsc#1179575). - commit 7eae617 - s390/pci: fix CPU address in MSI for directed IRQ (git-fixes). - s390/qeth: fix tear down of async TX buffers (git-fixes). - s390/qeth: fix af_iucv notification race (git-fixes). - s390/qeth: delay draining the TX buffers (git-fixes). - s390: add 3f program exception handler (git-fixes). - s390/cpuinfo: show processor physical address (git-fixes). - commit 15840e9 - s390/qeth: make af_iucv TX notification call more robust (bsc#1179604 LTC#190151). - commit 1d3596d - x86/apic/vector: Fix ordering in vector assignment (bsc#1156315). - genirq/matrix: Deal with the sillyness of for_each_cpu() on UP (bsc#1156315). - commit 108604c - blacklist.conf: Add a duplicate - commit 5592171 ++++ yast2: - Log more details when several resolvables (instead of a single one) are unexpectedely found (related to bsc#1176276) - 4.2.88 ------------------------------------------------------------------ ------------------ 2020-12-13 - Dec 13 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: usb-audio: workaround for iface reset issue (bsc#1178203). - commit 4121b01 - mmc: block: Fixup condition for CMD13 polling for RPMB requests (git-fixes). - pinctrl: aspeed: Fix GPIO requests on pass-through banks (git-fixes). - pinctrl: baytrail: Avoid clearing debounce value when turning it off (git-fixes). - pinctrl: merrifield: Set default bias in case no particular value given (git-fixes). - gpio: mvebu: fix potential user-after-free on probe (git-fixes). - clk: renesas: r9a06g032: Drop __packed for portability (git-fixes). - USB: serial: ch341: sort device-id entries (git-fixes). - USB: serial: ch341: add new Product ID for CH341A (git-fixes). - USB: serial: option: add support for Thales Cinterion EXS82 (git-fixes). - USB: serial: option: add Fibocom NL668 variants (git-fixes). - commit 4d00577 ------------------------------------------------------------------ ------------------ 2020-12-11 - Dec 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: fix readahead hang and use-after-free after removing a device (bsc#1179963). - commit 170193e - btrfs: fix use-after-free on readahead extent after failure to create it (bsc#1179963). - commit 1429b0b - series.conf: cleanup - update upstream repository URL: patches.suse/ibmvnic-add-some-debugs.patch - move unsortable patches out of sorted section: patches.suse/cifs-set_root_ses-ipc.patch patches.suse/powerpc-rtas-fix-typo-of-ibm-open-errinjct-in-rtas-f.patch - commit 059dfec - series.conf: cleanup - update upstream reference and move into "almost mainline" section: patches.suse/nvme-fc-avoid-calling-_nvme_fc_abort_outstanding_ios-from-interrupt-context.patch - commit e446234 - mm/memory_hotplug: shrink zones when offlining memory (bsc#1177679). - commit ffb1814 - Revert "geneve: pull IP header before ECN decapsulation" (git-fixes). - can: softing: softing_netdev_open(): fix error handling (git-fixes). - mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes). - commit dff69af - drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel (bsc#1152489) - commit 68423a3 - Update patches.suse/tty-Fix-pgrp-locking-in-tiocspgrp.patch (git-fixes bsc#1179745 CVE-2020-29661). - Update patches.suse/tty-Fix-session-locking.patch (bsc#1179745 CVE-2020-29660). Add CVE numbers. - commit 034f28b ++++ libzypp: - Fix lsof monitoring (bsc#1179909) - version 17.25.5 (22) ------------------------------------------------------------------ ------------------ 2020-12-10 - Dec 10 2020 ------------------- ------------------------------------------------------------------ ++++ dmidecode: 1 recommended fix from upstream: - dmidecode-missing-commas.patch: Two missing commas in data arrays cause off-by-one or mangling during index resolution (bsc#1174257). ++++ kernel-default: - fail_function: Remove a redundant mutex unlock (bsc#1149032). - locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1149032). - commit 7d88c68 - blacklist.conf: Blacklist some lockdep updates - commit 2f42c43 - kABI: genirq: add back irq_create_mapping (bsc#1065729). - commit 0788f47 - genirq/irqdomain: Add an irq_create_mapping_affinity() function (bsc#1065729). - commit 1e1b021 - powerpc/64s: Trim offlined CPUs from mm_cpumasks (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253). - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253). - powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest kernels (bsc#1179888 ltc#190253). - powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253). - commit 8cba4ab - powerpc/64s/powernv: Fix memory corruption when saving SLB entries on MCE (jsc#SLE-9246 git-fixes). - commit a63cfa4 - powerpc/pseries: Pass MSI affinity to irq_create_mapping() (bsc#1065729). - ibmvnic: delay next reset if hard reset fails (bsc#1094840 ltc#167098 git-fixes). - ibmvnic: restore adapter state on failed reset (bsc#1152457 ltc#174432 git-fixes). - ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231 git-fixes). - ibmvnic: enhance resetting status check during module exit (bsc#1065729). - ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (FATE#322021 bsc#1040855 ltc#155067 git-fixes). - ibmvnic: notify peers when failover and migration happen (bsc#1044120 ltc#155423 git-fixes). - ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431 ltc#171853 git-fixes). - commit 00d731f - powerpc/64s: Fix allnoconfig build since uaccess flush (bsc#1177666 git-fixes). - commit 87d1aa2 - KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing ESB page (bsc#1156395). - commit be0ace4 - ibmvnic: add some debugs (bsc#1179896 ltc#190255). - commit 0ec6de5 - powerpc/rtas: fix typo of ibm,open-errinjct in rtas filter (CVE-2020-27777 bsc#1179107 bsc#1179887 ltc#190092). - commit 8fcc087 - nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context (bsc#1177326). - commit c6fa2f3 - ftrace: Fix updating FTRACE_FL_TRAMP (git-fixes). - commit e552615 - blacklist.conf: 310e3a4b5a4f ("tracing: Remove WARN_ON in start_thread()") Not really necessary. Just a WARN_ON(). We may reevaluate if someone reports it. - commit b62e034 - fix patches metadata - fix Patch-mainline: patches.suse/0001-HMAT-Register-memory-side-cache-after-parsing.patch patches.suse/0001-HMAT-Skip-publishing-target-info-for-nodes-with-no-o.patch patches.suse/0001-mm-userfaultfd-do-not-access-vma-vm_mm-after-calling.patch - commit 35937c0 ------------------------------------------------------------------ ------------------ 2020-12-9 - Dec 9 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (bsc#1179652). - commit fc46361 - nvme-fabrics: allow to queue requests for live queues (git-fixes). - nvme-tcp: cancel async events before freeing event struct (git-fixes). - nvme-rdma: cancel async events before freeing event struct (git-fixes). - nvme-fc: cancel async events before freeing event struct (git-fixes). - commit bd7db2d - nvme: Revert: Fix controller creation races with teardown (git-fixes). - Delete patches.kabi/nvme-kABI-fixes-for-nvme_ctrl.patch. - commit 6f82fb0 - nvme-multipath: fix deadlock due to head->lock (git-fixes). - nvme: don't protect ns mutation with ns->head->lock (git-fixes). - nvme-multipath: fix deadlock between ana_work and scan_work (git-fixes). - commit d1a90c1 - nvme-fc: remove nvme_fc_terminate_io() (bsc#1177326). - nvme-fc: eliminate terminate_io use by nvme_fc_error_recovery (bsc#1177326). - nvme-fc: remove err_work work item (bsc#1177326). - nvme-fc: track error_recovery while connecting (bsc#1177326). - nvme-fc: shorten reconnect delay if possible for FC (git-fixes). - nvme-fc: wait for queues to freeze before calling (git-fixes). - nvme-fc: fix error loop in create_hw_io_queues (git-fixes). - nvme-fc: fix io timeout to abort I/O (bsc#1177326). - nvme-pci: properly print controller address (git-fixes). - commit 42e24bd - nvme-tcp: optimize queue io_cpu assignment for multiple queue (git-fixes). - Refresh patches.suse/nvme-tcp-have-queue-prod-cons-send-list-become-a-lli.patch. - commit b1bde16 - nvme-tcp: fix possible leakage during error flow (git-fixes). - commit a68cfb4 - Input: xpad - support Ardwiino Controllers (git-fixes). - Input: i8042 - add ByteSpeed touchpad to noloop table (git-fixes). - usbnet: ipheth: fix connectivity with iOS 14 (git-fixes). - commit 8f84738 ------------------------------------------------------------------ ------------------ 2020-12-8 - Dec 8 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes (bsc#1152489). - commit 73ffec0 - x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (bsc#1152489). - commit 0b28903 - x86/resctrl: Fix AMD L3 QOS CDP enable/disable (bsc#1152489). - commit d839ba5 - io_uring: grab ->fs as part of async offload (bsc#1179434 CVE-2020-29373). - commit b260e71 - blacklist.conf: Append 'drm/i915: Avoid mixing integer types during batch copies' - commit 7318e0c - blacklist.conf: Append 'drm/i915: Clear the repeater bit on HDCP disable' - commit c9b3793 - blacklist.conf: Append 'drm/i915: Fix sha_text population code' - commit 3c40ed1 - blacklist.conf: Append 'drm/i915/gem: Delay tracking the GEM context until it is registered' - commit 57a9af9 - blacklist.conf: Append 'drm/amd/powerplay: Fix hardmins not being sent to SMU for RV' - commit 3708b97 - blacklist.conf: Append 'drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()' - commit 13ab26a - Update patches.suse/media-xirlink_cit-add-missing-descriptor-sanity-chec.patch (bsc#1168952 CVE-2020-11668). Added CVE number - commit a0ec304 - blacklist.conf: Append 'drm/i915/gem: Delay tracking the GEM context until it is registered' - commit b9b8698 - drm/imx: tve remove extraneous type qualifier (bsc#1152489) - commit ef93a79 - drm/vc4: hdmi: Avoid sleeping in atomic context (bsc#1152489) Backporting changes: * context fixes - commit 507bd66 - drm/panfrost: increase readl_relaxed_poll_timeout values (bsc#1152472) Backporting changes: * context fixes - commit c82949a - drm/i915/gem: Avoid implicit vmap for highmem on x86-32 (bsc#1152489) Backporting changes: * context fixes - commit 56c13b8 - drm/vc4: crtc: Rework a bit the CRTC state code (bsc#1152472) Backporting changes: * context fixes - commit e8c9179 - drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (bsc#1152489) Backporting changes: * context fixes - commit 620be39 - drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check() (bsc#1152489) - commit fa753cd - drm: mxsfb: check framebuffer pitch (bsc#1152472) Backporting changes: * context fixes - commit 0dd9c60 - drm/panfrost: Ensure GPU quirks are always initialised (bsc#1152489) - commit c088e37 - drm/crc-debugfs: Fix memleak in crc_control_write (bsc#1152472) - commit 7cf7f8b - drm: rcar-du: Put reference to VSP device (bsc#1152489) - commit 3aca956 - drm/radeon: Prefer lower feedback dividers (bsc#1152489) - commit 7479884 - drm/amdgpu: pass NULL pointer instead of 0 (bsc#1152489) Backporting changes: * context fixes - commit 7cc3993 - drm/amd/display: Fix wrong return value in dm_update_plane_state() (bsc#1152489) - commit 7638845 - drm/gma500: fix error check (bsc#1152472) Backporting changes: * context fixes - commit e0b3dc4 - drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel (bsc#1152472) Backporting changes: * context fixes - commit aaeda6a - drm/vkms: fix xrgb on compute crc (bsc#1152472) Backporting changes: * changed filename from vkms_composer.c to vkms_crc.c * context fixes - commit 84538b3 - drm: mxsfb: Remove fbdev leftovers (bsc#1152472) Backporting changes: * context fixes - commit 7b29584 - drm/sun4i: sun8i-csc: Secondary CSC register correction (bsc#1152489) - commit c09dba1 - drm/vc4/vc4_hdmi: fill ASoC card owner (bsc#1152489) - commit afa801d - drm/mediatek: Add missing put_device() call in (bsc#1152472) - commit 2465a49 - drm/mediatek: Add missing put_device() call in mtk_drm_kms_init() (bsc#1152472) Backporting changes: * context fixes * adapted to function layout - commit 187e3d3 - drm/mediatek: Add exception handing in mtk_drm_probe() if component (bsc#1152472) - commit 39014a3 - drm/i915: Fix sha_text population code (bsc#1152489) Backporting changes: * context fixes * adapted I/O functions to old driver - commit d501c26 - fbcon: Remove the superfluous break (bsc#1152472) - commit e00dc98 - video: fbdev: radeon: Fix memleak in radeonfb_pci_register (bsc#1152472) - commit 9657792 - video: fbdev: sis: fix null ptr dereference (bsc#1152472) - commit d833a20 - speakup: Reject setting the speakup line discipline outside of speakup (CVE-2020-27830 bsc#1179656). - commit ec50953 - tty: Fix ->session locking (bsc#1179745). - commit a9a2af9 - Update patches.suse/tty-Fix-pgrp-locking-in-tiocspgrp.patch (git-fixes bsc#1179745). - commit 556ded3 ++++ openssl-1_1: - Fix EDIPARTYNAME NULL pointer dereference (CVE-2020-1971, bsc#1179491) * add openssl-CVE-2020-1971.patch ------------------------------------------------------------------ ------------------ 2020-12-7 - Dec 7 2020 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix: [bsc#1179593, CVE-2020-8286] * Inferior OCSP verification: libcurl offers "OCSP stapling" via the 'CURLOPT_SSL_VERIFYSTATUS' option that, when set, verifies the OCSP response that a server responds with as part of the TLS handshake. It then aborts the TLS negotiation if something is wrong with the response. The same feature can be enabled with '--cert-status' using the curl tool. * As part of the OCSP response verification, a client should verify that the response is indeed set out for the correct certificate. This step was not performed by libcurl when built or told to use OpenSSL as TLS backend. - Add curl-CVE-2020-8286.patch - Security fix: [bsc#1179399, CVE-2020-8285] * FTP wildcard stack overflow: The wc_statemach() internal function has been rewritten to use an ordinary loop instead of the recursive approach. - Add curl-CVE-2020-8285.patch - Security fix: [bsc#1179398, CVE-2020-8284] * Trusting FTP PASV responses: When curl performs a passive FTP transfer, it first tries the 'EPSV' command and if that is not supported, it falls back to using 'PASV'. A malicious server can use the 'PASV' response to trick curl into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed. * The IP address part of the response is now ignored by default, by making 'CURLOPT_FTP_SKIP_PASV_IP' default to '1L'. The same goes for the command line tool, which then might need '--no-ftp-skip-pasv-ip' set to prevent curl from ignoring the address in the server response. - Add curl-CVE-2020-8284.patch ++++ kernel-default: - Update patches.suse/mm-slub-add-missing-tid-bump-in-kmem_cache_alloc_bulk.patch (CVE-2020-29370, bsc#1179435, bsc#1167657, VM functionality). - add reference to CVE and its bsc - commit cc58091 - patches.suse/iommu-amd-Increase-interrupt-remapping-table-limit-t.patch: (bsc#1179652). - commit 34c2dd2 - blacklist.conf: Blacklist fdeb17c70c9e - commit 392d677 - ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716). - commit c86f418 - reiserfs: Fix oops during mount (bsc#1179715). - commit 89f9917 - quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714). - commit 20af897 - reiserfs: Initialize inode keys properly (bsc#1179713). - commit 2b68a22 - udf: Fix memory leak when mounting (bsc#1179712). - commit 816f9a3 - fs: Don't invalidate page buffers in block_write_full_page() (bsc#1179711). - commit 8f6f5ed - mm/error_inject: Fix allow_error_inject function signatures (bsc#1179710). - commit 2c7612f - libfs: fix error cast of negative value in simple_attr_write() (bsc#1179709). - commit 246e7d7 - jbd2: fix up sparse warnings in checkpoint code (bsc#1179707). - commit 15002ce - ubifs: journal: Make sure to not dirty twice for auth nodes (bsc#1179704). - commit 0185a1d - ubifs: dent: Fix some potential memory leaks while iterating entries (bsc#1179703). - commit 32b7d27 - ubifs: xattr: Fix some potential memory leaks while iterating entries (bsc#1179690). - commit 950038e - ubifs: mount_ubifs: Release authentication resource in error handling path (bsc#1179689). - commit 0b68da4 - ubifs: Don't parse authentication mount options in remount process (bsc#1179688). - commit 391f198 - ubifs: Fix a memleak after dumping authentication mount options (bsc#1179687). - commit 3c605f4 - iomap: Set all uptodate bits for an Uptodate page (bsc#1179685). - commit 8e539c4 - iomap: Mark read blocks uptodate in write_begin (bsc#1179684). - commit d032f23 - iomap: Clear page error before beginning a write (bsc#1179683). - commit da58998 - blacklist.conf: Blacklist 50b7d8568008 - commit cc769c4 - fs/ufs: avoid potential u32 multiplication overflow (bsc#1179682). - commit 8289be8 - fs/minix: remove expected error message in block_to_path() (bsc#1179681). - commit 0ea255e - fs/minix: fix block limit check for V1 filesystems (bsc#1179680). - commit 06199cf - fs/minix: set s_maxbytes correctly (bsc#1179679). - commit 69dd22c - fs/minix: reject too-large maximum file size (bsc#1179678). - commit c5b4a77 - fs/minix: don't allow getting deleted inodes (bsc#1179677). - commit cbd9376 - fs/minix: check return value of sb_getblk() (bsc#1179676). - commit 86706a5 - ubifs: Fix wrong orphan node deletion in ubifs_jnl_update|rename (bsc#1179675). - commit 7055a2f - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1179673). - commit d17d948 - ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1179672). - commit ace06ac - ext4: limit entries returned when counting fsmap records (bsc#1179671). - commit 869362f - ext4: fix leaking sysfs kobject after failed mount (bsc#1179670). - commit 2855c18 - x86/mce: Do not overwrite no_way_out if mce_end() fails (bsc#1152489). - commit 016650c - net/x25: prevent a couple of overflows (bsc#1178590). - commit 9618139 - Update patches.suse/xfrm-Fix-memleak-on-xfrm-state-destroy.patch references (add bsc#1158775). - commit f5ca88c - ethtool: fix error handling in ethtool_phys_id (git-fixes). - commit 62d5d56 - blacklist.conf: breaks kABI and is only needed on 32 bit - commit b613713 - blacklist.conf: cleanup, no functional change - commit f5a48eb - USB: serial: kl5kusb105: fix memleak on open (git-fixes). - commit 5939355 - RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1152489) - commit b293ffc - RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1152489) - commit 2686c41 - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() (bsc#1152489) - commit e7b302f - RDMA/hns: Fix missing sq_sig_type when querying QP (bsc#1152489) - commit 428c91c - RDMA/hns: Add check for the validity of sl configuration (bsc#1152489) - commit 1cb3ce0 - RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1152489) - commit 8c66138 - RDMA/mlx5: Disable IB_DEVICE_MEM_MGT_EXTENSIONS if IB_WR_REG_MR can't work (bsc#1152489) - commit a38a25c - RDMA/hns: Set the unsupported wr opcode (bsc#1152489) - commit e06fae1 - RDMA/qedr: Fix iWARP active mtu display (bsc#1152489) - commit d610dee - qede: Notify qedr when mtu has changed (bsc#1152489) - commit 98fc763 - RDMA/qedr: Fix resource leak in qedr_create_qp (bsc#1152489) - commit bdb50f5 - RDMA/qedr: Fix inline size returned for iWARP (bsc#1152489) - commit 1a57d92 - RDMA/qedr: Fix use of uninitialized field (bsc#1152489) - commit 6926fdb - RDMA/qedr: Fix doorbell setting (bsc#1152489) - commit 7085d43 - RDMA/qedr: Fix qp structure memory leak (bsc#1152489) - commit 15f0227 - RDMA/umem: Prevent small pages from being returned by ib_umem_find_best_pgsz() (bsc#1152489) - commit 6fda3ed - RDMA/umem: Fix ib_umem_find_best_pgsz() for mappings that cross a page boundary (bsc#1152489) - commit e3d4c09 - IB/mlx4: Adjust delayed work when a dup is observed (bsc#1152489) - commit f007f05 - IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1152489) - commit b4a4680 - IB/mlx4: Add support for MRA (bsc#1152489) - commit d8e693f - IB/mlx4: Add and improve logging (bsc#1152489) - commit d9fbac5 - IB/isert: Fix unaligned immediate-data handling (bsc#1152489) - commit ff723af - powerpc/numa: Fix a regression on memoryless node 0 (bsc#1179639 ltc#189002). - commit 3324f59 - nvme-rdma: handle unexpected nvme completion data length (bsc#1178612). - commit 302adf9 - tty: Fix ->pgrp locking in tiocspgrp() (git-fixes). - usb: gadget: f_fs: Use local copy of descriptors for userspace copy (git-fixes). - USB: serial: kl5kusb105: fix memleak on open (git-fixes). - USB: serial: option: fix Quectel BG96 matching (git-fixes). - thunderbolt: Fix use-after-free in remove_unplugged_switch() (git-fixes). - coredump: fix core_pattern parse error (git-fixes). - commit c18ac30 - nvme-tcp: avoid repeated request completion (bsc#1179519). - nvme-rdma: avoid repeated request completion (bsc#1179519). - nvme-tcp: avoid race between time out and tear down (bsc#1179519). - nvme-rdma: avoid race between time out and tear down (bsc#1179519). - nvme: introduce nvme_sync_io_queues (bsc#1179519). - nvme-rdma: fix reset hang if controller died in the middle of a reset (bsc#1179519). - nvme-rdma: fix timeout handler (bsc#1179519). - nvme-rdma: serialize controller teardown sequences (bsc#1179519). - nvme-tcp: fix reset hang if controller died in the middle of a reset (bsc#1179519). - nvme-tcp: fix timeout handler (bsc#1179519). - nvme-tcp: serialize controller teardown sequences (bsc#1179519). - nvme: have nvme_wait_freeze_timeout return if it timed out (bsc#1179519). - nvme-fabrics: don't check state NVME_CTRL_NEW for request acceptance (bsc#1179519). - nvme-rdma: fix controller reset hang during traffic (bsc#1179519). - nvme-tcp: fix controller reset hang during traffic (bsc#1179519). - nvme-tcp: optimize network stack with setting msg flags (bsc#1179519). - nvme-tcp: leverage request plugging (bsc#1179519). - nvme-tcp: have queue prod/cons send list become a llist (bsc#1179519). - commit 2ed3c82 - RDMA/core: Fix reported speed and width (bsc#1152489) - commit 8c599c6 - RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1152489) - commit cc6aac8 - RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1152489) - commit e9e9418 - RDMA/bnxt_re: Do not add user qps to flushlist (bsc#1152489) - commit 940898b - RDMA/netlink: Remove CAP_NET_RAW check when dump a raw QP (bsc#1152489) - commit ccd3388 - RDMA/core: Fix return error value in _ib_modify_qp() to negative (bsc#1152489) - commit 687bd9b - RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue (bsc#1152489) - commit 4299c93 - RDMA/qedr: SRQ's bug fixes (bsc#1152489) - commit 9e7f793 - nvme-tcp: set MSG_SENDPAGE_NOTLAST with MSG_MORE when we have (bsc#1179519). - Refresh patches.suse/0004-nvme-tcp-check-page-by-sendpage_ok-before-calling-ke.patch. - commit 32b2bc0 - nvme-tcp: try to send request in queue_rq context (bsc#1179519). - nvme-tcp: avoid scheduling io_work if we are already polling (bsc#1179519). - nvme-tcp: use bh_lock in data_ready (bsc#1179519). - commit 0a88b1e - RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1152489) - commit 3d531e1 - RDMA/rxe: Return void from rxe_init_port_param() (bsc#1152489) - commit d46a4c5 - RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1152489) - commit 2094aae - RDMA/counter: Allow manually bind QPs with different pids to same counter (bsc#1152489) - commit 309f664 - nvme-tcp: fix possible crash in recv error flow (bsc#1179519). - commit 4c08b72 - RDMA/counter: Only bind user QPs in auto mode (bsc#1152489) - commit 72cbdac - RDMA/rxe: Skip dgid check in loopback mode (bsc#1152489) - commit e2d95da - IB/uverbs: Set IOVA on IB MR in uverbs layer (bsc#1152489) - commit b8a964a - nvme-tcp: don't poll a non-live queue (bsc#1179519). - Refresh patches.suse/net-use-skb_queue_empty_lockless-in-busy-poll-contex.patch. - commit f682d57 - RDMA/core: Fix bogus WARN_ON during ib_unregister_device_queued() (bsc#1152489) - commit 3cc3811 - nvme-tcp: break from io_work loop if recv failed (bsc#1179519). - nvme-tcp: move send failure to nvme_tcp_try_send (bsc#1179519). - commit c56582a - RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1152489) - commit e074cd4 - scsi: storvsc: Fix error return in storvsc_probe() (git-fixes). - commit 83d54ae ++++ python3-core: - Adjust sphinx-update-removed-function.patch ++++ patterns-microos: - include cockpit-ws in the cockpit pattern - typo in pattern provides ++++ python3: - Adjust sphinx-update-removed-function.patch ------------------------------------------------------------------ ------------------ 2020-12-6 - Dec 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix patch metadata - fix Patch-mainline: patches.suse/ALSA-usb-audio-Use-ALC1220-VB-DT-mapping-for-ASUS-RO.patch - commit 2b35630 - fix patches metadata - fix Patch-mainline: patches.suse/cifs-allow-syscalls-to-be-restarted-in-__smb_send_rqst-.patch patches.suse/cifs-fix-potential-use-after-free-in-cifs_echo_request-.patch - commit f9b149a - Input: i8042 - fix error return code in i8042_setup_aux() (git-fixes). - i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() (git-fixes). - commit 74aa114 ------------------------------------------------------------------ ------------------ 2020-12-5 - Dec 5 2020 ------------------- ------------------------------------------------------------------ ++++ python3-core: - (bsc#1179630) Update sphinx-update-removed-function.patch to work with all versions of Sphinx (not binding the Python documentation build to the latest verison of Sphinx). Updated version mentioned on gh#python/cpython#13236. ++++ mdadm: - There are some important fixes merged in mdadm upstream which should go with jsc#SLE-13700. This is the update from upstream mdadm including the important fixes we should have. - Detail: show correct raid level when the array is inactive (jsc#SLE-13700) 0095-Detail-show-correct-raid-level-when-the-array-is-ina.patch - Don't create bitmap for raid5 with journal disk (jsc#SLE-13700) 0096-Don-t-create-bitmap-for-raid5-with-journal-disk.patch - Monitor: refresh mdstat fd after select (jsc#SLE-13700) 0097-Monitor-refresh-mdstat-fd-after-select.patch - Monitor: stop notifing about containers. (jsc#SLE-13700) 0098-Monitor-stop-notifing-about-containers.patch - mdmonitor: set small delay once (jsc#SLE-13700) 0099-mdmonitor-set-small-delay-once.patch - Check if other Monitor instance running before fork. (jsc#SLE-13700) 0100-Check-if-other-Monitor-instance-running-before-fork.patch - Super1: allow RAID0 layout setting to be removed. (jsc#SLE-13700) 0101-Super1-allow-RAID0-layout-setting-to-be-removed.patch - Detail: fix segfault during IMSM raid creation (jsc#SLE-13700) 0102-Detail-fix-segfault-during-IMSM-raid-creation.patch - Create.c: close mdfd and generate uevent (jsc#SLE-13700) 0103-Create.c-close-mdfd-and-generate-uevent.patch - imsm: update num_data_stripes according to dev_size (jsc#SLE-13700) 0104-imsm-update-num_data_stripes-according-to-dev_size.patch - imsm: remove redundant calls to imsm_get_map (jsc#SLE-13700) 0105-imsm-remove-redundant-calls-to-imsm_get_map.patch - Monitor: don't use default modes when creating a file (jsc#SLE-13700) 0106-Monitor-don-t-use-default-modes-when-creating-a-file.patch - imsm: limit support to first NVMe namespace (jsc#SLE-13700) 0107-imsm-limit-support-to-first-NVMe-namespace.patch - mdadm: Unify forks behaviour (jsc#SLE-13700) 0108-mdadm-Unify-forks-behaviour.patch - mdadm/Detail: show correct state for clustered array (jsc#SLE-13700) 0109-mdadm-Detail-show-correct-state-for-clustered-array.patch - Make target to install binaries only (jsc#SLE-13700) 0110-Make-target-to-install-binaries-only.patch - udev: start grow service automatically (jsc#SLE-13700) 0111-udev-start-grow-service-automatically.patch ++++ python3: - (bsc#1179630) Update sphinx-update-removed-function.patch to work with all versions of Sphinx (not binding the Python documentation build to the latest verison of Sphinx). Updated version mentioned on gh#python/cpython#13236. ------------------------------------------------------------------ ------------------ 2020-12-4 - Dec 4 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: 586b58cac8b4 exit: Move preemption fixup up, move blocking operations down - commit 280ad3c - cifs: fix DFS mount with cifsacl/modefromsid (bsc#1178270). - commit c824489 - cifs: fix check of tcon dfs in smb1 (bsc#1178270). - commit ff315b4 - cifs: Fix an error pointer dereference in cifs_mount() (bsc#1178270). - commit e5a8cdb - cifs: document and cleanup dfs mount (bsc#1178270). - commit de6694e - cifs: only update prefix path of DFS links in cifs_tree_connect() (bsc#1178270). - commit 1f46cb8 - cifs: fix double free error on share and prefix (bsc#1178270). - commit bf4c8ab - cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect (bsc#1178270). - commit 947bd74 - cifs: handle empty list of targets in cifs_reconnect() (bsc#1178270). - commit 846daee - cifs: rename reconn_inval_dfs_target() (bsc#1178270). - commit 12d8cf3 - cifs: reduce number of referral requests in DFS link lookups (bsc#1178270). - commit cc7ec21 - cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect() (bsc#1178270). - commit b6f05ac - cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1178270). - commit a6a1916 - Update patch reference for rawmidi security fix (CVE-2020-27786 bsc#1179601) - commit 1c4c1fd - cifs: handle hostnames that resolve to same ip in failover (bsc#1178270). - commit cd8e61d - cifs: set up next DFS target before generic_ip_connect() (bsc#1178270). - commit 1099aff - cifs: fix leaked reference on requeued write (bsc#1178270). - commit f474970 - cifs: fix uninitialised lease_key in open_shroot() (bsc#1178270). - commit dbce315 - cifs: ensure correct super block for DFS reconnect (bsc#1178270). - commit 5350fc5 - cifs: do not share tcons with DFS (bsc#1178270). - commit c8f7b47 - powerpc/perf: Fix crash with is_sier_available when pmu is not set (bsc#1179578 ltc#189313). - commit 26fc4d5 - rtw88: debug: Fix uninitialized memory in debugfs code (git-fixes). - geneve: pull IP header before ECN decapsulation (git-fixes). - can: c_can: c_can_power_up(): fix error handling (git-fixes). - can: sun4i_can: sun4i_can_err(): don't count arbitration lose as an error (git-fixes). - can: sja1000: sja1000_err(): don't count arbitration lose as an error (git-fixes). - batman-adv: Don't always reallocate the fragmentation skb head (git-fixes). - batman-adv: Reserve needed_*room for fragments (git-fixes). - batman-adv: Consider fragmentation for needed_headroom (git-fixes). - commit 5d0aad4 ++++ python-urllib3: - Add urllib3-cve-2020-26137.patch. Don't allow control chars in request method. (bsc#1177120, CVE-2020-26137) ++++ system-users: - Remove kvm group from hardware subpackage, since kvm is in its own subpackage (jsc#SLE-11629). ------------------------------------------------------------------ ------------------ 2020-12-3 - Dec 3 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cifs: allow syscalls to be restarted in __smb_send_rqst() (bsc#1176956). - commit 5ae286e - cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944). - commit 1723321 - Delete patches.suse/fs-select.c-batch-user-writes-in-do_sys_poll.patch (bsc#1179419) This patch causes a regression and while we are not 100% sure it does not just trigger a bug somewhere else, as it's only a performance optimization, dropping it for now is the safer option. - commit b48bf35 - cifs: add NULL check for ses->tcon_ipc (bsc#1178270). - commit 0e24399 - Revert "xfs: complain if anyone tries to create a too-large buffer" This reverts commit 293e483ad8434ee10a65f76743a0a654e34e76c6. References: bsc#1179425, bsc#1179550 - commit d88fa75 - x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb (bsc#1152489). - commit bc73dfb - x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (bsc#1152489). - commit 506cd70 - x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (bsc#1152489). - commit 5e0ddcd - USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo A630Z TIO built-in usb-audio card (git-fixes). - HID: Add Logitech Dinovo Edge battery quirk (git-fixes). - HID: logitech-hidpp: Add HIDPP_CONSUMER_VENDOR_KEYS quirk for the Dinovo Edge (git-fixes). - HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice devices (git-fixes). - HID: hid-sensor-hub: Fix issue with devices with no report ID (git-fixes). - HID: add support for Sega Saturn (git-fixes). - HID: cypress: Support Varmilo Keyboards' media hotkeys (git-fixes). - HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off keypresses (git-fixes). - HID: uclogic: Add ID for Trust Flex Design Tablet (git-fixes). - Input: i8042 - allow insmod to succeed on devices without an i8042 controller (git-fixes). - commit 79be581 - kABI workaround for HD-audio generic parser (git-fixes). - commit 233e3cc - ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model (git-fixes). - ALSA: hda/realtek: Fix bass speaker DAC assignment on Asus Zephyrus G14 (git-fixes). - ALSA: hda/generic: Add option to enforce preferred_dacs pairs (git-fixes). - ASoC: wm_adsp: fix error return code in wm_adsp_load() (git-fixes). - ASoC: Intel: bytcr_rt5640: Fix HP Pavilion x2 Detachable quirks (git-fixes). - ALSA: usb-audio: US16x08: fix value count for level meters (git-fixes). - ALSA: hda/realtek - Add new codec supported for ALC897 (git-fixes). - ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 (git-fixes). - ALSA: hda/realtek - Fixed Dell AIO wrong sound tone (git-fixes). - commit c480457 ++++ libzypp: - Prevent librpmDb iterator from accidentally creating an empty rpmdb in / (repoened bsc#1178910) - Fix update of gpg keys with elongated expire date (bsc#1179222) - needreboot: remove udev from the list (bsc#1179083) - Prefer /run over /var/run. - version 17.25.4 (22) ------------------------------------------------------------------ ------------------ 2020-12-2 - Dec 2 2020 ------------------- ------------------------------------------------------------------ ++++ audit-secondary: - Enable Aarch64 processor support. (bsc#1179515) ++++ kernel-default: - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (bsc#1179204). - commit 6bb3d8f - crypto: sun4i-ss - add the A33 variant of SS (git-fixes). - commit efe059b - Update kabi files. - update to December 2020 maintenance update submission (commit 1069cd144905) - commit 7054e5b - btrfs: qgroup: don't commit transaction when we already hold the handle (bsc#1178634). - commit a88c82a ++++ audit: - Enable Aarch64 processor support. (bsc#1179515) ++++ util-linux: - libblkid: Do not trigger CDROM autoclose (bsc#1084671, util-linux-libblkid-cdrom-autoclose-1.patch, util-linux-libblkid-cdrom-autoclose-2.patch, util-linux-libblkid-cdrom-autoclose-3.patch). ++++ openssh: - Add openssh-CVE-2020-14145-information-leak.patch (CVE-2020-14145, bsc#1173513). This partially mitigates a potential information leak during host key exchange that could be exploited by a man-in-the-middle attacker. ++++ patterns-base: - Use requires in update-test pattern so it also works when installing with recommends disabled. - Require update-test pattern from sw_management pattern instead of subtle supplements for same reason. ++++ patterns-microos: - pull in grub2-snapper-plugin ++++ util-linux-systemd: - libblkid: Do not trigger CDROM autoclose (bsc#1084671, util-linux-libblkid-cdrom-autoclose-1.patch, util-linux-libblkid-cdrom-autoclose-2.patch, util-linux-libblkid-cdrom-autoclose-3.patch). ------------------------------------------------------------------ ------------------ 2020-12-1 - Dec 1 2020 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-33-d12420cc66e6d26a9dff6c0e86e00de232151c82.patch * Avoid semicolon within (t)csh login script on S/390. (bsc#1179431) ++++ kernel-default: - xfs: prohibit fs freezing when using empty transactions (bsc#1179442). - commit e04335b - patches.suse/nvme-force-complete-cancelled-requests.patch: (bsc#1175995,bsc#1178756,jsc#SLE-15608). Without this we can end up with a series of nvme QID timeouts, regardless of filesystem when fstests is used or any error injection mechanism is used. Without this fix, we end up with 9 failures on xfs, but due to its generic nature, will likely end up with other failures on other filesystems. This does not allow a clean slate reliable fstests run. This fixes that issue. Through code inspection I found these changes were already present on SLE15-SP3 but not on SLE15-SP2. - commit 9b6b1bb - patches.suse/blk-mq-blk-mq-provide-forced-completion-method.patch: (bsc#1175995,jsc#SLE-15608,bsc#1178756). - commit 88f0b07 - HMAT: Skip publishing target info for nodes with no online memory (bsc#1178660). - HMAT: Register memory-side cache after parsing (bsc#1178660). - commit c10070c - btrfs: allow btrfs_truncate_block() to fallback to nocow for data space reservation (bsc#1161099). - commit 9a9387d - rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082). - commit 76a9256 - blacklist.conf: Remove duplicate entry (git-fixes) - commit 9169068 - devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353). - net: ena: fix packet's addresses for rx_offset feature (bsc#1174852). - net: ena: handle bad request id in ena_netdev (bsc#1174852). - RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP (jsc#SLE-8449). - RDMA/hns: Fix wrong field of SRQ number the device supports (jsc#SLE-8449). - commit e8d7cf3 - fix patches metadata - fix Patch-mainline: patches.suse/mm-gup-allow-FOLL_FORCE-for-get_user_pages_fast.patch patches.suse/mm-ksm-fix-NULL-pointer-dereference-when-KSM-zero-page-is-enabled.patch patches.suse/mm-mempolicy-require-at-least-one-nodeid-for-MPOL_PREFERRED.patch patches.suse/mm-swap-make-page_evictable-inline.patch patches.suse/mm-swap-use-smp_mb__after_atomic-to-order-LRU-bit-set.patch - commit 6289c65 - Update patches.suse/mm-mmap-c-close-race-between-munmap-and-expand_upwards-downwards.patch (bsc#1174527, bsc#1179432, CVE-2020-29369). - commit f55babe ++++ python3-core: - Add CVE-2020-27619-no-eval-http-content.patch fixing CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support calls eval() on content retrieved via HTTP. - Add patch sphinx-update-removed-function.patch to no longer call a now removed function (gh#python/cpython#13236). As a consequence, no longer pin Sphinx version. ++++ patterns-microos: - pull in update-test pattern during beta test ++++ python3: - Add CVE-2020-27619-no-eval-http-content.patch fixing CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support calls eval() on content retrieved via HTTP. - Add patch sphinx-update-removed-function.patch to no longer call a now removed function (gh#python/cpython#13236). As a consequence, no longer pin Sphinx version. ------------------------------------------------------------------ ------------------ 2020-11-30 - Nov 30 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Updatged to latest upstream, including: * iscsiadm: Optimize the the verification of mode paramters * iscsid: Poll timeout value to 1 minute for iscsid * iscsiadm: fix host stats mode coredump * iscsid: fix logging level when starting and shutting down daemon * Updated iscsiadm man page. * Fix memory leak in sysfs_get_str * libopeniscsiusr: Compare with max int instead of max long - Systemd unit files should not depend on network.target (bsc#1179440), updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - romfs: fix uninitialized memory leak in romfs_dev_read() (CVE-2020-29371 bsc#1179429). - commit aaf36e7 - patches.suse/block-Fix-use-after-free-in-blkdev_get.patch: Update tags (bsc#1173834 bsc#1179141 CVE-2020-15436). - commit 6c1fbdb - cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426). - commit b7a0fce - Convert trailing spaces and periods in path components (bsc#1179424). - commit 88891c3 - cifs: remove bogus debug code (bsc#1179427). - commit 8a0ced9 - blacklist.conf: printk: cosmetic; documentation - commit 609fe64 - blacklist.conf: printk: just a preparation step for lockless ringbuffer. - commit 8515274 - scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section - commit 965157e - RDMA/core: Free DIM memory in error unwind (bsc#1152489) - commit 21b1eaa - RDMA/core: Stop DIM before destroying CQ (bsc#1152489) - commit 5bb1399 - video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes). - commit 1b3b221 - hv_balloon: disable warning when floor reached (git-fixes). - commit 09540b9 - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)). - commit d498a49 - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)). - commit 82f5309 - mm: swap: use smp_mb__after_atomic() to order LRU bit set (git fixes (mm/vmscan)). - mm: swap: make page_evictable() inline (git fixes (mm/vmscan)). - commit b3e8c49 - blacklist.conf: KASAN is not enabled - commit b3c7026 - blacklist.conf: Supported arches enable SPARSEMEM_VMEMMAP - commit 928fb30 - mm/gup: allow FOLL_FORCE for get_user_pages_fast() (git fixes (mm/gup)). - commit b4797b5 - blacklist.conf: GUP benchmark not enabled in Kconfig - commit d60c94e - efi/x86: Fix the deletion of variables in mixed mode (git-fixes). - commit dd05038 - efi: EFI_EARLYCON should depend on EFI (git-fixes). - efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes). - efi/efivars: Set generic ops before loading SSDT (git-fixes). - efi/x86: Free efi_pgd with free_pages() (git-fixes). - efi: efibc: check for efivars write capability (git-fixes). - efi: add missed destroy_workqueue when efisubsys_init fails (git-fixes). - efi: provide empty efi_enter_virtual_mode implementation (git-fixes). - efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes). - efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes). - efi/x86: Ignore the memory attributes table on i386 (git-fixes). - efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes). - efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes). - efi/x86: Don't panic or BUG() on non-critical error conditions (git-fixes). - efi/x86: Map the entire EFI vendor string before copying it (git-fixes). - commit aaf9d90 ------------------------------------------------------------------ ------------------ 2020-11-29 - Nov 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix patches metadata - fix Patch-mainline: patches.suse/s390-cpum_sf-c-fix-file-permission-for-cpum_sfb_size patches.suse/s390-dasd-fix-null-pointer-dereference-for-erp-requests patches.suse/s390-pkey-fix-paes-selftest-failure-with-paes-and-pkey-static-build - commit c3e5681 - USB: core: Change %pK for __user pointers to %px (git-fixes). - USB: core: Fix regression in Hercules audio card (git-fixes). - usb: gadget: Fix memleak in gadgetfs_fill_super (git-fixes). - usb: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes). - commit ae495c3 ------------------------------------------------------------------ ------------------ 2020-11-28 - Nov 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes). - can: gs_usb: fix endianess problem with candleLight firmware (git-fixes). - batman-adv: set .owner to THIS_MODULE (git-fixes). - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes). - iwlwifi: mvm: write queue_sync_state only for sync (git-fixes). - platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes). - platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time (git-fixes). - commit 767fda0 ------------------------------------------------------------------ ------------------ 2020-11-27 - Nov 27 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: revert "xfs: fix rmap key and record comparison functions" (git-fixes). - commit 308ebc7 ++++ python3-core: - Pin Sphinx version to fix doc subpackage ++++ libzypp: - RepoManager: Carefully tidy up the caches. Remove non-directory entries. (bsc#1178966) - RpmDb: If no database exists use the _dbpath configured in rpm. Still makes sure a compat symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. (bsc#1178910) - Url: Hide known password entries when writing the query part (bsc#1050625 bsc#1177583, CVE-2017-9271) - adapt testcase to change introduced by libsolv#402. - RepoManager: Force refresh if repo url has changed (bsc#1174016) - RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe (bsc#1177427, Fixes openSUSE/zypper#357). - version 17.25.3 (22) ++++ patterns-microos: - created pattern cockpit ++++ python3: - Pin Sphinx version to fix doc subpackage ++++ zypper: - Avoid translated text in xml attributes ( fixes #361 ) - BuildRequires: libzypp-devel >= 17.25.3. Adapt to new LoadTestcase API. - version 1.14.41 ------------------------------------------------------------------ ------------------ 2020-11-26 - Nov 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ceph: downgrade warning from mdsmap decode to debug (bsc#1178653). - ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635). - commit b0ab459 - s390/dasd: fix null pointer dereference for ERP requests (git-fixes). - s390/cpum_sf.c: fix file permission for cpum_sfb_size (git-fixes). - s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes). - s390/bpf: Fix multiple tail calls (git-fixes). - commit d7dbfa4 - powerpc/pseries: new lparcfg key/value pair: partition_affinity_score (jsc#SLE-16360 jsc#SLE-16915). - powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jsc#SLE-16360 jsc#SLE-16915). - commit 918cff8 - tpm: efi: Don't create binary_bios_measurements file for an empty log (git-fixes). - x86/i8259: Use printk_deferred() to prevent deadlock (git-fixes). - commit 91b284d - scsi: core: Return BLK_STS_AGAIN for ALUA transitioning (bsc#1165933, bsc#1171000). - commit 56a64e3 ++++ kernel-default-base: - Add wireguard (boo#1179225) ------------------------------------------------------------------ ------------------ 2020-11-25 - Nov 25 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Update lvm2.spec file (bsc#1177533) - in %postun, disable restart blk-availability.service & lvm2-monitor.service ++++ kernel-default: - btrfs: fix relocation failure due to race with fallocate (bsc#1179217). - commit e680b1d - btrfs: rename btrfs_insert_clone_extent() to a more generic name (bsc#1179217). - commit 27c703c - arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes). - commit 36b05ae - arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes). - commit 858be95 - arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes). - commit 5a17bb5 - arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes). - commit b4307bb - arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes). - commit dfebf26 - arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes). - commit 4eec57a - arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes). - commit 8bd0d47 - arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes). - commit 62c9be4 - arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes). - commit b68f0fe - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes). - commit 99df01c - arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes). - commit 1af8481 - arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes). - commit de53464 - arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes). - commit 6169028 - btrfs: rename btrfs_punch_hole_range() to a more generic name (bsc#1179217). - commit ae0b28b - arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes). - commit 044ef73 - arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes). - commit f6b3b97 - btrfs: rename struct btrfs_clone_extent_info to a more generic name (bsc#1179217). - commit de43bbe - arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes). - commit 937dc61 - arm64: vdso: Add '-Bsymbolic' to ldflags (git-fixes). - commit 96e1736 - btrfs: remove item_size member of struct btrfs_clone_extent_info (bsc#1179217). - commit d01ef40 - arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes). - commit c7c922c - btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217). - commit 68ec4df - arm64: bpf: Fix branch offset in JIT (git-fixes). - commit dcf0a55 - btrfs: fix bytes_may_use underflow in prealloc error condtition (bsc#1179217). - commit c6b65e2 - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211). - commit 17e4326 - Fix wrongly set CONFIG_SOUNDWIRE=y (bsc#1179201) CONFIG_SOUNDWIRE was mistakenly set as built-in. Mark it as module. - commit 8298c55 - ACPICA: Add NHLT table signature (bsc#1176200). - commit c68e192 - arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs (git-fixes). - commit 2b0db2e - arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes). - commit 8d1bf8e - KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't return SMCCC_RET_NOT_REQUIRED (git-fixes). - commit 3fc2241 - qla2xxx: Add MODULE_VERSION back to driver (bsc#1179160). - commit 5e4a1f7 - efivarfs: fix memory leak in efivarfs_create() (git-fixes). - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes). - mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes). - hwmon: (pwm-fan) Fix RPM calculation (git-fixes). - ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes). - commit 0493181 - Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076). - modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076). - commit 09c2c7d ++++ lvm2: - Update lvm2.spec file (bsc#1177533) - in %postun, disable restart blk-availability.service & lvm2-monitor.service ++++ python3-core: - Change setuptools and pip version numbers according to new wheels - Add ignore_pip_deprec_warn.patch to switch of persistently failing test. ++++ libxml2: - Avoid quadratic checking of identity-constraints: [bsc#1178823] * key/unique/keyref schema attributes currently use qudratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. - Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch ++++ patterns-microos: - added vim-small to the default pattern ++++ python3: - Change setuptools and pip version numbers according to new wheels - Add ignore_pip_deprec_warn.patch to switch of persistently failing test. ------------------------------------------------------------------ ------------------ 2020-11-24 - Nov 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update patches.suse/icmp-randomize-the-global-rate-limiter.patch references (add CVE-2020-25705 bsc#1175721). - commit 302c097 - fix patches metadata - fix Patch-mainline: patches.suse/sched-Fix-rq-nr_iowait-ordering.patch patches.suse/sched-fair-Ensure-tasks-spreading-in-LLC-during-LB.patch patches.suse/sched-fair-Fix-unthrottle_cfs_rq-for-leaf_cfs_rq-list.patch - commit 07cd2c9 - blacklist.conf: Kernel building with clang is not supported - commit 66e9cbf - sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (git fixes (sched)). - commit 155f594 - sched: Fix rq->nr_iowait ordering (git fixes (sched)). - commit 0f2faa6 - sched/fair: Ensure tasks spreading in LLC during LB (git fixes (sched)). - commit f2af668 - blacklist.conf: Alternative KABI-safe fix used instead (bnc#1178227) - commit 307bf60 - net: sctp: Rename fallthrough label to unhandled (bsc#1178203). - commit 6ea8e73 - blacklist.conf: breaks kABI - commit c7c8b0d - timer: Fix wheel index calculation on last level (git-fixes). - commit 7f8a2b1 - timer: Prevent base->clk from moving backward (git-fixes). - commit 48a61b6 - Update patch reference for serial security fix (CVE-2020-15437 bsc#1179140) - commit 195abfd - s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (bsc#1177070 LTC#188342). - s390/zcrypt: fix kmalloc 256k failure (bsc#1177066 LTC#188341). - commit 0bca1b7 - s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175918 LTC#187935). - commit 142fe1e - video: hyperv_fb: include vmalloc.h (git-fixes). - commit 9598448 - compiler_attributes.h: Add 'fallthrough' pseudo keyword for switch/case use (bsc#1178203). - commit 83cd53c - ALSA: usb-audio: Fix MOTU M-Series quirks (bsc#1178203). - ALSA: usb-audio: Fix quirks for other BOSS devices (bsc#1178203). - ALSA: usb-audio: Add implicit_fb module option (bsc#1178203). - ALSA: usb-audio: Add generic implicit fb parsing (bsc#1178203). - ALSA: usb-audio: Factor out the implicit feedback quirk code (bsc#1178203). - ALSA: usb-audio: Quirk for BOSS GT-001 (bsc#1178203). - ALSA: usb-audio: Show sync endpoint information in proc outputs (bsc#1178203). - ALSA: usb-audio: Use unsigned char for iface and altsettings fields (bsc#1178203). - ALSA: usb-audio: Replace slave/master terms (bsc#1178203). - ALSA: usb-audio: Simplify rate_min/max and rates set up (bsc#1178203). - ALSA: usb-audio: Unify the code for the next packet size calculation (bsc#1178203). - ALSA: usb-audio: Drop unneeded snd_usb_substream fields (bsc#1178203). - ALSA: usb-audio: Refactoring endpoint URB deactivation (bsc#1178203). - ALSA: usb-audio: Use atomic_t for endpoint use_count (bsc#1178203). - ALSA: usb-audio: Constify audioformat pointer references (bsc#1178203). - ALSA: usb-audio: Fix possible stall of implicit fb packet ring-buffer (bsc#1178203). - ALSA: usb-audio: Refactor endpoint management (bsc#1178203). - ALSA: usb-audio: Fix EP matching for continuous rates (bsc#1178203). - ALSA: usb-audio: Always set up the parameters after resume (bsc#1178203). - ALSA: usb-audio: Set callbacks via snd_usb_endpoint_set_callback() (bsc#1178203). - ALSA: usb-audio: Stop both endpoints properly at error (bsc#1178203). - ALSA: usb-audio: Simplify snd_usb_init_pitch() arguments (bsc#1178203). - ALSA: usb-audio: Simplify snd_usb_init_sample_rate() arguments (bsc#1178203). - ALSA: usb-audio: Pass snd_usb_audio object to quirk functions (bsc#1178203). - ALSA: usb-audio: Don't set altsetting before initializing sample rate (bsc#1178203). - ALSA: usb-audio: Add snd_usb_get_host_interface() helper (bsc#1178203). - ALSA: usb-audio: Drop keep_interface flag again (bsc#1178203). - ALSA: usb-audio: Create endpoint objects at parsing phase (bsc#1178203). - ALSA: usb-audio: Avoid doubly initialization for implicit fb (bsc#1178203). - ALSA: usb-audio: Drop debug.h (bsc#1178203). - ALSA: usb-audio: Simplify hw_params rules (bsc#1178203). - ALSA: usb-audio: Add hw constraint for implicit fb sync (bsc#1178203). - ALSA: usb-audio: Move snd_usb_autoresume() call out of setup_hw_info() (bsc#1178203). - ALSA: usb-audio: Track implicit fb sync endpoint in audioformat list (bsc#1178203). - ALSA: usb-audio: Improve some debug prints (bsc#1178203). - ALSA: usb-audio: Set and clear sync EP link properly (bsc#1178203). - ALSA: usb-audio: Add snd_usb_get_endpoint() helper (bsc#1178203). - ALSA: usb-audio: Check implicit feedback EP generically for UAC2 (bsc#1178203). - ALSA: usb-audio: Check valid altsetting at parsing rates for UAC2/3 (bsc#1178203). - ALSA: usb-audio: Don't call usb_set_interface() at trigger callback (bsc#1178203). - ALSA: usb-audio: Handle discrete rates properly in hw constraints (bsc#1178203). - commit 25f15d1 ++++ python3-core: - Replace bundled wheels for pip and setuptools with the updated ones (bsc#1176262 CVE-2019-20916). ++++ python3: - Replace bundled wheels for pip and setuptools with the updated ones (bsc#1176262 CVE-2019-20916). ++++ salt: - Fix syntax error on pkgrepo state with Python 2.7 - transactional_update: unify with chroot.call - Add "migrated" state and GPG key management functions - Master can read grains - Fix for broken psutil (bsc#1102248) - Fix novendorchange handling in zypperpkg module - Added: * add-migrated-state-and-gpg-key-management-functions-.patch * fix-for-bsc-1102248-psutil-is-broken-and-so-process-.patch * fix-novendorchange-option-284.patch * grains-master-can-read-grains.patch * transactional_update-unify-with-chroot.call.patch * pkgrepo-support-python-2.7-function-call-294.patch ------------------------------------------------------------------ ------------------ 2020-11-23 - Nov 23 2020 ------------------- ------------------------------------------------------------------ ++++ kdump: - kdump-remove-console-hvc0-from-commandline.patch: remove console=hvc0 from commandline (bsc#1173914). - kdump-set-serial-console-from-Xen-cmdline.patch: set serial console from Xen cmdline (bsc#1173914). ++++ kernel-default: - powerpc/rtas: Restrict RTAS requests from userspace (CVE-2020-27777 bsc#1179107). Update config files. - commit 4d9370a - net/mlx5: E-Switch, Fail mlx5_esw_modify_vport_rate if qos disabled (jsc#SLE-8464). - net/mlx5: Clear bw_share upon VF disable (jsc#SLE-8464). - ionic: check port ptr before use (bsc#1167773). - bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274). - bnxt_en: Check abort error state in bnxt_open_nic() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Invoke cancel_delayed_work_sync() for PFs also (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one() (jsc#SLE-8371 bsc#1153274). - RDMA/mlx5: Fix devlink deadlock on net namespace deletion (jsc#SLE-8464). - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1154353). - RDMA/hns: Fix the wrong value of rnr_retry when querying qp (jsc#SLE-8449). - RDMA/hns: Solve the overflow of the calc_pg_sz() (jsc#SLE-8449). - RDMA/qedr: Fix return code if accept is called on a destroyed qp (jsc#SLE-8215). - RDMA/ucma: Add missing locking around rdma_leave_multicast() (git-fixes). - net: fix pos incrementment in ipv6_route_seq_next (bsc#1154353). - bnxt_en: return proper error codes in bnxt_show_temp (git-fixes). - igc: Fix not considering the TX delay for timestamps (bsc#1160634). - igc: Fix wrong timestamp latency numbers (bsc#1160634). - bnxt_en: Fix NULL ptr dereference crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274). - commit b757d92 - Update patch reference tag for fbcon fix (CVE-2020-28974 bsc#1178589) - commit 4526eab - powerpc/uaccess: Evaluate macro arguments once, before user access is allowed (CVE-2020-4788 bsc#1177666). - commit 3a6dc74 - usb: core: driver: fix stray tabs in error messages (git-fixes). - commit a37b0ae - Revert "cdc-acm: hardening against malicious devices" (git-fixes). - commit 1bc383a - x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1152489). - commit 8621df1 - powerpc/pseries: Add KVM guest doorbell restrictions (jsc#SLE-15869 jsc#SLE-16321). - powerpc/pseries: Use doorbells even if XIVE is available (jsc#SLE-15869 jsc#SLE-16321). - powerpc: Inline doorbell sending functions (jsc#SLE-15869 jsc#SLE-16321). - commit 1caac5a - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1152489). - commit 7689d05 - rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for "grep -E". So use the latter instead. - commit 63d7072 - series.conf: cleanup - update upstream reference and resort: patches.suse/scsi-libiscsi-fix-nop-race-condition - commit 8f31344 - fix patch metadata - fix Patch-mainline: patches.suse/0001-mm-THP-swap-fix-allocating-cluster-for-swapfile-by-m.patch - commit 47f49e5 - blacklist.conf: ffedeeb780dc linkage: Introduce new macros for assembler symbols - commit 3f22bb2 - kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - commit adf56a8 - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - commit 61bc819 - HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes). - HID: logitech-dj: Fix an error in mse_bluetooth_descriptor (git-fixes). - HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes). - HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes). - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes). - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes). - iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes). - iio: adc: mediatek: fix unset field (git-fixes). - tty: serial: imx: keep console clocks always on (git-fixes). - tty: serial: imx: fix potential deadlock (git-fixes). - mac80211: always wind down STA state (git-fixes). - commit 0772cb9 - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - commit d9b4c40 - speakup: Do not let the line discipline be used several times (CVE-2020-28941 bsc#1178740). - commit 94aeaf9 - blacklist.conf: add two more bpf commits 197afc631413 libbpf: Don‘t attempt to load unused subprog as an entry-point BPF program 2acc3c1bc8e9 selftests/bpf: Fix error return code in run_getsockopt_test() - commit d1b0a66 - lib/strncpy_from_user.c: Mask out bytes after NUL terminator (bsc#1155518). - commit c5101f8 ------------------------------------------------------------------ ------------------ 2020-11-22 - Nov 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kABI workaround for USB audio driver (bsc#1178203). - commit 9a89b5e ------------------------------------------------------------------ ------------------ 2020-11-21 - Nov 21 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - lvcreate not wiping the lvm signature without prompting with --yes parameter (bsc#1177734) + bug-1177734_raid-no-wiping-when-zeroing-raid-metadata-device.patch ++++ kernel-default: - EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001). - EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001). - commit 5ad6aa8 - EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001). - Refresh patches.suse/edac-amd64-add-amd-family-17h-model-60h-pci-ids.patch. - Refresh patches.suse/edac-amd64-add-family-ops-for-family-19h-models-00h-0fh.patch. - Refresh patches.suse/edac-amd64-add-pci-device-ids-for-family-17h-model-70h.patch. - Refresh patches.suse/edac-amd64-save-max-number-of-controllers-to-family-type.patch. - commit 889ea68 - ALSA: usb-audio: Support PCM sync_stop (bsc#1178203). - Refresh patches.suse/ALSA-usb-audio-Fix-potential-use-after-free-of-strea.patch. - Refresh patches.suse/ALSA-usb-audio-set-the-interface-format-after-resume.patch. - commit 0f18878 - ALSA: usb-audio: Use ALC1220-VB-DT mapping for ASUS ROG Strix TRX40 mobo (bsc#1178203). - ALSA: usb-audio: Correct wrongly matching entries with audio class (bsc#1178203). - ALSA: usb-audio: Properly match with audio interface class (bsc#1178203). - ALSA: usb-audio: Simplify quirk entries with a macro (bsc#1178203). - ALSA: usb-audio: Move device rename and profile quirks to an internal table (bsc#1178203). - ALSA: usb-audio: Use managed buffer allocation (bsc#1178203). - ALSA: usb-audio: Convert to the common vmalloc memalloc (bsc#1178203). - commit 535b061 - ASoC: qcom: lpass-platform: Fix memory leak (git-fixes). - ALSA: mixart: Fix mutex deadlock (git-fixes). - ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes). - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes). - ALSA: ctl: fix error path at adding user-defined element set (git-fixes). - ALSA: hda/realtek - HP Headset Mic can't detect after boot (git-fixes). - ALSA: hda/realtek - Add supported mute Led for HP (git-fixes). - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes). - ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes). - commit 55dbb32 - EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001). - commit 263a905 - EDAC/amd64: Gather hardware information early (bsc#1179001). - Refresh patches.suse/edac-amd64-save-max-number-of-controllers-to-family-type.patch. - commit 23c7468 - EDAC/amd64: Save max number of controllers to family type (bsc#1179001). Refresh patches.suse/edac-amd64-add-family-ops-for-family-19h-models-00h-0fh.patch. - EDAC/amd64: Make struct amd64_family_type global (bsc#1179001). - commit 7a2a5fc ++++ lvm2: - lvcreate not wiping the lvm signature without prompting with --yes parameter (bsc#1177734) + bug-1177734_raid-no-wiping-when-zeroing-raid-metadata-device.patch ------------------------------------------------------------------ ------------------ 2020-11-20 - Nov 20 2020 ------------------- ------------------------------------------------------------------ ++++ kdump: - kdump-do-not-add-rd.neednet.patch: Do not add 'rd.neednet=1' to dracut command line (bsc#1177196). ++++ kernel-default: - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install - commit 13bd533 - powerpc/32s: Prepare prevent_user_access() for user_access_end() (CVE-2020-4788 bsc#1177666). - commit 2118998 - powerpc/32s: Drop NULL addr verification (CVE-2020-4788 bsc#1177666). - commit 764b74e - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger - commit 21f8205 - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*\.x86_64.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly. - commit 8099b4b - fs/select.c: batch user writes in do_sys_poll (CVE-2020-4788 bsc#1177666). - commit e2a69e2 - ceph: check session state after bumping session->s_seq (bsc#1179012). - ceph: check the sesion state and return false in case it is closed (bsc#1179012). - ceph: add check_session_state() helper and make it global (bsc#1179012). - commit d99bb08 - Restore the header of series.conf The header of series.conf was accidentally changed by abb50be8e6bc "(kABI: revert use_mm name change (MM Functionality, bsc#1178426))". The scripts/git_sort/lib.py script matches the upper-case "K" in the header. - commit cec3f48 - selftests/powerpc: entry flush test (CVE-2020-4788 bsc#1177666). - powerpc/64s: flush L1D after user accesses (CVE-2020-4788 bsc#1177666). - powerpc/64s: flush L1D on kernel entry (CVE-2020-4788 bsc#1177666). - selftests/powerpc: rfi_flush: disable entry flush if present (CVE-2020-4788 bsc#1177666). - commit e2755de - Fonts: Replace discarded const qualifier (CVE-2020-28915 bsc#1178886). - commit 1896c0d - fbcon: Fix global-out-of-bounds read in fbcon_get_font() (CVE-2020-28915 bsc#1178886). - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (CVE-2020-28915 bsc#1178886). - commit cf5442f - Refresh patch reference for font fix patch (CVE-2020-28915 bsc#1178886) - commit 1add793 - selftests/powerpc: Skip security tests on older CPUs (CVE-2020-4788 bsc#1177666). - commit 1bc32c0 - blacklist.conf: add RISC V patch - commit 42e5de9 - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits (git-fixes). - can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes). - can: m_can: m_can_handle_state_change(): fix state change (git-fixes). - can: flexcan: flexcan_setup_stop_mode(): add missing "req_bit" to stop mode property comment (git-fixes). - can: peak_usb: fix potential integer overflow on shift of a int (git-fixes). - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes). - can: dev: can_restart(): post buffer from the right context (git-fixes). - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes). - can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes). - lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes). - lan743x: fix issue causing intermittent kernel log warnings (git-fixes). - mac80211: minstrel: fix tx status processing corner case (git-fixes). - mac80211: minstrel: remove deferred sampling code (git-fixes). - rfkill: Fix use-after-free in rfkill_resume() (git-fixes). - spi: lpspi: Fix use-after-free on unbind (git-fixes). - regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes). - regulator: workaround self-referent regulators (git-fixes). - regulator: avoid resolve_supply() infinite recursion (git-fixes). - regulator: fix memory leak with repeated set_machine_constraints() (git-fixes). - regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} (git-fixes). - commit 3d08124 ++++ gnutls: - Avoid spurious audit messages about incompatible signature algorithms (bsc#1172695) * add 0001-pubkey-avoid-spurious-audit-messages-from-_gnutls_pu.patch ------------------------------------------------------------------ ------------------ 2020-11-19 - Nov 19 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - uio: Fix use-after-free in uio_unregister_device() (git-fixes). - mei: protect mei_cl_mtu from null dereference (git-fixes). - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes). - pinctrl: amd: use higher precision for 512 RtcClk (git-fixes). - pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes). - usb: gadget: goku_udc: fix potential crashes in probe (git-fixes). - i2c: sh_mobile: implement atomic transfers (git-fixes). - i2c: mediatek: move dma reset before i2c reset (git-fixes). - tpm_tis: Disable interrupts on ThinkPad T490s (git-fixes). - cfg80211: regulatory: Fix inconsistent format argument (git-fixes). - cfg80211: initialize wdev data earlier (git-fixes). - mac80211: fix use of skb payload instead of header (git-fixes). - mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes). - commit 0ba4e11 - futex: Don't enable IRQs unconditionally in put_pi_state() (bsc#1149032). - futex: Handle transient "ownerless" rtmutex state correctly (bsc#1149032). - commit 15c899a - kABI workaround for HD-audio (git-fixes). - commit 97e2fbf - ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes). - ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes). - commit 6f153b9 - SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (git-fixes). - commit 0640a68 - mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235). - commit b2a9d8e - scsi: libiscsi: Fix NOP race condition (bsc#1176481). - commit ed80277 ++++ pam: - pam_cracklib: added code to check whether the password contains a substring of of the user's name of at least characters length in some form. This is enabled by the new parameter "usersubstr=" See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4 [jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch] ++++ systemd-default-settings: - Import 0.5 0c5e241 SLE: turn off RemoveIPC by default for logind (fate#320125) cb6914f SLE: restore ProtectHostname=no for udevd (bsc#1178374) 7e332a6 Add a header in all each drop-ins 465e1c7 Makefile: simplify 'archive' target ------------------------------------------------------------------ ------------------ 2020-11-18 - Nov 18 2020 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Initial package based on upstream specfile in rhel-7.9 and openSUSE:Factory version of cockpit https://cockpit-project.org/blog/cockpit-195 ++++ kernel-default: - intel_idle: Customize IceLake server support (bsc#1178286). - commit eac5b5e - mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755). - commit ba1483e - Add bug reference to two hv_netvsc patches (bsc#1178853). - commit 2fdc798 - x86/hyperv: Clarify comment on x2apic mode (git-fixes). - commit 47d9c63 - hv: clocksource: Add notrace attribute to read_hv_sched_clock_*() functions (git-fixes). - commit 803c2b1 - powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - commit 5a4cff0 - Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes). - Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes). - commit 35dd120 - Input: sunkbd - avoid use-after-free in teardown paths (CVE-2020-25669 bsc#1178182). - commit bafe1db ++++ pam: - pam_xauth.c: do not free() a string which has been (successfully) passed to putenv(). [bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch] ------------------------------------------------------------------ ------------------ 2020-11-17 - Nov 17 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes). - commit 436b016 - kgdb: Fix spurious true from in_dbg_master() (git-fixes). - commit 1e8d73b - bpf: Zero-fill re-used per-cpu map element (bsc#1155518). - libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518). - bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1155518). - bpf: Fix comment for helper bpf_current_task_under_cgroup() (bsc#1155518). - commit fb71c62 ------------------------------------------------------------------ ------------------ 2020-11-16 - Nov 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched: Fix loadavg accounting race on arm64 kabi (bnc#1178227). - commit a595855 - blacklist.conf: 11d6761218d1 mm, memcg: fix error return value of mem_cgroup_css_alloc() - commit 0ae5ae6 - blacklist.conf: 8380ce479010 mm: fork: fix kernel_stack memcg stats for various stack implementations - commit 5d6fe57 - blacklist.conf: 4d6ffa27b8e5 x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S - commit 95f1309 - blacklist.conf: e81e07244325 objtool: Support Clang non-section symbols in ORC generation - commit b650d28 - nvme: do not update disk info for multipathed device (bsc#1171558). - commit 72db678 - xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes). - commit cc2433b - xfs: fix brainos in the refcount scrubber's rmap fragment processor (git-fixes). - commit 3faadca - xfs: fix rmap key and record comparison functions (git-fixes). - commit 7b24498 - xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (git-fixes). - commit ac90c4a - xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes). - commit ed43f56 - drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397). - net: ena: Fix all static chekers' warnings (bsc#1177397). - net: ena: Change RSS related macros and variables names (bsc#1177397). - net: ena: Remove redundant print of placement policy (bsc#1177397). - net: ena: Capitalize all log strings and improve code readability (bsc#1177397). - net: ena: Change log message to netif/dev function (bsc#1177397). - net: ena: Change license into format to SPDX in all files (bsc#1177397). - net: ena: xdp: add queue counters for xdp actions (bsc#1177397). - net: ena: ethtool: add stats printing to XDP queues (bsc#1177397). - net: ena: ethtool: Add new device statistics (bsc#1177397). - net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397). - commit 3fe7896 - virtio: virtio_console: fix DMA memory allocation for rproc serial (git-fixes). - xhci: hisilicon: fix refercence leak in xhci_histb_probe (git-fixes). - thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (git-fixes). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes). - kernel/watchdog: fix watchdog_allowed_mask not used warning (git-fixes). - reboot: fix overflow parsing reboot cpu number (git-fixes). - Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint" (git-fixes). - clk: define to_clk_regmap() as inline function (git-fixes). - xhci: Fix sizeof() mismatch (git-fixes). - commit a563406 - fix patches metadata - fix Patch-mainline: patches.suse/ACPI-GED-fix-Wformat.patch patches.suse/cosa-Add-missing-kfree-in-error-path-of-cosa_write.patch patches.suse/gpio-pcie-idio-24-Enable-PEX8311-interrupts.patch patches.suse/gpio-pcie-idio-24-Fix-IRQ-Enable-Register-value.patch patches.suse/gpio-pcie-idio-24-Fix-irq-mask-when-masking.patch patches.suse/lan743x-fix-BUG-invalid-wait-context-when-setting-rx.patch patches.suse/mmc-renesas_sdhi_core-Add-missing-tmio_mmc_host_free.patch patches.suse/mmc-sdhci-of-esdhc-Handle-pulse-width-detection-erra.patch patches.suse/pinctrl-aspeed-Fix-GPI-only-function-problem.patch patches.suse/pinctrl-intel-Set-default-bias-in-case-no-particular.patch - commit e7295f4 - update patch metadata patches.suse/SUNRPC-Revert-241b1f419f0e-SUNRPC-Remove-xdr_buf_tri.patch was replaced by a no-op stub only preserving kABI but the upstream reference was left in place. Our kbuild checks complain because the same commit id is also blacklisted. Drop the mainline reference which is no longer appropriate and refer to the commit id in commit message instead. - commit c39115f - fix patches metadata - fix Patch-mainline: patches.suse/NFSv4-Handle-NFS4ERR_OLD_STATEID-in-CLOSE-OPEN_DOWNG.patch patches.suse/NFSv4-Wait-for-stateid-updates-after-CLOSE-OPEN_DOWN.patch patches.suse/NFSv4.x-recover-from-pre-mature-loss-of-openstateid.patch patches.suse/svcrdma-fix-bounce-buffers-for-unaligned-offsets-and.patch - commit 6b62933 - series.conf: whitespace cleanup - commit 3581101 - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139). - commit f10a996 ++++ permissions: - Update to version 20181224: * fix paths of ksysguard whitelisting * whitelist ksysguard network helper (bsc#1151190) * pcp: remove no longer needed / conflicting entries ++++ sudo: - add sudo-1.8.22-pam_xauth.patch to stay setuid until just before executing the command. Fixes a problem with pam_xauth which checks effective and real uids to get the real identity of the user [bsc#1174593] ------------------------------------------------------------------ ------------------ 2020-11-15 - Nov 15 2020 ------------------- ------------------------------------------------------------------ ++++ bcache-tools: - Makefile: install bcache-status (jsc#SLE-9807, bsc#1178725) 0018-Makefile-install-bcache-status.patch - bcache-tools.spec: add '_sbindir/bcache-status' for the new added bcache-status python script (jsc#SLE-9807, bsc#1178725) ------------------------------------------------------------------ ------------------ 2020-11-14 - Nov 14 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - dax: Fix stack overflow when mounting fsdax pmem device (bsc#1171073). - dax: fix detection of dax support for non-persistent memory block devices (bsc#1171073). - commit 91904e0 - libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873). - scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873). - drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873). - tcp: use sendpage_ok() to detect misused .sendpage (bsc#1172873). - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873). - net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873). - net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h (bsc#1172873). - commit 5b20669 - pinctrl: intel: Set default bias in case no particular value given (git-fixes). - pinctrl: aspeed: Fix GPI only function problem (git-fixes). - gpio: pcie-idio-24: Enable PEX8311 interrupts (git-fixes). - gpio: pcie-idio-24: Fix IRQ Enable Register value (git-fixes). - gpio: pcie-idio-24: Fix irq mask when masking (git-fixes). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes). - mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (git-fixes). - cosa: Add missing kfree in error path of cosa_write (git-fixes). - lan743x: fix "BUG: invalid wait context" when setting rx mode (git-fixes). - ACPI: GED: fix -Wformat (git-fixes). - commit 4dd9cfa - vt: Disable KD_FONT_OP_COPY (bsc#1178589). - commit a819dc3 ------------------------------------------------------------------ ------------------ 2020-11-13 - Nov 13 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mm/memory-failure: Add memory_failure_queue_kick() (jsc#SLE-16610). - commit 58bbb5e ++++ pam: - Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft" to avoid spurious (and misleading) Warning: your password will expire in ... days. fixed upstream with commit db6b293046a [bsc#1178727, pam-bsc1178727-initialize-daysleft.patch] ++++ system-users: - Add qemu user to kvm group ------------------------------------------------------------------ ------------------ 2020-11-12 - Nov 12 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293). - commit 8c35da0 - mm/memcg: fix refcount error while moving and swapping (bsc#1178686). - commit cbd5a59 - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes). - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes). - USB: serial: option: add Quectel EC200T module support (git-fixes). - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes). - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes). - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes). - lib/crc32test: remove extra local_irq_disable/enable (git-fixes). - tty: serial: fsl_lpuart: LS1021A has a FIFO size of 16 words, like LS1028A (git-fixes). - usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes). - usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes). - ACPI: dock: fix enum-conversion warning (git-fixes). - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes). - 9P: Cast to loff_t before multiplying (git-fixes). - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (git-fixes). - tty: serial: fsl_lpuart: add LS1028A support (git-fixes). - commit af1d39a ++++ system-users: - Add system account and groups for kvm, qemu, and libvirt (jsc#SLE-11629) New files: system-group-kvm.conf, system-group-libvirt.conf, system-user-qemu.conf ------------------------------------------------------------------ ------------------ 2020-11-11 - Nov 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - hv_netvsc: make recording RSS hash depend on feature flag (bsc#1177820). - commit 84f7284 - Refresh patches.suse/vfs-add-super_operations-get_inode_dev. (bsc#1176983) It had a missing hunk in prof_namespace.c so simply add it, this fixes the issue reported in bsc#1176983 - commit 4999b20 - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177820). - commit c7e2d68 - mm/memcontrol.c: add missed css_put() (bsc#1178661). - commit 50e1826 - hv_netvsc: Add XDP support (bsc#1177820). - refresh patches.suse/msft-hv-2073-hv_netvsc-Fix-netvsc_start_xmit-s-return-type.patch - commit e1c99b4 - hv_netvsc: record hardware hash in skb (bsc#1177820). - refresh patches.suse/suse-hv-kabi.patch b/patches.suse/suse-hv-kabi.patch (drop chunks which are in patches.suse/msft-hv-1962-hv_netvsc-record-hardware-hash-in-skb.patch) - commit f89c5c0 - mm, memcg: fix inconsistent oom event behavior (bsc#1178659). - commit 9f54445 - ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes). - commit 5a991eb ++++ kernel-firmware: - Update Intel Bluetooth firmware for buffer overflow security bugs (CVE-2020-12321 bsc#1178671) ------------------------------------------------------------------ ------------------ 2020-11-10 - Nov 10 2020 ------------------- ------------------------------------------------------------------ ++++ filesystem: - Re-add /etc/xdg, new systemd requires it ++++ kernel-default: - ftrace: Handle tracing when switching between context (git-fixes). - commit ae03fad - ftrace: Fix recursion check for NMI test (git-fixes). - commit 030da09 - tracing: Fix out of bounds write in get_trace_buf (git-fixes). - commit 67e9ee9 - fix patches metadata - fix Patch-mainline: patches.suse/exfat-fix-name_hash-computation-on-big-endian-systems.patch patches.suse/exfat-fix-overflow-issue-in-exfat_cluster_to_sector.patch patches.suse/exfat-fix-possible-memory-leak-in-exfat_find.patch patches.suse/exfat-fix-use-of-uninitialized-spinlock-on-error-path.patch patches.suse/exfat-fix-wrong-hint_stat-initialization-in-exfat_find_dir_entry.patch patches.suse/exfat-fix-wrong-size-update-of-stream-entry-by-typo.patch patches.suse/mmswapfile.c-fix-potential-memory-leak-in-sys_swapon.patch - commit 37fd1b5 ++++ kexec-tools: - Remove kexec-tools-xen-balloon-up.patch (bsc#1176606, bsc#1174508) This patch was introduced to address bsc#694863; it enabled kexec for HVM at that time. Meanwhile Xen 4.7 introduced "soft-reset" for HVM domUs. This host feature removes the requirement to un-ballon the domU prior kexec. With Xen 4.13 cpuid faulting became the default, which affects the approach used in this patch to detect the domU type. As a result, invoking kexec in dom0 failed. ++++ microos-tools: - Update to version 2.9 - Use absolute path for selinuxenabled in systemd generator ------------------------------------------------------------------ ------------------ 2020-11-9 - Nov 9 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+suse.171.g65b2addf: * dracut.sh: FIPS workaround for openssl-libs (bsc#1178217) * 01fips: turn info calls into fips_info calls (bsc#1164076) * 00systemd: add missing cryptsetup-related targets (bsc#1177811) ++++ kernel-default: - mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes). - exfat: fix use of uninitialized spinlock on error path (git-fixes). - exfat: fix name_hash computation on big endian systems (git-fixes). - exfat: fix wrong size update of stream entry by typo (git-fixes). - exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes). - exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes). - exfat: fix possible memory leak in exfat_find() (git-fixes). - commit 97624cb - btrfs: reschedule if necessary when logging directory items (bsc#1178585). - commit 5a09bb7 - btrfs: cleanup cow block on error (bsc#1178584). - commit 080ee21 - btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581). - commit 1067aa3 - btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579). - commit 972ec4e - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (bsc#1178393, CVE-2020-25704). - commit ec449ad - Refresh patches.suse/x86-unwind-orc-Fix-inactive-tasks-with-stack-pointer.patch. "series_sort -u" applied - commit 3711acc - arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work (jsc#SLE-16610). - commit 5f689d9 - ACPI: APEI: Kick the memory_failure() queue for synchronous errors (jsc#SLE-16610). - commit 36dbacd - firmware: arm_sdei: Document the motivation behind these set_fs() calls (jsc#SLE-16610). - commit 7d33342 - xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes). - commit abfd9e4 - xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes). - commit 8dd6e4b - xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes). - commit 9130952 - serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes). - serial: 8250_mtk: Fix uart_get_baud_rate warning (git-fixes). - USB: serial: cyberjack: fix write-URB completion race (git-fixes). - usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes). - can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes). - can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes). - can: peak_usb: add range checking in decode operations (git-fixes). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes). - can: rx-offload: don't call kfree_skb() from IRQ context (git-fixes). - commit efd4e46 ++++ krb5: - Add recursion limit for ASN.1 indefinite lengths; (CVE-2020-28196); (bsc#1178512); - Added patches: * 0010-Add-recursion-limit-for-ASN.1-indefinite-lengths.patch ++++ openldap2: - bsc#1178387 (CVE-2020-25692) - unauthenticated remote denial of service due to incorrect validation of modrdn equality rules. * patch: 0207-ITS-9370-check-for-equality-rule-on-old_rdn.patch ++++ microos-tools: - Update to version 2.8 - Don't propagate umounts into the real root - Use content of .autorelabel only if it exists ++++ transactional-update: - Version 2.38.3 - SELinux: Make synchronisation work for both pre-SELinux snapshots and later snapshots; SELinux support should be ready for most tasks now. ------------------------------------------------------------------ ------------------ 2020-11-8 - Nov 8 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes). - ASoC: cs42l51: manage mclk shutdown delay (git-fixes). - ASoC: qcom: sdm845: set driver name correctly (git-fixes). - ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes). - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes). - ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes). - ALSA: hda/realtek - Fixed HP headset Mic can't be detected (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes). - ALSA: fix kernel-doc markups (git-fixes). - commit 91a799a ------------------------------------------------------------------ ------------------ 2020-11-6 - Nov 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306). - x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306). - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306). - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306). - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306). - commit 6359015 - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703). - commit 676737e - regulator: defer probe when trying to get voltage from unresolved supply (git-fixes). - usb: cdc-acm: fix cooldown mechanism (git-fixes). - drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes). - power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes). - uio: free uio id after uio file node is freed (git-fixes). - usb: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes). - USB: adutux: fix debugging (git-fixes). - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes). - commit 87c92c0 - PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes). - staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes). - staging: octeon: repair "fixed-link" support (git-fixes). - power: supply: bq27xxx: report "not charging" on all types (git-fixes). - p54: avoid accessing the data mapped to streaming DMA (git-fixes). - PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes). - media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes). - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes). - media: imx274: fix frame interval handling (git-fixes). - commit abe310e - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes). - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes). - ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes). - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes). - ACPI / extlog: Check for RDMSR failure (git-fixes). - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes). - media: tw5864: check status of tw5864_frameinterval_get (git-fixes). - media: platform: Improve queue set up flow for bug fixing (git-fixes). - commit 12c4dfb ------------------------------------------------------------------ ------------------ 2020-11-5 - Nov 5 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Do not create null.i000.ipa-clones file (bsc#1178330) Kbuild cc-option compiles /dev/null file to test for an option availability. Filter out -fdump-ipa-clones so that null.i000.ipa-clones file is not generated in the process. - commit 1425d4e - net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461). - commit 9045c8f ++++ salt: - Avoid regression on "salt-master": set passphrase for salt-ssh keys to empty string (bsc#1178485) - Added: * set-passphrase-for-salt-ssh-keys-to-empty-string-293.patch ------------------------------------------------------------------ ------------------ 2020-11-4 - Nov 4 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Updated to latest upstream, including async login ability: * TODO: Update to todo list. * Implement login "no_wait" for iscsiadm NODE mode * iscsiadm buffer overflow regression when discovering many targets at once * iscsid: Check Invalid Session id for stop connection * Add ability to attempt target logins asynchronously ++++ kernel-default: - xfs: don't update mtime on COW faults (bsc#1167030). - commit cbce094 - xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146). - commit 293e483 - kABI: revert use_mm name change (MM Functionality, bsc#1178426). - commit abb50be - xfs: remove unused variable 'done' (bsc#1166166). - commit 61fcffc - xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166). - commit e2d039c - xfs: introduce XFS_MAX_FILEOFF (bsc#1166166). - commit 76c1570 - powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm (MM Functionality, bsc#1178426). - commit 7298443 - powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM (MM Functionality, bsc#1178426). - Update config files. Select the new option for ppc64le. - commit 39e4bbd - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426). - commit bae6aac - mm: fix kthread_use_mm() vs TLB invalidate (MM Functionality, bsc#1178426). - commit ebe1e96 - kernel: better document the use_mm/unuse_mm API contract (MM Functionality, bsc#1178426). - Refresh patches.suse/amdgpu-a-NULL-mm-does-not-mean-a-thread-is-a-kthread.patch. - commit e0e83ba - tty: make FONTX ioctl use the tty pointer they were actually passed (bsc#1178123 CVE-2020-25668). - commit fda631f - series.conf: cleanup - move unsortable patch out of sorted section: patches.suse/powercap-Restrict-energy-meter-to-root-access.patch - commit a552ff6 - Updated Copyright line in rpm templates with SUSE LLC - commit 39a1fcf - rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401) - commit 33ded45 - icmp: randomize the global rate limiter (git-fixes). - commit 3f6a76f - svcrdma: fix bounce buffers for unaligned offsets and multiple pages (git-fixes). - commit 3c46e04 - NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE (bsc#1176180). - NFSv4.x recover from pre-mature loss of openstateid (bsc#1176180). - NFSv4: Handle NFS4ERR_OLD_STATEID in CLOSE/OPEN_DOWNGRADE (bsc#1176180). - commit ae88090 - blacklist.conf: - Delete patches.suse/SUNRPC-Revert-241b1f419f0e-SUNRPC-Remove-xdr_buf_tri.patch. This patch causes a regression - bsc1178304 - and "fixing" it properly requires backporting patches which break kabi. So just drop for now. - commit 548f6fe ++++ util-linux: - Modernize patch util-linux-sulogin4bsc1175514.patch * Try to autoconfigure broken serial lines ++++ util-linux-systemd: - Modernize patch util-linux-sulogin4bsc1175514.patch * Try to autoconfigure broken serial lines ------------------------------------------------------------------ ------------------ 2020-11-3 - Nov 3 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - %service_del_postun_without_restart is now available on SLE More accurately it's been introduced in SLE12-SP2+ and SLE15+ +------------------------------------------------------------------- ++++ kernel-default: - rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) The in-tree KMP that is built with SLE kernels have a different scriptlet that is embedded in kernel-binary.spec.in rather than *.sh files. - commit e32ee2c - btrfs: Account for merged patches upstream Move below patches to sorted section. - Refresh patches.suse/btrfs-account-for-trans_block_rsv-in-may_commit_transaction.patch. - Refresh atches.suse/btrfs-allow-us-to-use-up-to-90-of-the-global-rsv-for-unlink.patch. - Refresh patches.suse/btrfs-force-chunk-allocation-if-our-global-rsv-is-larger-than-metadata.patch. - Refresh patches.suse/btrfs-improve-global-reserve-stealing-logic.patch. - Refresh patches.suse/btrfs-only-check-priority-tickets-for-priority-flushing.patch. - Refresh patches.suse/btrfs-run-btrfs_try_granting_tickets-if-a-priority-ticket-fails.patch. Also add 3 new patches to follow upstream as much as possible, one of them is a git-fixes requirements the others are prerequisites for it: - patches.suse/btrfs-account-ticket-size-at-add-delete-time.patch - patches.suse/btrfs-fix-reclaim-counter-leak-of-space_info-objects.patch - patches.suse/btrfs-fix-reclaim_size-counter-leak-after-stealing-from-global-reserve.patch - commit b193add - btrfs: fix filesystem corruption after a device replace (bsc#1178395). - commit ece2bc8 - btrfs: move btrfs_rm_dev_replace_free_srcdev outside of all locks (bsc#1178395). - commit 9f5adb5 - btrfs: move btrfs_scratch_superblocks into btrfs_dev_replace_finishing (bsc#1178395). - commit 8818530 - vt: keyboard, extend func_buf_lock to readers (bnc#1177766 CVE-2020-25656). - vt: keyboard, simplify vt_kdgkbsent (bnc#1177766 CVE-2020-25656). - commit d1af3a9 - Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes - commit ba5c338 - time: Prevent undefined behaviour in timespec64_to_ns() (bsc#1164648). - futex: Fix incorrect should_fail_futex() handling (bsc#1149032). - futex: Adjust absolute futex timeouts with per time namespace offset (bsc#1164648). - futex: Remove unused or redundant includes (bsc#1149032). - futex: Consistently use fshared as boolean (bsc#1149032). - futex: Remove put_futex_key() (bsc#1149032). - commit a86c28d ++++ libusb-1_0: - Add libusb-bsc1178376-ppc-linux-flag.patch to fix the inclusion of "sys/time.h" on PowerPC (bsc#1178376) ------------------------------------------------------------------ ------------------ 2020-11-2 - Nov 2 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix boot failure in blocklist installation (bsc#1178278) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch ++++ kernel-default: - kbuild: enforce -Werror=return-type (bsc#1177281). - commit 1efe79d - s390/dasd: Fix zero write for FBA devices (bsc#1177801 LTC#188735). - s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177799 LTC#188733). - commit 8d8c67c - update patch metadata - update Patch-mainline: patches.suse/ibmveth-Fix-use-of-ibmveth-in-a-bridge.patch - commit 32664f1 - series.conf: cleanup - update upstream reference and resort: patches.suse/scsi-ibmvscsi-Fix-potential-race-after-loss-of-trans.patch - commit a1665a9 ++++ multipath-tools: - Avoid reading files extensions other than ".conf" from config dir (bsc#1162896; added this note retroactively, it was already solved in multipath-tools-0.8.2+140.5146cae). - Fix wrong usage of "%service_del_preun -n" in spec file (bsc#1178354) ++++ openssh: - Add openssh-fips-ensure-approved-moduli.patch (bsc#1177939). This ensures only approved DH parameters are used in FIPS mode. ++++ salt: - Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319) (bsc#1178362) (bsc#1178361) (CVE-2020-25592) (CVE-2020-17490) (CVE-2020-16846) - Added: * fix-cve-2020-25592-and-add-tests-bsc-1178319.patch ++++ timezone: - Add fat.patch to generate "fat" timezone files (was default before 2020b) bsc#1178346 ------------------------------------------------------------------ ------------------ 2020-10-30 - Oct 30 2020 ------------------- ------------------------------------------------------------------ ++++ dmidecode: Partial support for SMBIOS 3.4.0: - dmidecode-add-memory-device-types-from-smbios-3.4.0.patch, dmidecode-add-processor-characteristics-bits-from-smbios-3.4.0.patch, dmidecode-add-processor-upgrades-from-smbios-3.4.0.patch, dmidecode-add-slot-characteristics2-from-smbios-3.4.0.patch, dmidecode-add-system-slot-types-from-smbios-3.4.0.patch: Add enumerated values from SMBIOS 3.4.0 (bsc#1174257). 1 presentation fix from upstream: - dmidecode-skip-details-of-uninstalled-memory-modules.patch: Skip details of uninstalled memory modules (bsc#1174257). ++++ kernel-default: - Disable module compression on SLE15 SP2 (bsc#1178307) - commit 6e769e1 - Refresh patches.suse/ibmveth-Fix-use-of-ibmveth-in-a-bridge.patch. Update to upstream version. - commit 69ab55e - ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes). - commit 4e8525b - blacklist.conf: add two more - commit 4c2096a - tipc: fix memory leak caused by tipc_buf_append() (git-fixes). - commit 22daff6 - KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages (git-fixes). - net/core: check length before updating Ethertype in skb_mpls_{push,pop} (git-fixes). - bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (git-fixes). - block: Set same_page to false in __bio_try_merge_page if ret is false (git-fixes). - selftests/timers: Turn off timeout setting (git-fixes). - mm: madvise: fix vma user-after-free (git-fixes). - commit ba14726 - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes). - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes). - usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes). - usb: dwc3: simple: add support for Hikey 970 (git-fixes). - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes). - USB: cdc-acm: handle broken union descriptors (git-fixes). - usb: ohci: Default to per-port over-current protection (git-fixes). - usb: core: Solve race condition in anchor cleanup functions (git-fixes). - commit 3a141c3 - r8169: fix issue with forced threading in combination with shared interrupts (git-fixes). - rtw88: increse the size of rx buffer size (git-fixes). - rtl8xxxu: prevent potential memory leak (git-fixes). - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes). - tty: ipwireless: fix error handling (git-fixes). - PM: hibernate: remove the bogus call to get_gendisk() in software_resume() (git-fixes). - spi: spi-s3c64xx: Check return values (git-fixes). - spi: spi-s3c64xx: swap s3c64xx_spi_set_cs() and s3c64xx_enable_datapath() (git-fixes). - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes). - commit 53b1fbc - mwifiex: don't call del_timer_sync() on uninitialized timer (git-fixes). - mic: vop: copy data to kernel space then write to io memory (git-fixes). - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes). - misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes). - media: firewire: fix memory leak (git-fixes). - media: ati_remote: sanity check for both endpoints (git-fixes). - media: st-delta: Fix reference count leak in delta_run_work (git-fixes). - media: sti: Fix reference count leaks (git-fixes). - mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes). - net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes). - commit 9642953 - media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes). - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes). - media: exynos4-is: Fix a reference count leak (git-fixes). - media: vsp1: Fix runtime PM imbalance on error (git-fixes). - media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes). - media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes). - media: bdisp: Fix runtime PM imbalance on error (git-fixes). - media: media/pci: prevent memory leak in bttv_probe (git-fixes). - media: rcar_drif: Allocate v4l2_async_subdev dynamically (git-fixes). - media: rcar_drif: Fix fwnode reference leak when parsing DT (git-fixes). - commit ff98d93 - mailbox: avoid timer start from callback (git-fixes). - mac80211: handle lack of sband->bitrates in rates (git-fixes). - HID: ite: Add USB id match for Acer One S1003 keyboard dock (git-fixes). - eeprom: at25: set minimum read/write access stride to 1 (git-fixes). - media: i2c: ov5640: Enable data pins on poweron for DVP mode (git-fixes). - media: i2c: ov5640: Separate out mipi configuration from s_power (git-fixes). - media: i2c: ov5640: Remain in power down for DVP mode unless streaming (git-fixes). - media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes). - media: saa7134: avoid a shift overflow (git-fixes). - media: venus: core: Fix runtime PM imbalance in venus_probe (git-fixes). - commit 1c003ee - Bluetooth: Only mark socket zapped after unlocking (git-fixes). - Bluetooth: btusb: Fix memleak in btusb_mtk_submit_wmt_recv_urb (git-fixes). - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes). - can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes). - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes). - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes). - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes). - dmaengine: dw: Activate FIFO-mode for memory peripherals only (git-fixes). - crypto: ccp - fix error handling (git-fixes). - commit faa1609 ++++ util-linux: - Add patch util-linux-sulogin4bsc1175514.patch Avoid sulogin failing on not existing or not functional console devices (bsc#1175514) ++++ transactional-update: - Version 2.28.2 - SELinux: Exclude security.selinux attribute from rsyncing (again) ++++ util-linux-systemd: - Add patch util-linux-sulogin4bsc1175514.patch Avoid sulogin failing on not existing or not functional console devices (bsc#1175514) ------------------------------------------------------------------ ------------------ 2020-10-29 - Oct 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - dm/dax: Fix table reference counts (bsc#1178246). - commit 89a1d25 - mm: fix a race during THP splitting (bsc#1178255). - commit d99807e - btrfs: don't force read-only after error in drop snapshot (bsc#1176354). - commit 92bd157 - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592) - commit 552ec97 ++++ systemd: - Move systemd-sysv-convert back from /usr/lib/systemd to /usr/sbin (bsc#1178156) SLE distros still expect the tool to be located in the old place. ++++ patterns-microos: - removing plymouth ++++ transactional-update: - Version 2.28.1 - SELinux: Fixed changing the wrong grub configuration file - SELinux: Move /.autorelabel file to writeable location ------------------------------------------------------------------ ------------------ 2020-10-28 - Oct 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: fix high key handling in the rt allocator's query_range function (git-fixes). - commit cdff05f - xfs: limit entries returned when counting fsmap records (git-fixes). - commit 6ab6787 - xfs: fix xfs_bmap_validate_extent_raw when checking attr fork of rt files (git-fixes). - commit 4c9c85b - x86/alternative: Don't call text_poke() in lazy TLB mode (bsc#1175749). - commit 50e105d - xen/gntdev.c: Mark pages as dirty (bsc#1065600). - commit dbb5e22 ++++ microos-tools: - Update to version 2.7 - Add workaround if /.autorelabel is used, don't ignore it - Rename tmp.conf to microos-tmp.conf on SUSE MicroOS ++++ u-boot-rpiarm64: Fix CVE-2020-8432 (bsc#1162198) and CVE-2020-10648 (bsc#1167209). Patch queue updated from git://github.com/openSUSE/u-boot.git sle15-sp2 * Patches added: 0038-cmd-gpt-Address-error-cases-during-.patch 0039-image-Check-hash-nodes-when-checkin.patch 0040-image-Load-the-correct-configuratio.patch ------------------------------------------------------------------ ------------------ 2020-10-27 - Oct 27 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: fix overflow when copying corrupt csums for a message (bsc#1178191). - commit c3fc339 - btrfs: fix NULL pointer dereference after failure to create snapshot (bsc#1178190). - commit 28eef23 - ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897). - commit 3aff6b0 - btrfs: set the lockdep class for log tree extent buffers (bsc#1178186). - commit bf70248 - btrfs: set the correct lockdep class for new nodes (bsc#1178184). - commit 986c67e - blacklist.conf: blacklist commit 7359608a271c ("scripts/gdb: fix lx-symbols 'gdb.error' while loading modules") This does not apply since CONFIG_GDB_SCRIPTS isn't enabled in our configs. - commit 0c385df - module: Correctly truncate sysfs sections output (git-fixes). - commit 65be42f - btrfs: allocate scrub workqueues outside of locks (bsc#1178183). - commit f9617fb - libceph: clear con->out_msg on Policy::stateful_server faults (bsc#1178177). - ceph: promote to unsigned long long before shifting (bsc#1178175). - commit 0c4763b - btrfs: drop path before adding new uuid tree entry (bsc#1178176). - commit dd3432e - module: statically initialize init section freeing data (git-fixes). - commit 22c6399 - btrfs: fix space cache memory leak after transaction abort (bsc#1178173). - commit 980210c - module: Do not expose section addresses to non-CAP_SYSLOG (git-fixes). - commit a568add - module: Refactor section attr into bin attribute (git-fixes). - commit c081e5b - kallsyms: Refactor kallsyms_show_value() to take cred (git-fixes). - commit f113536 - fix patches metadata - fix Patch-mainline: patches.suse/ipv4-Restore-flowi4_oif-update-before-call-to-xfrm_l.patch patches.suse/tipc-fix-the-skb_unshare-in-tipc_buf_append.patch - commit 70545ba - Update kabi files. - update to second October 2020 maintenance update (commit 78b2b83f5f09) - commit f4767b1 - scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226). - commit 45b7f66 ++++ systemd-default-settings: - Import 0.4 a97bb54 Makefile: don't generate the rpm file lists anymore 5473da6 Makefile: introduce 'archive' target ------------------------------------------------------------------ ------------------ 2020-10-26 - Oct 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - nvme-rdma: fix crash due to incorrect cqe (bsc#1174748). - nvme-rdma: fix crash when connect rejected (bsc#1174748). - commit 066b1e6 - ata: sata_rcar: Fix DMA boundary mask (git-fixes). - reset: sti: reset-syscfg: fix struct description warnings (git-fixes). - soc: fsl: qbman: Fix return value on success (git-fixes). - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes). - memory: omap-gpmc: Fix build error without CONFIG_OF (git-fixes). - memory: omap-gpmc: Fix a couple off by ones (git-fixes). - docs: driver-api: remove a duplicated index entry (git-fixes). - ACPI: debug: don't allow debugging when ACPI is disabled (git-fixes). - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes). - Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes). - Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes). - Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes). - Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes). - Input: stmfts - fix a & vs && typo (git-fixes). - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes). - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes). - r8169: fix operation under forced interrupt threading (git-fixes). - commit 7585044 - ntb: intel: Fix memleak in intel_ntb_pci_probe (git-fixes). - NTB: hw: amd: fix an issue about leak system resources (git-fixes). - i2c: core: Restore acpi_walk_dep_device_list() getting called after registering the ACPI i2c devs (git-fixes). - commit cb55b2a - ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes). - commit 720b2ea - powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729). - commit b42269b - cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes). - commit 2fd3e91 - mm/hugetlb: fix a race between hugetlb sysctl handlers (bsc#1176485, CVE-2020-25285). - commit 2afa8d8 - powerpc/pseries: Avoid using addr_to_pfn in real mode (jsc#SLE-9246 git-fixes). - commit 2dc2a0c - PM: hibernate: Batch hibernate and resume IO requests (bsc#1178079). - commit 3742aaa - Refresh patches.suse/powerpc-Fix-undetected-data-corruption-with-P9N-DD2..patch. refresh patch metadata - commit 006e264 - ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes). - commit 1e71262 ++++ libssh2_org: - Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Rebased patches: * libssh2-ocloexec.patch * libssh2_org-CVE-2019-17498.patch - Remove patches fixed in this version: libssh2_org-CVE-2019-3855.patch libssh2_org-CVE-2019-3856.patch libssh2_org-CVE-2019-3857.patch libssh2_org-CVE-2019-3858.patch libssh2_org-CVE-2019-3859.patch libssh2_org-CVE-2019-3859-fix.patch libssh2_org-CVE-2019-3860.patch libssh2_org-CVE-2019-3861.patch libssh2_org-CVE-2019-3862.patch libssh2_org-CVE-2019-3863.patch ++++ podman: - add dependency to timezone package or podman fails to build a container (bsc#1178122) ++++ systemd-default-settings: - Make sure the release number between the main and the branding packages match ------------------------------------------------------------------ ------------------ 2020-10-25 - Oct 25 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kernel-binary.spec.in: pack scripts/module.lds into kernel-$flavor-devel Since mainline commit 596b0474d3d9 ("kbuild: preprocess module linker script") in 5.10-rc1, scripts/module.lds linker script is needed to build out of tree modules. Add it into kernel-$flavor-devel subpackage. - commit fe37c16 - kABI: Fix kABI after add CodeSigning extended key usage (bsc#1177353). - commit b9f566d - PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification (bsc#1177353). - PKCS#7: Check codeSigning EKU for kernel module and kexec pe verification. - Add CONFIG_CHECK_CODESIGN_EKU - X.509: Add CodeSigning extended key usage parsing (bsc#1177353). - commit 4dbabee ------------------------------------------------------------------ ------------------ 2020-10-24 - Oct 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/ioapic: Unbreak check_timer() (bsc#1152489). - commit 520671d - blacklist.conf: 5fa9a98fb103 bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension - commit 7f6fdc7 - ALSA: hda - Fix the return value if cb func is already registered (git-fixes). - ALSA: usb-audio: Line6 Pod Go interface requires static clock rate quirk (git-fixes). - ALSA: sparc: dbri: fix repeated word 'the' (git-fixes). - commit ac47bec ------------------------------------------------------------------ ------------------ 2020-10-23 - Oct 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: commit 9def3b1a07c4 not needed Mainline commit 9def3b1a07c4 ("iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built") is a build fix which is only needed for config with CONFIG_IOMMU_API disabled. As both SLE15-SP2 and openSUSE-15.2 have CONFIG_IOMMU_API=y in all configs where applicable, we don't need this build fix. - commit 28bc04c - series.conf: cleanup - update upstream references and resort: patches.suse/powerpc-numa-Offline-memoryless-cpuless-node-0.patch patches.suse/powerpc-numa-Prefer-node-id-queried-from-vphn.patch patches.suse/powerpc-numa-Set-numa_node-for-all-possible-cpus.patch - commit b2e8401 - fix patches metadata - fix Patch-mainline: patches.suse/tracing-check-return-value-of-_create_val_fields-before-using-its-result.patch patches.suse/tracing-save-normal-string-variables.patch - commit 164cdc8 - clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes). - clk: qcom: gcc-sdm660: Fix wrong parent_map (git-fixes). - clk: imx8mq: Fix usdhc parents order (git-fixes). - clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes). - clk: at91: remove the checking of parent_name (git-fixes). - clk: keystone: sci-clk: fix parsing assigned-clock data during probe (git-fixes). - clk: meson: g12a: mark fclk_div2 as critical (git-fixes). - pwm: img: Fix null pointer access in probe (git-fixes). - PCI: aardvark: Check for errors from pci_bridge_emul_init() call (git-fixes). - watchdog: sp5100: Fix definition of EFCH_PM_DECODEEN3 (git-fixes). - watchdog: Use put_device on error (git-fixes). - watchdog: Fix memleak in watchdog_cdev_register (git-fixes). - rtc: rx8010: don't modify the global rtc ops (git-fixes). - i2c: imx: Fix external abort on interrupt in exit paths (git-fixes). - i2c: rcar: Auto select RESET_CONTROLLER (git-fixes). - ida: Free allocated bitmap in error path (git-fixes). - commit affb66d - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes). - tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes). - commit 1834339 ++++ systemd: - Fix paths of udev rule files in 1004-udev-don-t-create-by-partlabel-primary-and-.-logical.patch and 1005-udev-optionally-disable-the-generation-of-the-partla.patch (bsc#1178023) - No more need to clean the journal-upload stuff with --without=journal_remote Since -Dremote build option has been introduced with meson, this workaround is no more needed. - Move journal-{remote,upload}.conf.5.gz man pages into systemd-journal_remote sub package - Explicitly list files in /usr/lib/sysusers.d shipped by the main package Currently only one config file is shipped in this directory and we want to check any new files that may be added in the future. - Use %{_modulesloaddir}, %{_environmentdir} and %{_modprobedir} wherever appropriate - Do not include %{release} in a few places where we explicitly mention package versions It's usually not a good idea especially when used with conflicts. ++++ systemd-default-settings: - Import 0.3 d299248 List drop-in directories in SUSE.list exclusively e4651a7 Disable memory accounting by default for all distros (jsc#PM-2229 jsc#PM-2230) ------------------------------------------------------------------ ------------------ 2020-10-22 - Oct 22 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Change license to GPL-2.0-or-later ++++ grub2: - Fix grub2-install error with "failed to get canonical path of `/boot/grub2/i386-pc'." (bsc#1177957) * modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch ++++ kernel-default: - mm: don't panic when links can't be created in sysfs (bsc#1178002). - mm: don't rely on system state to detect hot-plug operations (bsc#1178002). - mm: replace memmap_context by meminit_context (bsc#1178002). - commit 77a655e - blacklist.conf: add a cleanup - commit 5a26435 - net: bridge: br_vlan_get_pvid_rcu() should dereference the VLAN group under RCU (networking-stable-20_09_24). - net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported (networking-stable-20_09_24). - net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported (networking-stable-20_09_24). - net/mlx5: Fix FTE cleanup (networking-stable-20_09_24). - net: sctp: Fix IPv6 ancestor_size calc in sctp_copy_descendant (networking-stable-20_09_24). - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24). - nfp: use correct define to return NONE fec (networking-stable-20_09_24). - net: phy: Do not warn in phy_stop() on PHY_DOWN (networking-stable-20_09_24). - net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24). - cxgb4: fix memory leak during module unload (networking-stable-20_09_24). - ipv4: Update exception handling for multipath routes via same device (networking-stable-20_09_24). - tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24). - tipc: Fix memory leak in tipc_group_create_member() (networking-stable-20_09_24). - ipv4: Initialize flowi4_multipath_hash in data path (networking-stable-20_09_24). - net: lantiq: Disable IRQs only if NAPI gets scheduled (networking-stable-20_09_24). - net: lantiq: Use napi_complete_done() (networking-stable-20_09_24). - net: lantiq: use netif_tx_napi_add() for TX NAPI (networking-stable-20_09_24). - net: lantiq: Wake TX queue again (networking-stable-20_09_24). - taprio: Fix allowing too small intervals (networking-stable-20_09_24). - net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (networking-stable-20_09_24). - net: Fix bridge enslavement failure (networking-stable-20_09_24). - tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24). - ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24). - ipv6: avoid lockdep issue in fib6_del() (networking-stable-20_09_24). - net: dsa: rtl8366: Properly clear member config (networking-stable-20_09_24). - cxgb4: Fix offset when clearing filter byte counters (networking-stable-20_09_24). - act_ife: load meta modules before tcf_idr_check_alloc() (networking-stable-20_09_24). - tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11). - ipv6: Fix sysctl max for fib_multipath_hash_policy (networking-stable-20_09_11). - net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11). - net: disable netpoll on fresh napis (networking-stable-20_09_11). - gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11). - netlabel: fix problems with mapping removal (networking-stable-20_09_11). - sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11). - net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11). - net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11). - net: dsa: b53: check for timeout (networking-stable-20_08_24). - net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow (networking-stable-20_08_24). - net: sctp: Fix negotiation of the number of data streams (networking-stable-20_08_24). - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24). - net/smc: Prevent kernel-infoleak in __smc_diag_dump() (networking-stable-20_08_24). - net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24). - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() (networking-stable-20_08_24). - net: Fix potential wrong skb->protocol in skb_vlan_untag() (networking-stable-20_08_24). - ipvlan: fix device features (networking-stable-20_08_24). - bonding: show saner speed for broadcast mode (networking-stable-20_08_24). - net: fec: correct the error path for regulator disable in probe (networking-stable-20_08_24). - commit 913985f ++++ bluez: - Add shared-att-Fix-possible-crash-on-disconnect.patch * Fix possible crash on disconnect.(bsc#1177895)(CVE-2020-27153) ++++ libeconf: - explicitly BuildRequire: pkgconfig for /usr/lib/rpm/pkgconfigdeps.sh On TW it's pulled in implicitly by libxcrypt-devel which is not the case on 15.2 ++++ systemd: - Rely on systemd-default-settings for overriding system default settings (bsc#1172517) The new branding packages now ships the drop-ins to customize systemd either for an openSUSE or a SLE ditro. - Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490) ++++ microos-tools: - Fix building on SUSE MicroOS ++++ patterns-microos: - remove kernel related packages (kernel-base,kmod,dracut) from base pattern. Need be pulled in by YaST resp hardware specific kiwi files. ++++ salt: - Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867) - Ensure virt.update stop_on_reboot is updated with its default value - Do not break package building for systemd OSes - Drop wrong mock from chroot unit test - Support systemd versions with dot (bsc#1176294) - Fix for grains.test_core unit test - Fix file/directory user and group ownership containing UTF-8 characters (bsc#1176024) - Several changes to virtualization: - - Fix virt update when cpu and memory are changed - - Memory Tuning GSoC - - Properly fix memory setting regression in virt.update - - Expose libvirt on_reboot in virt states - Support transactional systems (MicroOS) - zypperpkg module ignores retcode 104 for search() (bsc#1159670) - Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk (bsc#1175987) - Invalidate file list cache when cache file modified time is in the future (bsc#1176397) - Prevent import errors when running test_btrfs unit tests - Added: * drop-wrong-mock-from-chroot-unit-test.patch * ensure-virt.update-stop_on_reboot-is-updated-with-it.patch * invalidate-file-list-cache-when-cache-file-modified-.patch * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch * support-transactional-systems-microos-268.patch * xen-disk-fixes-264.patch * prevent-import-errors-when-running-test_btrfs-unit-t.patch * bsc-1176024-fix-file-directory-user-and-group-owners.patch * path-replace-functools.wraps-with-six.wraps-bsc-1177.patch * backport-a-few-virt-prs-272.patch * fix-grains.test_core-unit-test-276.patch ++++ timezone: - timezone update 2020d (bsc#1177460) * Palestine ends DST earlier than predicted, on 2020-10-24. ++++ transactional-update: - Version 2.28 - Add 'setup-selinux' command for easy setup of a SELinux system - Allow complex commands for the 'run' command - SELinux: Fix /etc / overlay labeling ------------------------------------------------------------------ ------------------ 2020-10-21 - Oct 21 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: 66077adb70a2 EDAC/ti: Fix handling of platform_get_irq() error - commit d4a0b74 - blacklist.conf: add unnecessary fix 5b905d77987d powerpc/watchpoint: Fix exception handling for CONFIG_HAVE_HW_BREAKPOINT=N - commit 900b37a - powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729). - powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729). - powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729). - powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729). - powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729). - powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729). - commit eb769ab - blacklist.conf: Requires powerpc-utils fix. a02f6d42357a powerpc: Warn about use of smt_snooze_delay - commit 3c3b02c - blacklist.conf: add fixes for unused sensor driver 66943005cc41 powerpc/tau: Use appropriate temperature sample interval 5e3119e15fed powerpc/tau: Check processor type before enabling TAU interrupt e63d6fb5637e powerpc/tau: Disable TAU between measurements - commit a434fe6 - blacklist.conf: Add config fix 8659a0e0efdd powerpc/64s: Disable STRICT_KERNEL_RWX only applies to config, and we don't even have the patch to enable STRICT_KERNEL_RWX in config - commit f4e1850 - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 FATE#324825 git-fixes). - commit f96b864 - powerpc/papr_scm: Fix warning triggered by perf_stats_show() (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes). - commit e9b4893 - powerpc/book3s64/radix: Make radix_mem_block_size 64bit (bsc#1055186 ltc#153436 FATE#323286 git-fixes). - commit 1f2d815 - blacklist.conf: already added - commit ee45286 - usblp: fix race between disconnect() and read() (git-fixes). - commit 94633e7 - xen/events: block rogue events for some time (XSA-332 bsc#1177411). - commit 014f26b - xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411). - commit 956b6f3 - xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411). - commit b9ecbeb - xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411). - commit 0b00983 - xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411). - commit 47100e6 - xen/pvcallsback: use lateeoi irq binding (XSA-332 bsc#1177411). - commit ec73318 - xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411). - commit 76fa7f0 - xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411). - commit 8631138 - xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411). - commit 2689ef1 - xen/events: add a new "late EOI" evtchn framework (XSA-332 bsc#1177411). - commit cd230ce - xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411). - commit bd30bae - xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411). - commit e9a9556 - xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410). - commit 0dd2046 ++++ microos-tools: - Update to version 2.6 - Don't delete autorelabel file in initrd ++++ patterns-microos: - updated selinux pattern for new version ------------------------------------------------------------------ ------------------ 2020-10-20 - Oct 20 2020 ------------------- ------------------------------------------------------------------ ++++ findutils: - The following is patch was provided by Jie GONG - fts-dont-unconditionally-use-leaf-optimization-for-nfs.patch (bsc#1174232) fts: don't unconditionally use leaf optimization for NFS NFS st_nlink are not accurate on all implementations, leading to aborts() if that assumption is made. See * lib/fts.c (leaf_optimization_applies): Remove NFS from the white list, and document the issue. ++++ kernel-default: - perf/x86: Fix n_pair for cancelled txn (bsc#1152489). - commit adef112 - perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1152489). - commit c8a7d34 - x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1152489). - commit 3d42971 - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729). - commit d2da200 - blacklist.conf: 5da8e4a65810 x86/copy_mc: Introduce copy_mc_enhanced_fast_string() - commit 579d619 - perf/core: Fix race in the perf_mmap_close() function (bsc#1177086, CVE-2020-14351). - commit 1ee0e96 - Move upstreamed BT patch into sorted section - commit 27a1c18 - blacklist.conf: add duplicate commit 3514521ccbd2 Same as a39d0d7bdf8c21ac7645c02e9676b5cb2b804c31 ("drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config). - commit e083639 - iommu/vt-d: Gracefully handle DMAR units with no supported address widths (bsc#1177739). - commit 8780752 ++++ freetype2: - Add CVE-2020-15999.patch to fix a heap buffer overflow has been found in the handling of embedded PNG bitmaps CVE-2020-15999 bsc#1177914 ++++ libsolv: - do not ask the namespace callback for splitprovides when writing a testcase - fix add_complex_recommends() selecting conflicted packages in rare cases leading to crashes - improve choicerule generation so that package updates are prefered in more cases - bump version to 0.7.16 ------------------------------------------------------------------ ------------------ 2020-10-19 - Oct 19 2020 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - Updated to 2.44 state of the Mozilla NSS Certificate store (bsc#1177864) - Removed CAs: - EE Certification Centre Root CA - Taiwan GRCA - Added CAs: - Trustwave Global Certification Authority - Trustwave Global ECC P256 Certification Authority - Trustwave Global ECC P384 Certification Authority ++++ kernel-default: - scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729). - commit a848d53 - percpu: fix first chunk size calculation for populated bitmap (git-fixes (mm/percpu)). - commit fc914cf - mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)). - commit 57e33c0 - mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)). - commit b768968 - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)). - commit af27a44 - mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)). - commit 0efed25 - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)). - commit 3e8dbda - mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)). - commit 0aec7d2 - tracing: Check return value of __create_val_fields() before using its result (git-fixes). - commit 340fd0d - blacklist.conf: 10819e25799a ("tracing: Handle synthetic event array field type checking correctly") CONFIG_SYNTH_EVENTS is not enabled anywhere. - commit dfcbd72 - blacklist.conf: 9bbb33291f8e ("tracing: Check that the synthetic event and field names are legal") CONFIG_SYNTH_EVENTS is not enabled anywhere. - commit 2bf6e8b - overflow: Include header file with SIZE_MAX declaration (git-fixes). - i3c: master: Fix error return in cdns_i3c_master_probe() (git-fixes). - i3c: master add i3c_master_attach_boardinfo to preserve boardinfo (git-fixes). - mtd: spinand: gigadevice: Add QE Bit (git-fixes). - mtd: spinand: gigadevice: Only one dummy byte in QUADIO (git-fixes). - mtd: rawnand: vf610: disable clk on error handling path in probe (git-fixes). - mtd: rawnand: stm32_fmc2: fix a buffer overflow (git-fixes). - mtd: mtdoops: Don't write panic data twice (git-fixes). - mtd: lpddr: fix excessive stack usage with clang (git-fixes). - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes). - rapidio: fix the missed put_device() for rio_mport_add_riodev (git-fixes). - lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes). - Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes). - VMCI: check return value of get_user_pages_fast() for errors (git-fixes). - USB: serial: option: add Cellient MPL200 card (git-fixes). - USB: serial: option: Add Telit FT980-KS composition (git-fixes). - USB: serial: pl2303: add device-id for HP GC device (git-fixes). - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes). - staging: comedi: check validity of wMaxPacketSize of usb endpoints found (git-fixes). - ACPI: Always build evged in (git-fixes). - commit 88d1ef8 - tracing: Save normal string variables (git-fixes). - commit 91eb341 - blacklist.conf: 8fbeb52a598c ("tracing: Fix parse_synth_field() error handling") CONFIG_SYNTH_EVENTS is not enabled anywhere. - commit c4d0c48 - blacklist.conf: afce6996943b EDAC/aspeed: Fix handling of platform_get_irq() error - commit 4d7f300 - EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1152489). - commit ef65426 - ibmvnic: set up 200GBPS speed (bsc#1129923 git-fixes). - commit e87977b - ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes). - commit e6ac1a9 - btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861). - commit 5302053 - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - commit 4456f07 - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - btrfs: add owner and fs_info to alloc_state io_tree (bsc#1177854). - commit e4394c2 - series.conf: cleanup - refresh, update upstream references and move into sorted section: patches.suse/sched-fair-Ignore-cache-hotness-for-SMT-migration.patch patches.suse/sched-fair-Use-dst-group-while-checking-imbalance-for-NUMA-balancer.patch patches.suse/sched-numa-Use-runnable_avg-to-classify-node.patch - commit 715ffac ++++ timezone: - timezone update 2020c (bsc#1177460) * Fiji starts DST later than usual, on 2020-12-20. ------------------------------------------------------------------ ------------------ 2020-10-17 - Oct 17 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powercap: Restrict energy meter to root access (bsc#1170415 CVE-2020-8694). - commit 4deb70f ------------------------------------------------------------------ ------------------ 2020-10-16 - Oct 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - dax: Fix compilation for CONFIG_DAX && !CONFIG_FS_DAX (bsc#1177817). - commit 3294fad - dm: Call proper helper to determine dax support (bsc#1177817). - commit 54f2e3f - writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755). - commit 418c424 - writeback: Avoid skipping inode writeback (bsc#1177755). - commit 977317c - writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755). Refresh patches.suse/writeback-Export-inode_io_list_del.patch - commit 5034dcb - iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754). - commit 1558ead - block: ensure bdi->io_pages is always initialized (bsc#1177749). - commit dbf3e7d - block: Fix page_is_mergeable() for compound pages (bsc#1177814). - commit 1fb5d9d - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750). - commit 3cc33db - ALSA: fireworks: use semicolons rather than commas to separate statements (git-fixes). - ALSA: hdspm: Fix typo arbitary (git-fixes). - ALSA: portman2x4: fix repeated word 'if' (git-fixes). - ALSA: asihpi: fix spellint typo in comments (git-fixes). - ALSA: vx: vx_pcm: remove redundant assignment (git-fixes). - ALSA: vx: vx_core: clarify operator precedence (git-fixes). - ALSA: atmel: ac97: clarify operator precedence (git-fixes). - ALSA: ac97: (cosmetic) align argument names (git-fixes). - ALSA: aoa: i2sbus: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes). - commit 1b0d435 - series.conf: refresh - update upstream references and resort: patches.suse/Bluetooth-A2MP-Fix-not-initializing-all-members.patch patches.suse/Bluetooth-L2CAP-Fix-calling-sk_filter-on-non-socket-.patch - commit b739656 - fix patches metadata - fix Patch-mainline: patches.suse/ovl-call-secutiry-hook-in-ovl_real_ioctl.patch patches.suse/ovl-check-permission-to-open-real-file.patch patches.suse/ovl-pass-correct-flags-for-opening-real-directory.patch patches.suse/ovl-switch-to-mounter-creds-in-readdir.patch patches.suse/ovl-verify-permissions-in-ovl_path_open.patch - commit 8e33a6e - ALSA: hda: use semicolons rather than commas to separate statements (git-fixes). - ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes). - ALSA: usb-audio: fix spelling mistake "Frequence" -> "Frequency" (git-fixes). - ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes). - ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock (git-fixes). - ALSA: rawmidi: (cosmetic) align function parameters (git-fixes). - ALSA: usb: scarless_gen2: fix endianness issue (git-fixes). - ALSA: hda: (cosmetic) align function parameters (git-fixes). - ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes). - ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes). - ALSA: compress_offload: remove redundant initialization (git-fixes). - ALSA: core: timer: clarify operator precedence (git-fixes). - ALSA: core: timer: remove redundant assignment (git-fixes). - ALSA: core: pcm: simplify locking for timers (git-fixes). - ALSA: hda/realtek - The front Mic on a HP machine doesn't work (git-fixes). - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes). - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes). - ALSA: hda - Don't register a cb func if it is registered already (git-fixes). - ALSA: hda/realtek - set mic to auto detect on a HP AIO machine (git-fixes). - commit f02408a - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes). - w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes). - USB: serial: qcserial: fix altsetting probing (git-fixes). - usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes). - usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes). - usb: dwc3: core: add phy cleanup for probe error handling (git-fixes). - usb: dwc3: core: don't trigger runtime pm when remove driver (git-fixes). - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes). - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes). - xhci: don't create endpoint debugfs entry before ring buffer is set (git-fixes). - commit 3de826d - qtnfmac: fix resource leaks on unsupported iftype error return path (git-fixes). - slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback (git-fixes). - slimbus: core: do not enter to clock pause mode in core (git-fixes). - slimbus: core: check get_addr before removing laddr ida (git-fixes). - usb: dwc3: pci: Allow Elkhart Lake to utilize DSM method for PM functionality (git-fixes). - usb: dwc2: Fix parameter type in function pointer prototype (git-fixes). - usb: dwc3: gadget: Resume pending requests after CLEAR_STALL (git-fixes). - usb: xhci-mtk: Fix typo (git-fixes). - staging: rtl8192u: Do not use GFP_KERNEL in atomic context (git-fixes). - commit 40d8c20 - x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1177765). - commit d250460 - mwifiex: fix double free (git-fixes). - iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes). - nl80211: fix non-split wiphy information (git-fixes). - mwifiex: remove function pointer check (git-fixes). - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes). - mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes). - ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes). - pwm: lpss: Add range limit check for the base_unit register value (git-fixes). - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes). - misc: mic: scif: Fix error handling path (git-fixes). - commit 0a90922 - ima: Don't ignore errors from crypto_shash_update() (git-fixes). - iio: adc: gyroadc: fix leak of device node iterator (git-fixes). - iio: adc: stm32-adc: fix runtime autosuspend delay when slow polling (git-fixes). - iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes). - iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes). - iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes). - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes). - iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes). - iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes). - iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes). - commit 7b8694c - can: flexcan: remove ack_grp and ack_bit handling from driver (git-fixes). - can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes). - can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes). - brcmfmac: check ndev pointer (git-fixes). - HID: hid-input: fix stylus battery reporting (git-fixes). - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes). - HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes). - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes). - dmaengine: dmatest: Check list for emptiness before access its last entry (git-fixes). - extcon: ptn5150: Fix usage of atomic GPIO with sleeping GPIO chips (git-fixes). - commit f5c71cc - Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes). - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes). - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes). - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes). - ath9k_htc: Use appropriate rs_datalen type (git-fixes). - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes). - ath10k: provide survey info as accumulated data (git-fixes). - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (git-fixes). - ASoC: fsl: imx-es8328: add missing put_device() call in imx_es8328_probe() (git-fixes). - ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes). - ASoC: qcom: lpass-platform: fix memory leak (git-fixes). - ASoC: sun50i-codec-analog: Fix duplicate use of ADC enable bits (git-fixes). - ASoC: fsl_sai: Instantiate snd_soc_dai_driver (git-fixes). - ASoC: tlv320aic32x4: Fix bdiv clock rate derivation (git-fixes). - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes). - ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes). - ALSA: bebob: potential info leak in hwdep_read() (git-fixes). - commit 42377f3 - x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713). - commit f91015e ++++ libpwquality: - update to 1.4.4 * e11f2bd Fix regression with enabling cracklib check * 02e6728 Use make macros in rpm spec file * xxxxxxx Translated using Weblate (Polish, Turkish, Ukrainian) - update to 1.4.3 * 1213d33 Update translation files * a951fbe Add --disable-cracklib-check configure parameter * 6a8845b fixup static compilation * 92c6066 python: Add missing getters/setters for newly added settings * bfef79d Add usersubstr check * 09a2e65 pam_pwquality: Add debug message for the local_users_only option * a6f7705 Fix some gcc warnings * 8c8a260 pwmake: Properly validate the bits parameter. * 7be4797 we use Fedora Weblate now * xxxxxxx Translated using Weblate (Azerbaijani, Bulgarian, Chinese (Simplified), Czech, French, Friulian, Hungarian, Italian, Japanese, Norwegian Bokmål, Persian, Russian, Spanish, Turkish) ++++ patterns-microos: - adjusted pattern ordering ++++ selinux-policy: - Update to version 20201016 - Use python3 to build (fc_sort.c was replaced by fc_sort.py which uses python3) - Drop SELINUX=disabled, "selinux=0" kernel commandline option has to be used instead. New default is "permissive" [bsc#1176923]. ------------------------------------------------------------------ ------------------ 2020-10-15 - Oct 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update kabi files. - update to resubmitted October 2020 OOB maintenance update submission (commit 29977655832a) - commit 01071b5 - ovl: check permission to open real file (bsc#1177470, CVE-2020-16120). - ovl: call secutiry hook in ovl_real_ioctl() (bsc#1177470, CVE-2020-16120). - ovl: verify permissions in ovl_path_open() (bsc#1177470, CVE-2020-16120). - ovl: switch to mounter creds in readdir (bsc#1177470, CVE-2020-16120). - ovl: pass correct flags for opening real directory (bsc#1177470, CVE-2020-16120). - commit 86bcb3f - backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes). - mfd: sm501: Fix leaks in probe() (git-fixes). - pinctrl: mcp23s08: Fix mcp23x17 precious range (git-fixes). - pinctrl: mcp23s08: Fix mcp23x17_regmap initialiser (git-fixes). - leds: mt6323: move period calculation (git-fixes). - ipmi_si: Fix wrong return value in try_smi_init() (git-fixes). - ACPI: button: fix handling lid state changes when input device closed (git-fixes). - ACPI: configfs: Add missing config_item_put() to fix refcount leak (git-fixes). - platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes). - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes). - Input: ati_remote2 - add missing newlines when printing module parameters (git-fixes). - commit e531d97 - patches.suse/target-rbd-detect-stripe_unit-SCSI-block-size-misali.patch: (bsc#1177090). - patches.suse/target-rbd-support-COMPARE_AND_WRITE.patch: (fate#318836, bsc#1177090). - patches.suse/target-compare-and-write-backend-driver-sense-handli.patch: (bsc#1177719). - commit 3918814 - xfs: force the log after remapping a synchronous-writes file (git-fixes). - commit 600980e - series.conf: refresh - update upstream references and resort: patches.suse/scsi-ibmvfc-Avoid-link-down-on-FS9100-canister-reboo.patch patches.suse/scsi-ibmvfc-Use-compiler-attribute-defines-instead-o.patch patches.suse/scsi-qla2xxx-Add-IOCB-resource-tracking.patch patches.suse/scsi-qla2xxx-Add-SLER-and-PI-control-support.patch patches.suse/scsi-qla2xxx-Add-rport-fields-in-debugfs.patch patches.suse/scsi-qla2xxx-Allow-dev_loss_tmo-setting-for-FC-NVMe-.patch patches.suse/scsi-qla2xxx-Correct-the-check-for-sscanf-return-val.patch patches.suse/scsi-qla2xxx-Fix-I-O-errors-during-LIP-reset-tests.patch patches.suse/scsi-qla2xxx-Fix-I-O-failures-during-remote-port-tog.patch patches.suse/scsi-qla2xxx-Fix-MPI-reset-needed-message.patch patches.suse/scsi-qla2xxx-Fix-buffer-buffer-credit-extraction-err.patch patches.suse/scsi-qla2xxx-Fix-crash-on-session-cleanup-with-unloa.patch patches.suse/scsi-qla2xxx-Fix-inconsistent-format-argument-type-i-250bd009.patch patches.suse/scsi-qla2xxx-Fix-inconsistent-format-argument-type-i-72e813d9.patch patches.suse/scsi-qla2xxx-Fix-inconsistent-format-argument-type-i.patch patches.suse/scsi-qla2xxx-Fix-memory-size-truncation.patch patches.suse/scsi-qla2xxx-Fix-point-to-point-N2N-device-discovery.patch patches.suse/scsi-qla2xxx-Fix-reset-of-MPI-firmware.patch patches.suse/scsi-qla2xxx-Fix-the-return-value.patch patches.suse/scsi-qla2xxx-Fix-the-size-used-in-a-dma_free_coheren.patch patches.suse/scsi-qla2xxx-Fix-wrong-return-value-in-qla_nvme_regi.patch patches.suse/scsi-qla2xxx-Fix-wrong-return-value-in-qlt_chk_unres.patch patches.suse/scsi-qla2xxx-Honor-status-qualifier-in-FCP_RSP-per-s.patch patches.suse/scsi-qla2xxx-Log-calling-function-name-in-qla2x00_ge.patch patches.suse/scsi-qla2xxx-Make-tgt_port_database-available-in-ini.patch patches.suse/scsi-qla2xxx-Performance-tweak.patch patches.suse/scsi-qla2xxx-Reduce-duplicate-code-in-reporting-spee.patch patches.suse/scsi-qla2xxx-Remove-pci-dma-compat-wrapper-API.patch patches.suse/scsi-qla2xxx-Remove-redundant-variable-initializatio.patch patches.suse/scsi-qla2xxx-Remove-superfluous-memset.patch patches.suse/scsi-qla2xxx-Remove-unneeded-variable-rval.patch patches.suse/scsi-qla2xxx-Setup-debugfs-entries-for-remote-ports.patch patches.suse/scsi-qla2xxx-Simplify-return-value-logic-in-qla2x00_.patch patches.suse/scsi-qla2xxx-Update-version-to-10.02.00.102-k.patch patches.suse/scsi-qla2xxx-Update-version-to-10.02.00.103-k.patch patches.suse/scsi-qla2xxx-Warn-if-done-or-free-are-called-on-an-a.patch patches.suse/scsi-smartpqi-add-id-support-for-smartraid-3152-8i.patch patches.suse/scsi-smartpqi-add-raid-bypass-counter.patch patches.suse/scsi-smartpqi-avoid-crashing-kernel-for-controller-issues.patch patches.suse/scsi-smartpqi-bump-version-to-1-2-16-010.patch patches.suse/scsi-smartpqi-identify-physical-devices-without-issuing-inquiry.patch patches.suse/scsi-smartpqi-support-device-deletion-via-sysfs.patch patches.suse/scsi-smartpqi-update-logical-volume-size-after-expansion.patch No effect on expanded tree. - commit cd0c079 - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/Bluetooth-A2MP-Fix-not-initializing-all-members.patch patches.suse/Bluetooth-L2CAP-Fix-calling-sk_filter-on-non-socket-.patch - commit a607d96 - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1176907). - commit 4f3bd2e - kABI workaround for bluetooth l2cap_ops filter addition (CVE-2020-12351 bsc#1177724). - commit 7c053a8 - Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (CVE-2020-12351 bsc#1177724). - commit f0ba0e3 - Update the patch reference for bluetooth security fix (CVE-2020-24490 bsc#1177726) - commit 2a88ef6 - Move upstreamed intel-vbtn patch into sorted section - commit cf1a58d - Bluetooth: A2MP: Fix not initializing all members (CVE-2020-12352 bsc#1177725). - commit 099cb6b ++++ pam: - /usr/bin/xauth chokes on the old user's $HOME being on an NFS file system. Run /usr/bin/xauth using the old user's uid/gid Patch courtesy of Dr. Werner Fink. [bsc#1174593, pam-xauth_ownership.patch] ------------------------------------------------------------------ ------------------ 2020-10-14 - Oct 14 2020 ------------------- ------------------------------------------------------------------ ++++ container-selinux: - Update to version 2.145.0 - Add support for kubernetes_file_t - Allow container_t to open existing tun/tap ++++ grub2: - Fix https boot interrupted by unrecognised network address error message (bsc#1172952) * modified 0001-add-support-for-UEFI-network-protocols.patch ++++ kernel-default: - mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692). - commit 8972663 - fix patches metadata - fix Patch-mainline: patches.suse/NFS-Don-t-move-layouts-to-plh_return_segs-list-while.patch patches.suse/NFS-Don-t-return-layout-segments-that-are-in-use.patch patches.suse/NFS-Fix-flexfiles-read-failover.patch patches.suse/NFSv4.2-fix-client-s-attribute-cache-management-for-.patch patches.suse/SUNRPC-Revert-241b1f419f0e-SUNRPC-Remove-xdr_buf_tri.patch patches.suse/nfs-ensure-correct-writeback-errors-are-returned-on-.patch patches.suse/nfs-nfs_file_write-should-check-for-writeback-errors.patch patches.suse/nfsd4-fix-NULL-dereference-in-nfsd-clients-display-c.patch patches.suse/pNFS-flexfiles-Ensure-we-initialise-the-mirror-bsize.patch patches.suse/svcrdma-Fix-page-leak-in-svc_rdma_recv_read_chunk.patch patches.suse/xprtrdma-fix-incorrect-header-size-calculations.patch - commit 90be310 - series.conf: cleanup - rename Other drivers / Intel IOMMU subsection to IOMMU - whitespace cleanup - commit 263c1bd - series.conf: cleanup - fix Patch-mainline and move to "almost mainline" section: patches.suse/qla2xxx-return-ebusy-on-fcport-deletion.patch - create Storage / NVMe subsection - move to Storage / NVMe: patches.suse/Revert-nvme-allow-64-bit-results-in-passthru-command.patch patches.suse/nvme-multipath-retry-commands-for-dying-queues.patch - drop Storage / bsc#1171688 subsection No effect on expanded tree. - commit 1b55020 - mm, slab/slub: move and improve cache_from_obj() (mm/slub bsc#1165692). mm, slab/slub: improve error reporting and overhead of cache_from_obj() (mm/slub bsc#1165692). Squashed to prevent build error after first patch. - commit ed35ad2 - mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692). - commit 95cf5cc - mm, slub: introduce kmem_cache_debug_flags() (mm/slub bsc#1165692). - commit 4f68bb2 - mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692). - commit 592afaf - mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692). - commit 749a7fc - mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692). - commit 0a2f646 - mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692). - commit d6227f6 - blacklist.conf: a87425a36fb2 mm, memcg: fix build error around the usage of kmem_caches - commit b5fde68 - btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687). - commit d17c6ed - btrfs: do not set the full sync flag on the inode during page release (bsc#1177687). - commit 8954d4a - btrfs: release old extent maps during page release (bsc#1177687). - commit c79f281 - btrfs: fix race between page release and a fast fsync (bsc#1177687). - commit 2893955 - patches.suse/rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch: (fate#318836, bsc#1177090). - patches.suse/libceph-add-support-for-CMPEXT-compare-extent-reques.patch: (fate#318836, bsc#1177090). - patches.suse/rbd-add-rbd_img_fill_cmp_and_write_from_bvecs.patch: (bsc#1177090). - patches.suse/target-rbd-add-WRITE-SAME-support.patch: (bsc#1177090). - patches.suse/target-rbd-fix-unmap-handling-with-unmap_zeroes_data.patch: (bsc#1177271). - patches.suse/target-rbd-fix-unmap-discard-block-size-conversion.patch: (bsc#1177271). - patches.suse/target-rbd-conditionally-fix-off-by-one-bug-in-get_b.patch: (bsc#1177109). - patches.suse/target-rbd-add-emulate_legacy_capacity-dev-attribute.patch: (bsc#1177109). - commit 613f6b5 - btrfs: reduce contention on log trees when logging checksums (bsc#1177687). - commit 449441e - mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692). - commit 3730c96 - btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687). - commit aa9b267 - mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692). - commit db5b44a - btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687). - commit 0fccfec - mm: call cond_resched() from deferred_init_memmap() (git fixes (mm/init), bsc#1177697). - commit 30c0b50 - mm: initialize deferred pages with interrupts enabled (git fixes (mm/init), bsc#1177697). - commit ea99f65 - mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697). - commit 3c12134 - btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687). - commit 6999ba9 - btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687). - commit 7ac015a - arm64: Enable PCI write-combine resources under sysfs (bsc#1175807). - commit 97c0c04 - mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() (bsc#1177694). - commit a848eca - mm: move_pages: return valid node id in status if the page is already on the target node (git fixes (mm/move_pages), bsc#1177683). - commit e8cf54d - mm: move_pages: report the number of non-attempted pages (git fixes (mm/move_pages), bsc#1177683). - commit e140195 - mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683). - commit 32c9cae - ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 (git-fixes). - hwmon: (mlxreg-fan) Fix double "Mellanox" (git-fixes). - hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} (git-fixes). - pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB (git-fixes). - spi: omap2-mcspi: Improve performance waiting for CHSTAT (git-fixes). - spi: dw-pci: free previously allocated IRQs if desc->setup() fails (git-fixes). - spi: sprd: Release DMA channel also on probe deferral (git-fixes). - regulator: resolve supply after creating regulator (git-fixes). - media: usbtv: Fix refcounting mixup (git-fixes). - media: ti-vpe: Fix a missing check and reference count leak (git-fixes). - media: stm32-dcmi: Fix a reference count leak (git-fixes). - media: s5p-mfc: Fix a reference count leak (git-fixes). - media: camss: Fix a reference count leak (git-fixes). - media: platform: fcp: Fix a reference count leak (git-fixes). - media: rockchip/rga: Fix a reference count leak (git-fixes). - media: rcar-vin: Fix a reference count leak (git-fixes). - media: tc358743: cleanup tc358743_cec_isr (git-fixes). - media: tc358743: initialize variable (git-fixes). - media: mx2_emmaprp: Fix memleak in emmaprp_probe (git-fixes). - media: rcar-csi2: Allocate v4l2_async_subdev dynamically (git-fixes). - media: v4l2-async: Document asd allocation requirements (git-fixes). - media: omap3isp: Fix memleak in isp_probe (git-fixes). - media: staging/intel-ipu3: css: Correctly reset some memory (git-fixes). - media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes). - media: uvcvideo: Set media controller entity functions (git-fixes). - media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes). - media: ov5640: Correct Bit Div register in clock tree diagram (git-fixes). - media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" (git-fixes). - media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes). - mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes). - mmc: sdhci: Add LTR support for some Intel BYT based controllers (git-fixes). - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes). - cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes). - crypto: omap-sham - fix digcnt register handling with export/import (git-fixes). - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes). - crypto: picoxcell - Fix potential race condition bug (git-fixes). - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes). - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes). - crypto: algif_aead - Do not set MAY_BACKLOG on the async path (git-fixes). - crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes). - regulator: axp20x: fix LDO2/4 description (git-fixes). - spi: stm32: Rate-limit the 'Communication suspended' message (git-fixes). - media: rc: do not access device via sysfs after rc_unregister_device() (git-fixes). - media: rc: uevent sysfs file races with rc_unregister_device() (git-fixes). - commit ac3a9ee - mm, compaction: make capture control handling safe wrt interrupts (git fixes (mm/compaction), bsc#1177681). - commit c13fd55 - mm, compaction: fully assume capture is not NULL in compact_zone_order() (git fixes (mm/compaction), bsc#1177681). - commit 5fcf485 - Update patches.suse/target-add-rbd-backend.patch: (fate#318836). (simplify block to byte calculations and use consistent error paths) - commit f576f9b - blacklist.conf: POSIX timers fixup - commit bc6b00f - mm/debug.c: always print flags in dump_page() (git fixes (mm/debug)). - commit 5fed0d2 - blacklist.conf: Add a few of SP3 only fixes. f1565c24b596 powerpc: use the generic dma_ops_bypass mode d02f6b7dab82 powerpc/uaccess: Evaluate macro arguments once, before user access is allowed c44dc6323cd4 powerpc/64s/kuap: Restore AMR in fast_interrupt_return - commit 862373b - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729). - commit 0cddc1e - RDMA/hfi1: Correct an interlock issue for TID RDMA WRITE request (bsc#1175621). - commit 45b1b9d ++++ brltty: - Add coreutils and util-linux to post requires (boo#1177656). ++++ rdma-core: - Move rxe_cfg to libibverbs-utils (bsc#1177699) ++++ mozilla-nspr: - update to version 4.25.1 * The macOS platform code for shared library loading was changed to support macOS 11. If the absolute path parameter given to PR_LoadLibrary begins with either /System/ or /usr/lib/ then no test is performed if the library exists at a file. ++++ patterns-microos: - renamed to patterns-microos ++++ transactional-update: - Version 2.27 - Add support for network systemd-resolvd network connections in t-u environment - Mount /var/lib/ca-certificates read-write to prevent SELinux error - Prevent calling transactional-update from within transactional-update ------------------------------------------------------------------ ------------------ 2020-10-13 - Oct 13 2020 ------------------- ------------------------------------------------------------------ ++++ bcache-tools: - Remove dependence of smartcols bcache-tools.spec, bcache-tools code doesn't need it now. (jsc#SLE-9807) - Remove 1001-udev-do-not-rely-on-DRIVER-variable.patch because we have 0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch to provide static UUIDs. (jsc#SLE-9807) - bcache-tools: add man page bcache-status.8 (jsc#SLE-9807) 0017-bcache-tools-add-man-page-bcache-status.8.patch - bcache-tools: add bcache-status (jsc#SLE-9807) 0016-bcache-tools-add-bcache-status.patch - bcache-tools: make: permit only one cache device to be specified (jsc#SLE-9807) 0015-bcache-tools-make-permit-only-one-cache-device-to-be.patch - bcache-tools: Remove the dependency on libsmartcols (jsc#SLE-9807) 0014-bcache-tools-Remove-the-dependency-on-libsmartcols.patch - bcache-tools: Export CACHED_UUID and CACHED_LABEL (jsc#SLE-9807) 0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch - bcache-tools: Fix potential coredump issues (jsc#SLE-9807) 0012-bcache-tools-Fix-potential-coredump-issues.patch - bcache-tools: add print_cache_set_supported_feature_sets() in lib.c (jsc#SLE-9807) 0011-bcache-tools-add-print_cache_set_supported_feature_s.patch - bcache-tools: add large_bucket incompat feature (jsc#SLE-9807) 0010-bcache-tools-add-large_bucket-incompat-feature.patch - bcache-tools: upgrade super block versions for feature sets (jsc#SLE-9807) 0009-bcache-tools-upgrade-super-block-versions-for-featur.patch - bcache-tools: define separated super block for in-memory and on-disk format (jsc#SLE-9807) 0008-bcache-tools-define-separated-super-block-for-in-mem.patch - bcache-tools: add to_cache_sb() and to_cache_sb_disk() (jsc#SLE-9807) 0007-bcache-tools-add-to_cache_sb-and-to_cache_sb_disk.patch - bcache-tools: list.h: only define offsetof() when it is undefined (jsc#SLE-9807) 0006-bcache-tools-list.h-only-define-offsetof-when-it-is-.patch - bcache-tools: bitwise.h: more swap bitwise for different CPU endians (jsc#SLE-9807) 0005-bcache-tools-bitwise.h-more-swap-bitwise-for-differe.patch - bcache-tools: add struct cache_sb_disk into bcache.h (jsc#SLE-9807) 0004-bcache-tools-add-struct-cache_sb_disk-into-bcache.h.patch - bcache-tools: convert writeback to writethrough mode for zoned backing device (jsc#SLE-9807) 0003-bcache-tools-convert-writeback-to-writethrough-mode-.patch - bcache-tools: add is_zoned_device() (jsc#SLE-9807) 0002-bcache-tools-add-is_zoned_device.patch - bcache-tools: set zoned size aligned data_offset on backing device for zoned devive (jsc#SLE-9807) 0001-bcache-tools-set-zoned-size-aligned-data_offset-on-b.patch ++++ combustion: - Also stop ignition-mount.service if there's no config ++++ kernel-default: - pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly on read (git-fixes). - commit 80d81a4 - x86/mm: unencrypted non-blocking DMA allocations use coherent pools (bsc#1175898, ECO-2743). - Update config files. - commit 3ded3cd - dma-pool: Fix an uninitialized variable bug in atomic_pool_expand() (bsc#1175898, ECO-2743). - commit c3028f9 - scsi: mptfusion: Don't use GFP_ATOMIC for larger DMA allocations (bsc#1175898, ECO-2743). - commit 4e5bc96 - dma-pool: Only allocate from CMA when in same memory zone (bsc#1175898, ECO-2743). - commit 13beda8 - dma-pool: fix coherent pool allocations for IOMMU mappings (bsc#1175898, ECO-2743). - commit 0786759 - dma-pool: do not allocate pool memory from CMA (bsc#1175898, ECO-2743). - commit 52c7389 - dma-pool: make sure atomic pool suits device (bsc#1175898, ECO-2743). - commit 2d3cf4a - dma-pool: introduce dma_guess_pool() (bsc#1175898, ECO-2743). - commit 077f93b - dma-pool: get rid of dma_in_atomic_pool() (bsc#1175898, ECO-2743). - commit ed85a15 - dma-direct: provide function to check physical memory area validity (bsc#1175898, ECO-2743). - commit 69658a0 - dma-mapping: warn when coherent pool is depleted (bsc#1175898, ECO-2743). - commit b21257b - dma-mapping: DMA_COHERENT_POOL should select GENERIC_ALLOCATOR (bsc#1175898, ECO-2743). - commit 0d0760a - dma-direct: add missing set_memory_decrypted() for coherent mapping (bsc#1175898, ECO-2743). - commit 15a3e46 - dma-direct: check return value when encrypting or decrypting memory (bsc#1175898, ECO-2743). - commit 7c6f515 - dma-direct: re-encrypt memory if dma_direct_alloc_pages() fails (bsc#1175898, ECO-2743). - commit 671af96 - dma-direct: always align allocation size in dma_direct_alloc_pages() (bsc#1175898, ECO-2743). - commit 9262343 - dma-pool: decouple DMA_REMAP from DMA_COHERENT_POOL (bsc#1175898, ECO-2743). - refresh config files (reorder only) - commit 6f0618d - dma-pool: fix too large DMA pools on medium memory size systems (bsc#1175898, ECO-2743). - commit ad5deb3 - dma-pool: scale the default DMA coherent pool size with memory capacity (bsc#1175898, ECO-2743). - commit 3ad55af - dma-pool: add pool sizes to debugfs (bsc#1175898, ECO-2743). - commit 5711a8a - dma-direct: atomic allocations must come from atomic coherent pools (bsc#1175898, ECO-2743). - commit 4155def - dma-pool: dynamically expanding atomic pools (bsc#1175898, ECO-2743). - commit 2ab8c98 - dma-pool: add additional coherent pools to map to gfp mask (bsc#1175898, ECO-2743). - commit 9e21a34 - dma-remap: separate DMA atomic pools from direct remap code (bsc#1175898, ECO-2743). - Update config files. - commit 4b9b447 - dma-direct: make uncached_kernel_address more general (bsc#1175898, ECO-2743). - commit ca630f5 - dma-direct: consolidate the error handling in dma_direct_alloc_pages (bsc#1175898, ECO-2743). - commit 2102fd9 - dma-mapping: merge the generic remapping helpers into dma-direct (bsc#1175898, ECO-2743). - commit e15d818 - dma-direct: provide mmap and get_sgtable method overrides (bsc#1175898, ECO-2743). - Update config files. - Refresh patches.suse/dma-direct-relax-addressability-checks-in-dma_direct_supported.patch. - commit 4e7185d - dma-direct: remove the dma_handle argument to __dma_direct_alloc_pages (bsc#1175898, ECO-2743). - commit d6d3450 - dma-direct: remove __dma_direct_free_pages (bsc#1175898, ECO-2743). - commit bdd6897 - dma-mapping: always use VM_DMA_COHERENT for generic DMA remap (bsc#1175898, ECO-2743). - commit a8aa6f1 - dma-mapping: add a dma_can_mmap helper (bsc#1175898, ECO-2743). - commit 36bbe32 - dma-mapping: make dma_atomic_pool_init self-contained (bsc#1175898, ECO-2743). - commit fc7b6a3 - dma-mapping: remove arch_dma_mmap_pgprot (bsc#1175898, ECO-2743). - refresh configs (drop ARCH_HAS_DMA_MMAP_PGPROT) - commit 237c20c - Delete patches.suse/sched-fair-update_pick_idlest-Select-group-with-lowest-group_util-when-idle_cpus-are-equal.patch. Bisections indicated that this may be problematic in some cases even though it benefits in others. This is being temporarily reverted until it can be addressed upstream. - commit 759de68 - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400). - commit 6cf371a - kabi/severities: ignore kABI for target_core_rbd Match behaviour for all other Ceph specific modules. - commit 1b6ac49 - ima: extend boot_aggregate with kernel measurements (bsc#1177617). - commit c4cca48 - virtio-net: don't disable guest csum when disable LRO (git-fixes). - commit 45b7a4d - kabi fix for NFS: Fix flexfiles read failover (git-fixes). - commit 4923518 - NFSv4.2: fix client's attribute cache management for copy_file_range (git-fixes). - NFS: Fix flexfiles read failover (git-fixes). - NFS: Don't return layout segments that are in use (git-fixes). - NFS: Don't move layouts to plh_return_segs list while in use (git-fixes). - nfs: nfs_file_write() should check for writeback errors (git-fixes). - nfs: ensure correct writeback errors are returned on close() (git-fixes). - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (git-fixes). - nfsd4: fix NULL dereference in nfsd/clients display code (git-fixes). - xprtrdma: fix incorrect header size calculations (git-fixes). - SUNRPC: Revert 241b1f419f0e ("SUNRPC: Remove xdr_buf_trim()") (git-fixes). - commit 5c55a8f ++++ kernel-default-base: - Create the list of crypto modules dynamically, supersedes hardcoded list of crc32 implementations (boo#1177577) ++++ python3-core: - Handful of changes to make python36 compatible with SLE15 and SLE12 (jsc#ECO-2799, jsc#SLE-13738) - Rebase bpo23395-PyErr_SetInterrupt-signal.patch ++++ libvirt: - Fix 'make check' with all downstream patches applied. Some patches touch config files and needed the corresponding augeaus test files updated. Updated patches: b196f8fc-CVE-2020-15708-doc.patch, suse-libvirtd-disable-tls.patch, suse-qemu-conf.patch, suse-ovmf-paths.patch, suse-libxl-disable-autoballoon.patch boo#1175574 ++++ nvme-cli: - fabrics: write reconnect_delay to fabrics device on connect (bsc#1172111) * add 0006-fabrics-write-reconnect_delay-to-fabrics-device-on-c.patch ++++ python3: - Handful of changes to make python36 compatible with SLE15 and SLE12 (jsc#ECO-2799, jsc#SLE-13738) - Rebase bpo23395-PyErr_SetInterrupt-signal.patch ++++ systemd-default-settings: - Import 0.2 cc4e951 timesyncd: add default ntp servers for SUSE and openSUSE distros ------------------------------------------------------------------ ------------------ 2020-10-12 - Oct 12 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Update lvm2.spec file (bsc#1174336) - enable lvmlockd remote refresh using libdlmcontrol - update libdlm dependency relationship ++++ kernel-default: - i2c: owl: Clear NACK and BUS error bits (git-fixes). - i2c: meson: fixup rate calculation with filter delay (git-fixes). - i2c: meson: fix clock setting overwrite (git-fixes). - mmc: core: don't set limits.discard_granularity as 0 (git-fixes). - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes). - r8169: fix data corruption issue on RTL8402 (bsc#1174098). - i2c: cpm: Fix i2c_ram structure (git-fixes). - commit c1d4f9c - qla2xxx: Return EBUSY on fcport deletion (bsc#1171688). - commit a63944e - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add SLER and PI control support (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Performance tweak (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix memory size truncation (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1171688 bsc#1174003). - commit 4dbce29 ++++ lvm2: - Update lvm2.spec file (bsc#1174336) - enable lvmlockd remote refresh using libdlmcontrol - update libdlm dependency relationship ++++ systemd: - Make systemd-mini-container conflict with systemd-mini-container-mini systemd-mini-container-mini was the old name used by older versions. ++++ systemd-default-settings: - Introduce "upstream" branding sub-package Installing this branding sub-package is supposed to restore upstream defaults by uninstalling all custom drop-ins installed by other branding sub-packages. ------------------------------------------------------------------ ------------------ 2020-10-11 - Oct 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update patches.suse/nfs-Fix-getxattr-kernel-panic-and-memory-overflow.patch (bsc#1176381 CVE-2020-25212). - Update patches.suse/nfs-Fix-security-label-length-not-being-reset.patch (bsc#1176381 CVE-2020-25212). Fix CVE number - commit 73b5ecf ++++ mdadm: - Update to latest mdadm which is requested by jsc#SLE-13700 from partners. Mostly the purpose is for latest Intel IMSM raid support, while some other fixes are important too. - imsm: Correct minimal device size (jsc#SLE-13700) 0073-imsm-Correct-minimal-device-size.patch - Detail: show correct bitmap info for cluster raid device (jsc#SLE-13700) 0074-Detail-show-correct-bitmap-info-for-cluster-raid-dev.patch - imsm: support the Array Creation Time field in metadata (jsc#SLE-13700) 0075-imsm-support-the-Array-Creation-Time-field-in-metada.patch - imsm: show Subarray and Volume ID in --examine output (jsc#SLE-13700) 0076-imsm-show-Subarray-and-Volume-ID-in-examine-output.patch - udev: Ignore change event for imsm (jsc#SLE-13700) 0077-udev-Ignore-change-event-for-imsm.patch - Manage, imsm: Write metadata before add (jsc#SLE-13700) 0078-Manage-imsm-Write-metadata-before-add.patch - Assemble: print error message if mdadm fails assembling with --uuid option (jsc#SLE-13700) 0079-Assemble-print-error-message-if-mdadm-fails-assembli.patch - clean up meaning of small typo (jsc#SLE-13700) 0080-clean-up-meaning-of-small-typo.patch - Assemble.c: respect force flag (jsc#SLE-13700) 0081-Assemble.c-respect-force-flag.patch - mdcheck: Log when done (jsc#SLE-13700) 0082-mdcheck-Log-when-done.patch - Makefile: add EXTRAVERSION support (jsc#SLE-13700) 0083-Makefile-add-EXTRAVERSION-support.patch - uuid.c: split uuid stuffs from util.c (jsc#SLE-13700) 0084-uuid.c-split-uuid-stuffs-from-util.c.patch - Include count for \0 character when using strncpy to implement strdup. (jsc#SLE-13700) 0085-Include-count-for-0-character-when-using-strncpy-to-.patch - restripe: fix ignoring return value of read and lseek (jsc#SLE-13700) 0086-restripe-fix-ignoring-return-value-of-read-and-lseek.patch - Block overwriting existing links while manual assembly (jsc#SLE-13700) 0087-Block-overwriting-existing-links-while-manual-assemb.patch - Detect too-small device: error rather than underflow/crash (jsc#SLE-13700) 0088-Detect-too-small-device-error-rather-than-underflow-.patch - Use more secure HTTPS URLs (jsc#SLE-13700) 0089-Use-more-secure-HTTPS-URLs.patch - Update link to Intel page for IMSM (jsc#SLE-13700) 0090-Update-link-to-Intel-page-for-IMSM.patch - mdadm/Grow: prevent md's fd from being occupied during delayed time (jsc#SLE-13700) 0091-mdadm-Grow-prevent-md-s-fd-from-being-occupied-durin.patch - Specify nodes number when updating cluster nodes (jsc#SLE-13700) 0092-Specify-nodes-number-when-updating-cluster-nodes.patch - mdadm/md.4: update path to in-kernel-tree documentation (jsc#SLE-13700) 0093-mdadm-md.4-update-path-to-in-kernel-tree-documentati.patch - manual: update --examine-badblocks (jsc#SLE-13700) 0094-manual-update-examine-badblocks.patch ------------------------------------------------------------------ ------------------ 2020-10-9 - Oct 9 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: block-group: fix free-space bitmap threshold (bsc#1176019). - commit c27162b - btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019). - commit db60a0b - btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019). - commit 9efb8a2 - btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019). - commit d291964 - btrfs: rename member 'trimming' of block group to a more generic name (bsc#1176019). - commit 23a7d0c - Disable CONFIG_LIVEPATCH_IPA_CLONES where not needed Explicitly disable CONFIG_LIVEPATCH_IPA_CLONES in configs where it is not needed to avoid confusion and unwanted values due to fragment config files. - commit 16f2ac3 - btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019). - commit 71bd813 - btrfs: block-group: rename write_one_cache_group() (bsc#1176019). - commit 24a6cec - btrfs: block-group: refactor how we insert a block group item (bsc#1176019). - commit 1cecb46 - btrfs: block-group: refactor how we delete one block group item (bsc#1176019). - Refresh patches.suse/btrfs-fix-a-block-group-ref-counter-leak-after-failu.patch. - Refresh patches.suse/btrfs-fix-race-between-block-group-removal-and-block.patch. - commit 1825f40 - btrfs: block-group: refactor how we read one block group item (bsc#1176019). - commit 91ae416 - btrfs: block-group: don't set the wrong READA flag for btrfs_read_block_groups() (bsc#1176019). - commit 6be354e - geneve: add transport ports in route lookup for geneve (CVE-2020-25645 bsc#1177511). - commit 7ab9b46 ++++ python3-core: - Fix build with RPM 4.16: error: bare words are no longer supported, please use "...": x86 == ppc. - Fix installing .desktop file ++++ patterns-microos: - include plymouth in the pattern ++++ python3: - Fix build with RPM 4.16: error: bare words are no longer supported, please use "...": x86 == ppc. - Fix installing .desktop file ------------------------------------------------------------------ ------------------ 2020-10-8 - Oct 8 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kernel-binary.spec.in: Exclude .config.old from kernel-devel - use tar excludes for .kernel-binary.spec.buildenv - commit 939a79b - vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn (bsc#1176979). - commit 3f68ac6 - s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979). - commit 1afc493 - PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979). - commit 36a2c27 - blacklist.conf: Realtek DHC Arm SoCs not supported in SLE or Leap In v5.3, Realtek Digital Home Center RTD129x and later chipsets are still lacking irqchip, clk and any other drivers to actually load a rootfs from. - commit 2d5007a - vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes). - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532). - clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes). - spi: fsl-espi: Only process interrupts for expected events (git-fixes). - mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes). - commit 76e08ef - fix patch metadata - fix Patch-mainline: patches.suse/i2c-i801-exclude-device-from-suspend-direct-complete.patch - commit 9fbf63b ++++ util-linux: - Build with libudev support to support non-root users (boo#1169006). ++++ openssl-1_1: - Restore private key check in EC_KEY_check_key [bsc#1177479] * Update openssl-DH.patch ++++ libvirt: - CVE-2020-15708: Add a note to libvirtd.conf about polkit auth in SUSE distros b196f8fc-CVE-2020-15708-doc.patch bsc#1174955 - CVE-2020-25637: qemu: agent: set ifname to NULL after freeing 955029bd-CVE-2020-25637.patch, 50864dcd-CVE-2020-25637.patch, e4116eaa-CVE-2020-25637.patch, a63b48c5-CVE-2020-25637.patch bsc#1177155 ++++ timezone: - timezone update 2020b (bsc#1177460) * Revised predictions for Morocco's changes starting in 2023. * Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08. * Macquarie Island has stayed in sync with Tasmania since 2011. * Casey, Antarctica is at +08 in winter and +11 in summer. * zic no longer supports -y, nor the TYPE field of Rules. - Rebased timezone-2018f-bsc1112310.patch ++++ util-linux-systemd: - Build with libudev support to support non-root users (boo#1169006). ------------------------------------------------------------------ ------------------ 2020-10-7 - Oct 7 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kernel-binary.spec.in: Package the obj_install_dir as explicit filelist. - commit 5587762 - i2c: i801: Exclude device from suspend direct complete optimization (git-fixes). - commit cbf8a71 - drm/radeon: revert "Prefer lower feedback dividers" (bsc#1177384). - commit 502170c - Update kabi files. - update to resubmitted October 2020 maintenance update (commit a291df1060d0) - commit 04003b7 - fix patch metadata - fix Patch-mainline: patches.suse/nfs-Fix-security-label-length-not-being-reset.patch - commit ae3a19b ++++ libzypp: - Bump version to force rebuild against a fixed libsolv. (bsc#1177238, bsc#1177275) - version 17.25.2 (22) ------------------------------------------------------------------ ------------------ 2020-10-6 - Oct 6 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Implement support for systems without transactional-update - Require rmdir explicitly ++++ kernel-default: - nfs: Fix security label length not being reset (bsc#1176381). - commit c73c639 - Refresh intel-vbtn patch from the upstream patch - commit c3bd737 - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes). - platform/x86: intel_pmc_core: do not create a static struct device (git-fixes). - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes). - platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes). - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes). - Platform: OLPC: Fix memleak in olpc_ec_probe (git-fixes). - net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes). - commit b64083a - Rename scsi-fnic-do-not-call-scsi_done-for-unhandled-commands.patch Fix typo in patch file name. - commit 82b5d08 - Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675). - commit f530d7c ++++ systemd-default-settings: - Initial revision ++++ wpa_supplicant: - Add wpa_supplicant-p2p_iname_size.diff -- Limit P2P_DEVICE name to appropriate ifname size (https://patchwork.ozlabs.org/project/hostap/patch/20200825062902.124600-1-benjamin@sipsolutions.net/) ------------------------------------------------------------------ ------------------ 2020-10-5 - Oct 5 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Fail properly when the retval file doesn't exist - Stop ignition-mount.service to avoid conflict (boo#1176746) ++++ kernel-default: - Update config files. Enable ACPI_PCI_SLOT and HOTPLUG_PCI_ACPI (bsc#1177194). - commit bc319f1 - platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting (bsc#1175599). - commit 677b36d - ftrace: Move RCU is watching check after recursion check (git-fixes). - commit 3837051 - iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297). - commit d4ca096 - iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284). - Refresh patches.suse/iommu-amd-restore-irte-remapen-bit-after-programming-irte. - commit 9de73d9 - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177286). - iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177285). - iommu/amd: Fix potential @entry null deref (bsc#1177283). - commit 7766a97 - xen/events: don't use chip_data for legacy IRQs (bsc#1065600). - commit 1009a6a - phy: ti: am654: Fix a leak in serdes_am654_probe() (git-fixes). - commit 91925ce - USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes). - commit 62e667f - Input: trackpoint - enable Synaptics trackpoints (git-fixes). - commit e02fa5e - pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes). - commit 9356b76 - iio: adc: qcom-spmi-adc5: fix driver name (git-fixes). - commit f78905d - gpio: mockup: fix resource leak in error path (git-fixes). - commit bdd2ea9 - gpio: siox: explicitly support only threaded irqs (git-fixes). - commit 57c8150 - gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes). - commit bcd4186 - gpio: sprd: Clear interrupt when setting the type as edge (git-fixes). - commit 3f5c502 - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes). - commit ca933ab - clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk (git-fixes). - commit f3d75fd - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes). - commit e344453 - clk: tegra: Always program PLL_E when enabled (git-fixes). - commit bbc21a4 ++++ kernel-default-base: - Add cifs ++++ libsolv: - make testcase_mangle_repo_names deal correctly with freed repos [bnc#1177238] ++++ spice: - Fix buffer overflow vulnerabilities in QUIC image decoding (CVE-2020-14355 bsc#1177158) 0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch 0002-quic-Check-image-size-in-quic_decode_begin.patch 0003-quic-Check-RLE-lengths.patch 0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch ------------------------------------------------------------------ ------------------ 2020-10-4 - Oct 4 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258). - commit ea50f56 ------------------------------------------------------------------ ------------------ 2020-10-3 - Oct 3 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)). - commit a9a7020 - clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes). - hwmon: (applesmc) check status earlier (git-fixes). - 9p: Fix memory leak in v9fs_mount (git-fixes). - yam: fix possible memory leak in yam_init_driver (git-fixes). - airo: Fix read overflows sending packets (git-fixes). - clk/ti/adpll: allocate room for terminating null (git-fixes). - ASoC: kirkwood: fix IRQ error handling (git-fixes). - commit 7091952 ------------------------------------------------------------------ ------------------ 2020-10-2 - Oct 2 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config (git-fixes). - commit cb11410 - mac802154: tx: fix use-after-free (git-fixes). - ieee802154/adf7242: check status of adf7242_read_reg (git-fixes). - ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes). - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() (git-fixes). - i2c: aspeed: Mask IRQ status to relevant bits (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes). - ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions (git-fixes). - ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes). - mac80211: skip mpath lookup also for control port tx (git-fixes). - i2c: tegra: Restore pinmux on system resume (git-fixes). - mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes). - mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes). - power: supply: max17040: Correct voltage reading (git-fixes). - drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes). - staging:r8188eu: avoid skb_clone for amsdu to msdu conversion (git-fixes). - serial: uartps: Wait for tx_empty in console setup (git-fixes). - usb: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes). - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes). - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes). - PCI: tegra: Fix runtime PM imbalance on error (git-fixes). - PCI: tegra194: Fix runtime PM imbalance on error (git-fixes). - gpio: rcar: Fix runtime PM imbalance on error (git-fixes). - ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes). - wlcore: fix runtime pm imbalance in wlcore_regdomain_config (git-fixes). - wlcore: fix runtime pm imbalance in wl1271_tx_work (git-fixes). - e1000: Do not perform reset in reset_task if we are already down (git-fixes). - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes). - thermal: rcar_thermal: Handle probe error gracefully (git-fixes). - rtc: ds1374: fix possible race condition (git-fixes). - rtc: sa1100: fix possible race condition (git-fixes). - bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes). - dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes). - dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all (git-fixes). - dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all (git-fixes). - brcmfmac: Fix double freeing in the fmac usb data path (git-fixes). - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes). - Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes). - Bluetooth: guard against controllers sending zero'd events (git-fixes). - Bluetooth: prefetch channel before killing sock (git-fixes). - Bluetooth: Fix refcount use-after-free issue (git-fixes). - mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw (git-fixes). - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes). - serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes). - serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes). - serial: 8250_port: Don't service RX FIFO if throttled (git-fixes). - i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes). - media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes). - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes). - ACPI: EC: Reference count query handlers under lock (git-fixes). - dmaengine: zynqmp_dma: fix burst length configuration (git-fixes). - mmc: core: Rework wp-gpio handling (git-fixes). - mt76: fix LED link time failure (git-fixes). - PCI: Avoid double hpmemsize MMIO window assignment (git-fixes). - dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails (git-fixes). - mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes). - leds: mlxreg: Fix possible buffer overflow (git-fixes). - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) (git-fixes). - media: smiapp: Fix error handling at NVM reading (git-fixes). - media: mc-device.c: fix memleak in media_device_register_entity (git-fixes). - mt76: add missing locking around ampdu action (git-fixes). - mt76: do not use devm API for led classdev (git-fixes). - ath10k: fix memory leak for tpc_stats_final (git-fixes). - ath10k: fix array out-of-bounds access (git-fixes). - mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() (git-fixes). - commit 6283339 ++++ systemd: - tmpfiles: drop entries importing files from /usr/share/factory (bsc#1170146) ++++ zeromq: - bsc1176256.patch: fix heap overflow when receiving malformed ZMTP v1 packets (bsc#1176256) - bsc1176257.patch: fixes a memory leak in client induced by malicious server(s) without CURVE/ZAP (bsc#1176257) - bsc1176259.patch: fix memory leak when processing PUB messages with metadata (bsc#1176259) - bsc1176258.patch: fix stack overflow in PUB/XPUB subscription store (bsc#1176258) ------------------------------------------------------------------ ------------------ 2020-10-1 - Oct 1 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - locking/rwsem: Disable reader optimistic spinning (bnc#1176588). - cpuidle: Poll for a minimum of 30ns and poll for a tick if lower c-states are disabled (bnc#1176588). - commit 978088f - sched/numa: Avoid creating large imbalances at task creation time (bnc#1176588). - commit aa3fc2a - sched/numa: Check numa balancing information only when enabled (bnc#1176588). - commit 576f70b - btrfs: drop logs when we've aborted a transaction (bsc#1176019). - commit 7345ceb - hdlc_ppp: add range checks in ppp_cp_parse_cr() (CVE-2020-25643 bsc#1177206). - commit 8a998ea - block: allow for_each_bvec to support zero len bvec (CVE-2020-25641 bsc#1177121). - commit d4185c3 - Btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019). - commit 0dbe270 - btrfs: kill the subvol_srcu (bsc#1176019). - commit 0920c6e - btrfs: make btrfs_cleanup_fs_roots use the radix tree lock (bsc#1176019). - commit c45ade0 - btrfs: don't take an extra root ref at allocation time (bsc#1176019). - commit 3454450 - fuse: don't ignore errors from fuse_writepages_fill() (bsc#1177193). - commit 9d94f4c - btrfs: hold a ref on the root on the dead roots list (bsc#1176019). - commit 5e21616 - btrfs: make inodes hold a ref on their roots (bsc#1176019). - commit 4ebbb08 - btrfs: move the root freeing stuff into btrfs_put_root (bsc#1176019). - Refresh patches.suse/btrfs-btrfs-use-the-new-VFS-super_block_dev.patch. - Refresh patches.suse/btrfs-fix-corrupt-log-due-to-concurrent-fsync-of-ino.patch. - commit 9621b6c - Update kabi files. - update to October 2020 maintenance update submission (commit e037a4e18793) - commit 05421e4 - btrfs: free block groups after free'ing fs trees (bsc#1176019). - commit 2c64d7b - btrfs: move ino_cache_inode dropping out of btrfs_free_fs_root (bsc#1176019). - Refresh patches.suse/btrfs-btrfs-use-the-new-VFS-super_block_dev.patch. - commit d9887ec - btrfs: make the extent buffer leak check per fs info (bsc#1176019). - commit 941b4ee ------------------------------------------------------------------ ------------------ 2020-9-30 - Sep 30 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732) - commit 7214bbe - kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979). - commit e374ebb - Drop patches.suse/scsi-qla2xxx-Handle-incorrect-entry_type-entries.patch The patch contains a bug which prevents device discovery. Drop it until we have a proper fix from upstream. - commit d02a6d5 ++++ libproxy: - Add libproxy-CVE-2020-25219.patch: Rewrite url::recvline to be nonrecursive (boo#1176410 CVE-2020-25219). - Add libproxy-fix-pac-buffer-overflow.patch: fix buffer overflow when PAC is enabled (boo#1177143 CVE-2020-26154). ++++ patterns-microos: - do not obsolete the suse-build-key (bsc#1177108) ++++ podman: - Added patch varlink.patch to disable needless varlink code generation. This would cause compile failures in OBS. (https://github.com/containers/podman/pull/7854) - Cleanup %build section a bit and no longer build in GOPATH. This shouldn't be needed anymore. - Path BUILDFLAGS via enviroment variable to allow it being appended to the corresponding Makefile variable instead of completely overriding it. - Install new auto-update system units - Update to v2.1.1 (bsc#1178392): * Changes - The `podman info` command now includes the cgroup manager Podman is using. * API - The REST API now includes a Server header in all responses. - Fixed a bug where the Libpod and Compat Attach endpoints could terminate early, before sending all output from the container. - Fixed a bug where the Compat Create endpoint for containers did not properly handle the Interactive parameter. - Fixed a bug where the Compat Kill endpoint for containers could continue to run after a fatal error. - Fixed a bug where the Limit parameter of the Compat List endpoint for Containers did not properly handle a limit of 0 (returning nothing, instead of all containers) [#7722]. - The Libpod Stats endpoint for containers is being deprecated and will be replaced by a similar endpoint with additional features in a future release. - Changes in v2.1.0 * Features - A new command, `podman image mount`, has been added. This allows for an image to be mounted, read-only, to inspect its contents without creating a container from it [#1433]. - The `podman save` and `podman load` commands can now create and load archives containing multiple images [#2669]. - Rootless Podman now supports all `podman network` commands, and rootless containers can now be joined to networks. - The performance of `podman build` on `ADD` and `COPY` instructions has been greatly improved, especially when a `.dockerignore` is present. - The `podman run` and `podman create` commands now support a new mode for the `--cgroups` option, `--cgroups=split`. Podman will create two cgroups under the cgroup it was launched in, one for the container and one for Conmon. This mode is useful for running Podman in a systemd unit, as it ensures that all processes are retained in systemd's cgroup hierarchy [#6400]. - The `podman run` and `podman create` commands can now specify options to slirp4netns by using the `--network` option as follows: `--net slirp4netns:opt1,opt2`. This allows for, among other things, switching the port forwarder used by slirp4netns away from rootlessport. - The `podman ps` command now features a new option, `--storage`, to show containers from Buildah, CRI-O and other applications. - The `podman run` and `podman create` commands now feature a `--sdnotify` option to control the behavior of systemd's sdnotify with containers, enabling improved support for Podman in `Type=notify` units. - The `podman run` command now features a `--preserve-fds` opton to pass file descriptors from the host into the container [#6458]. - The `podman run` and `podman create` commands can now create overlay volume mounts, by adding the `:O` option to a bind mount (e.g. `-v /test:/test:O`). Overlay volume mounts will mount a directory into a container from the host and allow changes to it, but not write those changes back to the directory on the host. - The `podman play kube` command now supports the Socket HostPath type [#7112]. - The `podman play kube` command now supports read-only mounts. - The `podman play kube` command now supports setting labels on pods from Kubernetes metadata labels. - The `podman play kube` command now supports setting container restart policy [#7656]. - The `podman play kube` command now properly handles `HostAlias` entries. - The `podman generate kube` command now adds entries to `/etc/hosts` from `--host-add` generated YAML as `HostAlias` entries. - The `podman play kube` and `podman generate kube` commands now properly support `shareProcessNamespace` to share the PID namespace in pods. - The `podman volume ls` command now supports the `dangling` filter to identify volumes that are dangling (not attached to any container). - The `podman run` and `podman create` commands now feature a `--umask` option to set the umask of the created container. - The `podman create` and `podman run` commands now feature a `--tz` option to set the timezone within the container [#5128]. - Environment variables for Podman can now be added in the `containers.conf` configuration file. - The `--mount` option of `podman run` and `podman create` now supports a new mount type, `type=devpts`, to add a `devpts` mount to the container. This is useful for containers that want to mount `/dev/` from the host into the container, but still create a terminal. - The `--security-opt` flag to `podman run` and `podman create` now supports a new option, `proc-opts`, to specify options for the container's `/proc` filesystem. - Podman with the `crun` OCI runtime now supports a new option to `podman run` and `podman create`, `--cgroup-conf`, which allows for advanced configuration of cgroups on cgroups v2 systems. - The `podman create` and `podman run` commands now support a `--override-variant` option, to override the architecture variant of the image that will be pulled and ran. - A new global option has been added to Podman, `--runtime-flags`, which allows for setting flags to use when the OCI runtime is called. - The `podman manifest add` command now supports the `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify` options. * Security - This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API. * Changes - Podman will now retry pulling an image 3 times if a pull fails due to network errors. - The `podman exec` command would previously print error messages (e.g. `exec session exited with non-zero exit code - 1`) when the command run exited with a non-0 exit code. It no longer does this. The `podman exec` command will still exit with the same exit code as the command run in the container did. - Error messages when creating a container or pod with a name that is already in use have been improved. - For read-only containers running systemd init, Podman creates a tmpfs filesystem at `/run`. This was previously limited to 65k in size and mounted `noexec`, but is now unlimited size and mounted `exec`. - The `podman system reset` command no longer removes configuration files for rootless Podman. * API - The Libpod API version has been bumped to v2.0.0 due to a breaking change in the Image List API. - Docker-compatible Volume Endpoints (Create, Inspect, List, Remove, Prune) are now available! - Added an endpoint for generating systemd unit files for containers. - The `last` parameter to the Libpod container list endpoint now has an alias, `limit` [#6413]. - The Libpod image list API new returns timestamps in Unix format, as integer, as opposed to as strings - The Compat Inspect endpoint for containers now includes port information in NetworkSettings. - The Compat List endpoint for images now features limited support for the (deprecated) `filter` query parameter [#6797]. - Fixed a bug where the Compat Create endpoint for containers was not correctly handling bind mounts. - Fixed a bug where the Compat Create endpoint for containers would not return a 404 when the requested image was not present. - Fixed a bug where the Compat Create endpoint for containers did not properly handle Entrypoint and Command from images. - Fixed a bug where name history information was not properly added in the Libpod Image List endpoint. - Fixed a bug where the Libpod image search endpoint improperly populated the Description field of responses. - Added a `noTrunc` option to the Libpod image search endpoint. - Fixed a bug where the Pod List API would return null, instead of an empty array, when no pods were present [#7392]. - Fixed a bug where endpoints that hijacked would do perform the hijack too early, before being ready to send and receive data [#7195]. - Fixed a bug where Pod endpoints that can operate on multiple containers at once (e.g. Kill, Pause, Unpause, Stop) would not forward errors from individual containers that failed. - The Compat List endpoint for networks now supports filtering results [#7462]. - Fixed a bug where the Top endpoint for pods would return both a 500 and 404 when run on a non-existant pod. - Fixed a bug where Pull endpoints did not stream progress back to the client. - The Version endpoints (Libpod and Compat) now provide version in a format compatible with Docker. - All non-hijacking responses to API requests should not include headers with the version of the server. - Fixed a bug where Libpod and Compat Events endpoints did not send response headers until the first event occurred [#7263]. - Fixed a bug where the Build endpoints (Compat and Libpod) did not stream progress to the client. - Fixed a bug where the Stats endpoints (Compat and Libpod) did not properly handle clients disconnecting. - Fixed a bug where the Ignore parameter to the Libpod Stop endpoint was not performing properly. - Fixed a bug where the Compat Logs endpoint for containers did not stream its output in the correct format [#7196]. ++++ wicked: - version 0.6.64 - avoid incomplete ifdown/timeout on route deletion error (bsc#1174099) - dhcp4: add DHCLIENT_CREATE_CID to ifcfg (jsc#SLE-15770) - wicked: fixes to ifreload on port changes (bsc#1168155,bsc#1172082) - team: fix schema to use correct hwaddr_policy property (boo#1171234) - team: enable ipv6 on ports when nsna_ping linkwatch is used (bsc#959556) ------------------------------------------------------------------ ------------------ 2020-9-29 - Sep 29 2020 ------------------- ------------------------------------------------------------------ ++++ chrony: - Integrate three upstream patches to fix an infinite loop in chronyc (bsc#1171806). * chrony-select-timeout.patch * chrony-gettimeofday.patch * chrony-urandom.patch ++++ kernel-default: - Delete a doubly applied batman-adv patch - commit edcea1c - Rename patches to the same name as in SLE15-SP3. - commit b538695 - tracing: fix double free (git-fixes). - commit dd7027e - Revert "crypto: chelsio - Inline single pdu only" (git-fixes). - commit 11462e6 - powerpc: Don't flush caches when adding memory (bsc#1176980 ltc#187962). - commit 63612e5 - Fix patch order in sorted section. - commit ca43e45 - RDMA/bnxt_re: Restrict the max_gids to 256 (bsc#1173017). - RDMA/bnxt_re: Fix the qp table indexing (bsc#1173017). - RDMA/bnxt_re: Do not report transparent vlan from QP1 (bsc#1173017). - commit 279a57c - irqdomain/treewide: Free firmware node after domain removal (git-fixes). - commit 2fa0cd5 - irqdomain/treewide: Keep firmware node unconditionally allocated (git-fixes). - commit 7778bc2 - Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes). - Drivers: hv: vmbus: hibernation: do not hang forever in vmbus_bus_resume() (git-fixes). - hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877). - hv_utils: return error if host timesysnc update is stale (bsc#1176877). - Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877). - commit 5ca04fc ++++ util-linux: - lscpu: avoid segfault on PowerPC systems with valid hardware configurations (bsc#1175623, bsc#1178554, bsc#1178825, lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) ++++ util-linux-systemd: - lscpu: avoid segfault on PowerPC systems with valid hardware configurations (bsc#1175623, bsc#1178554, bsc#1178825, lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) ------------------------------------------------------------------ ------------------ 2020-9-28 - Sep 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Bluetooth: btrtl: Add support for RTL8761B (bsc#1177021). - commit 6c51917 - net: sched: initialize with 0 before setting erspan md->u (bsc#1154353). - debugfs: Fix module state check condition (bsc#1173746). - RDMA/siw: Suppress uninitialized var warning (jsc#SLE-8381). - commit 97c7a55 ++++ microos-tools: - Update to version 2.5 - tmp.conf now part of filesystem package for Factory - Include tmp.conf for SUSE MicroOS ------------------------------------------------------------------ ------------------ 2020-9-26 - Sep 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - s390/maccess: add no DAT mode to kernel_write (bsc#1176449). - commit 8fd068b - s390: Change s390_kernel_write() return type to match memcpy() (bsc#1176449). Prerequisite for bsc#1176449. - commit 3f17b43 ++++ transactional-update: - Version 2.26 - Fix broken sync for second snapshot [boo#1176989] - Add new options to allow separate cleanup of snapshots and overlays - Check for existence of inotifywait before using it - Check that mount options don't exceed maximum length ------------------------------------------------------------------ ------------------ 2020-9-25 - Sep 25 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Improve the error handling when grub2-install fails with short mbr gap (bsc#1176062) * 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch * 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch ++++ kernel-default: - Update patch reference for NFC security fix (CVE-2020-26088 bsc#1176990) - commit 7eec5ca - powerpc/kernel: Enables memory hot-remove after reboot on pseries guests (bsc#1177030 ltc#187588). - powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#1177030 ltc#187588). - commit 9885202 - scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#188304). - scsi: ibmvfc: Use compiler attribute defines instead of __attribute__() (bsc#1176962 ltc#188304). - commit 2f6bf7f ++++ python3-core: - Buildrequire timezone only for general flavor. It's used in this flavor for the test suite. ++++ libzypp: - Fix bsc#1176902: When kernel-rt has been installed, the purge-kernels service fails during boot. - Use package name provides as group key in purge-kernel (bsc#1176740 bsc#1176192) kernel-default-base has new packaging, where the kernel uname -r does not reflect the full package version anymore. This patch adds additional logic to use the most generic/shortest edition each package provides with %{packagename}= to group the kernel packages instead of the rpm versions. This also changes how the keep-spec for specific versions is applied, instead of matching the package versions, each of the package name provides will be matched. - version 17.25.1 (22) ++++ openssh: - Add openssh-8.1p1-ed25519-use-openssl-rng.patch (bsc#1173799). This uses OpenSSL's RAND_bytes() directly instead of the internal ChaCha20-based implementation to obtain random bytes for Ed25519 curve computations. This is required for FIPS compliance. ++++ python3: - Buildrequire timezone only for general flavor. It's used in this flavor for the test suite. ++++ zypper: - info: Assume descriptions starting with '

' are richtext (bsc#935885) - version 1.14.40 ------------------------------------------------------------------ ------------------ 2020-9-24 - Sep 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "ALSA: usb-audio: Disable Lenovo P620 Rear line-in volume control" (git-fixes). - Revert "ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO" (git-fixes). - ALSA: usb-audio: Add delay quirk for H570e USB headsets (git-fixes). - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 (git-fixes). - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged (git-fixes). - ALSA: asihpi: fix iounmap in error handler (git-fixes). - commit 392c032 - btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1176019). - commit 070656a - btrfs: hold a ref on the root->reloc_root (bsc#1176019). - commit cfada4f - btrfs: clear DEAD_RELOC_TREE before dropping the reloc root (bsc#1176019). - commit 3414f3d - btrfs: Remove block_rsv parameter from btrfs_drop_snapshot (bsc#1176019). - commit 0eab798 - btrfs: free the reloc_control in a consistent way (bsc#1176019). - commit 7857718 - btrfs: fix setting last_trans for reloc roots (bsc#1176019). - commit fe4b564 - btrfs: do not init a reloc root if we aren't relocating (bsc#1176019). - commit c5afb94 - x86, sched: Bail out of frequency invariance if turbo_freq/base_freq gives 0 (bsc#1176925). - commit a66109f - btrfs: reloc: clean dirty subvols if we fail to start a transaction (bsc#1176019). - btrfs: unset reloc control if we fail to recover (bsc#1176019). - commit 30d2800 - x86, sched: Bail out of frequency invariance if turbo frequency is unknown (bsc#1176925). - commit 53cd83a - x86, sched: check for counters overflow in frequency invariant accounting (bsc#1176925). - commit 863fd4c - btrfs: drop block from cache on error in relocation (bsc#1176019). - commit 40126ae - ALSA: hda/realtek - The Mic on a RedmiBook doesn't work (git-fixes). - ALSA: hda: fixup headset for ASUS GX502 laptop (git-fixes). - commit e989675 - batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh (git-fixes). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook (git-fixes). - serial: 8250_pci: Add Realtek 816a and 816b (git-fixes). - Input: trackpoint - add new trackpoint variant IDs (git-fixes). - Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists (git-fixes). - i2c: i801: Fix resume bug (git-fixes). - i2c: algo: pca: Reapply i2c bus settings after reset (git-fixes). - spi: Fix memory leak on splited transfers (git-fixes). - spi: spi-loopback-test: Fix out-of-bounds read (git-fixes). - regulator: pwm: Fix machine constraints application (git-fixes). - commit 1a5ffc9 - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh (git-fixes). - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN (git-fixes). - batman-adv: Add missing include for in_interrupt() (git-fixes). - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes). - batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes). - USB: UAS: fix disconnect by unplugging a hub (git-fixes). - usb: typec: ucsi: Prevent mode overrun (git-fixes). - i2c: mxs: use MXS_DMA_CTRL_WAIT4END instead of DMA_CTRL_ACK (git-fixes). - commit b4b4983 - ASoC: meson: axg-toddr: fix channel order on g12 platforms (git-fixes). - ASoC: qcom: common: Fix refcount imbalance on error (git-fixes). - ASoC: qcom: Set card->owner to avoid warnings (git-fixes). - USB: serial: option: support dynamic Quectel USB compositions (git-fixes). - dmaengine: acpi: Put the CSRT table after using it (git-fixes). - NFC: st95hf: Fix memleak in st95hf_in_send_cmd (git-fixes). - HID: elan: Fix memleak in elan_input_configured (git-fixes). - HID: microsoft: Add rumble support for the 8bitdo SN30 Pro+ controller (git-fixes). - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices (git-fixes). - HID: quirks: Always poll three more Lenovo PixArt mice (git-fixes). - commit a978a29 - clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes). - clk: davinci: Use the correct size when allocating memory (git-fixes). - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules (git-fixes). - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes). - usb: Fix out of sync data toggle if a configured device is reconfigured (git-fixes). - iio: adc: mcp3422: fix locking on error path (git-fixes). - iio: adc: mcp3422: fix locking scope (git-fixes). - iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes). - debugfs: Fix module state check condition (git-fixes). - iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw() (git-fixes). - commit c8304fa - usb: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes). - usb: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes). - iio:adc:ina2xx Fix timestamp alignment issue (git-fixes). - iio:adc:ti-adc084s021 Fix alignment and data leak issues (git-fixes). - iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes). - iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes). - iio:light:ltr501 Fix timestamp alignment issue (git-fixes). - iio:light:max44000 Fix timestamp alignment and prevent data leak (git-fixes). - iio:chemical:ccs811: Fix timestamp alignment and prevent data leak (git-fixes). - iio:proximity:mb1232: Fix timestamp alignment and prevent data leak (git-fixes). - iio:accel:mma7455: Fix timestamp alignment and prevent data leak (git-fixes). - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak (git-fixes). - iio:accel:mma8452: Fix timestamp alignment and prevent data leak (git-fixes). - iio: accel: kxsd9: Fix alignment of local buffer (git-fixes). - iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes). - soundwire: fix double free of dangling pointer (git-fixes). - spi: stm32: fix pm_runtime_get_sync() error checking (git-fixes). - regulator: core: Fix slab-out-of-bounds in regulator_unlock_recursive() (git-fixes). - regulator: remove superfluous lock in regulator_resolve_coupling() (git-fixes). - regulator: plug of_node leak in regulator_register()'s error path (git-fixes). - regulator: push allocation in set_consumer_device_supply() out of lock (git-fixes). - regulator: push allocations in create_regulator() outside of lock (git-fixes). - regulator: push allocation in regulator_ena_gpio_request() out of lock (git-fixes). - regulator: push allocation in regulator_init_coupling() outside of lock (git-fixes). - mmc: sdio: Use mmc_pre_req() / mmc_post_req() (git-fixes). - mmc: sdhci-of-esdhc: Don't walk device-tree on every interrupt (git-fixes). - mmc: sdhci-msm: Add retries when all tuning phases are found valid (git-fixes). - mmc: sdhci-acpi: Clear amd_sdhci_host on reset (git-fixes). - commit 3591d68 - bpf: Fix a rcu warning for bpffs map pretty-print (bsc#1155518). - bpf: map_seq_next should always increase position index (bsc#1155518). - commit e39f9d2 - arm64: paravirt: Initialize steal time when cpu is online (bsc#1176833). - Drop patches.kabi/kabi-workaround-for-enum-cpuhp_state.patch (Variable in enum cpuhp_state is no longer needed) - commit 5b9b111 ++++ procps: - Replace patch procps-ng-3.3.16-comm_len.patch with upstream commitment patch procps-ng-3e1c00d0.patch (bsc#1158830) ++++ libvirt: - Xen: Don't add dom0 twice on driver reload de49d5ba-xen-avoid-multiple-dom0.patch bsc#1176430 ------------------------------------------------------------------ ------------------ 2020-9-23 - Sep 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/numa: Early request for home node associativity (bsc#1171068 ltc#183935). - commit bd89a37 - workqueue: require CPU hotplug read exclusion for apply_workqueue_attrs (bsc#1176763). - commit ceaafd0 - powerpc/numa: Offline memoryless cpuless node 0 (bsc#1171068 ltc#183935). - powerpc/numa: Prefer node id queried from vphn (bsc#1171068 ltc#183935). - powerpc/numa: Set numa_node for all possible cpus (bsc#1171068 ltc#183935). - powerpc/numa: Use cpu node map of first sibling thread (bsc#1171068 ltc#183935). - commit 4baf6e2 - rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869 ltc#188243). - commit e45f4be - fbcon: remove soft scrollback code (CVE-2020-14390 bsc#1176235). - commit 9b8ada0 - cfg80211: regulatory: reject invalid hints (bsc#1176699). - commit 899f6a9 - scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688). - scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (bsc#1171688). - scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (bsc#1171688). - scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (bsc#1171688). - scsi: qla2xxx: Fix the return value (bsc#1171688). - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#1171688). - scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#1171688). - scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688). - scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#1171688). - scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688). - scsi: qla2xxx: Remove superfluous memset() (bsc#1171688). - commit a59756a - wireguard: peerlookup: take lock before checking hash in replace operation (git-fixes). - wireguard: noise: take lock when removing handshake entry from table (git-fixes). - commit 742e9a3 - series: Update meta data - commit 46acdd6 - fix patch metadata - fix Patch-mainline: patches.suse/btrfs-require-only-sector-size-alignment-for-parent-.patch - commit ee89c1f - fix patch metadata - fix Patch-mainline: patches.suse/nfs-Fix-getxattr-kernel-panic-and-memory-overflow.patch - commit 147bb89 - series.conf: refresh - update upstream reference and resort: patches.suse/ibmvnic-add-missing-parenthesis-in-do_reset.patch - commit feb9790 ------------------------------------------------------------------ ------------------ 2020-9-22 - Sep 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks (jsc#SLE-14459). - ata: ahci: use ata_link_info() instead of ata_link_printk() (jsc#SLE-14459). - commit e4929bb - Update patch reference for most driver securiy fix (CVE-2020-0432 bsc#1176721) - commit f4104d9 - Update patch reference for pinctrl security fix (CVE-2020-0427, bsc#1176725) - commit 13119a3 - Update patch reference for HID security fix (CVE-2020-0431, bsc#1176722) - commit 92b53fb - HID: core: fix dmesg flooding if report field larger than 32bit (bsc#1176775). - HID: core: Add printk_once variants to hid_warn() etc (bsc#1176775). - HID: core: reformat and reduce hid_printk macros (bsc#1176775). - commit 37f3024 - kernel-syms.spec.in: Also use bz compression (boo#1175882). - commit ecaf78d - Update patches.suse/media-uvcvideo-Avoid-cyclic-entity-chains-due-to-mal.patch (bsc#1176423 CVE-2020-0404). - commit 23cba3a - platform/x86: dcdbas: Check SMBIOS for protected buffer address (jsc#SLE-14407). - commit 7f21c07 - btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789). - commit 868a458 - btrfs: tree-checker: fix the error message for transid error (bsc#1176788). - commit 96dd2e2 - libbpf: Fix readelf output parsing for Fedora (bsc#1155518). - commit 667b79c - libbpf: Fix readelf output parsing on powerpc with recent binutils (bsc#1155518). - commit 20955ec ++++ wpa_supplicant: - Fix spec file for SLE12, use make %{?_smp_mflags} instead of %make_build - Enable SAE support(jsc#SLE-14992). ------------------------------------------------------------------ ------------------ 2020-9-21 - Sep 21 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - nfs: Fix getxattr kernel panic and memory overflow (bsc#1176381 CVE-2020-2521). - commit 0de797a - hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659). - commit fe91e40 - netfilter: ipset: Fix forceadd evaluation path (bsc#1176587). - commit 64d0b5f - series.conf: refresh - update upstream references and resort: patches.suse/powerpc-book3s64-radix-Fix-boot-failure-with-large-a.patch patches.suse/powerpc-papr_scm-Limit-the-readability-of-perf_stats.patch - commit 1c47455 - libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527). - commit 7e506d7 - Refresh sorted patches. - Refresh patches.suse/powerpc-book3s64-radix-Fix-boot-failure-with-large-a.patch. - Refresh patches.suse/powerpc-papr_scm-Limit-the-readability-of-perf_stats.patch. - commit 50a09d4 - blacklist: Ignore doc update and build warning The offending commit for the build warning is in mainlince since 2.6. - commit ecc1f19 - ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140). - commit a96bd66 - rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To avoid the unnecessary key enrollment, when enrolling the signing key of the kernel package, "--ca-check" is added to mokutil so that mokutil will ignore the request if the CA of the signing key already exists in MokList or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only defined in a kernel module package (KMP), it's used to determine whether the %post script is running in a kernel package, or a kernel module package. - commit b15c9bf ++++ systemd: - SLEtify (jsc#SLE-16318) This forward port most of the SLE stuff from SLE15-SP2 to this Factory snapshot making this version good enough for starting testing the version that will be shipped in SLE15-SP3. Add 1000-logind-disable-RemoveIPC-by-default.patch Add 1001-journald-turn-ForwardToSyslog-on-by-default.patch (bsc#1065301) Add 1002-udev-add-option-to-generate-old-buggy-SCSI-serials.patch Add 1003-logind-store-a-timestamp-when-the-ACPI-power-button-.patch (bsc#981830 bsc#888612 bsc#1072933) Add 1004-udev-don-t-create-by-partlabel-primary-and-.-logical.patch Add 1005-udev-optionally-disable-the-generation-of-the-partla.patch (bsc#1089761) Add 1006-logind-keep-backward-compatibility-with-UserTasksMax.patch Add 1007-tmpfiles-follow-SUSE-policies.patch Add 1008-Restore-support-for-halt.local.patch Add 60-io-scheduler.rules (bsc#1165579 bsc#1164717) Add 80-acpi-container-hotplug.rules (bsc#1082485 bsc#1040800 bsc#1078358 bsc#1081170 bsc#1075743) Add 80-hotplug-cpu-mem.rules (bsc#1076696 bsc#1127557) Add 99-wakeup-from-idle.rules merge compats/persistent-nic-names (bsc#1061883 bsc#1083158) merge compats/udev-compat-symlinks networkd is kept enabled as it's shipped in Leap distros (bsc#1071311) Remove TasksMax limit for both user and system slices (jsc#SLE-10123). This implemented by means of 2 drop-ins shipped in system.conf.d/ and user-.slice.d/ ++++ sysconfig: - version 0.85.6 - netconfig: execute chrony/helper in /usr/libexec with fallback to it's previous location in /usr/lib (boo#1176285) - netconfig: only write files like /etc/resolv.conf on content change to avoid that e.g. dnsmasq (if running) re-reads the /etc/resolv.conf and re-initializes itself (bsc#1176325) ++++ transactional-update: - Version 2.25.1 - Fix inotify watcher setup - Use log_{info,error} for more messages to avoid messing up Salt logs - Version 2.25 - Reduce number of overlays: Instead of using transparent overlays for all previous layers only add the previous snapshot's overlay; this will greatly reduce the number of overlays while still making sure that /etc changes in the running system will be visible in the next snapshot - When using --drop-if-no-change synchronize potential /etc changes with running system - Exclude all non-root-fs mounts from inotify watcher ------------------------------------------------------------------ ------------------ 2020-9-18 - Sep 18 2020 ------------------- ------------------------------------------------------------------ ++++ file: - Add patchfix_of_backport_PR-62.patch as previous backport caused a shorten output of the elf interprter (bsc#1176123) ++++ ignition: - Retrigger udev when requesting networking on demand ++++ kernel-default: - rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#1176698) The "-c" option wasn't passed down to %_kernel_module_package so the ueficert subpackage wasn't generated even if the certificate is specified in the spec file. - commit 34808fb ++++ gnutls: - FIPS: Use 2048 bit prime in DH selftest (bsc#1176086) * add gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch ++++ libzypp: - RepoInfo: Return the type of the local metadata cache as fallback (bsc#1176435) - VendorAttr: Fix broken "suse,opensuse" equivalence handling. Enhance API and testcases. (bsc#1174918) - Update docs regarding 'opensuse' namepace matching. - New solver testcase format. - Link against libzsd to close libsolvs open references (as we link statically) - BuildRequires: libsolv-devel >= 0.7.15. - version 17.25.0 (22) ++++ salt: - Fix virt.update with CPU defined - Fix virt issues and invalid input errors from 'salt.utils.data' (bsc#1176480) - Reintroduces the patches from opensuse-3000.2-virt-backports-236.patch coming from Salt 3001 - Do not raise StreamClosedError traceback but only log it (bsc#1175549) - Various fixes to the mysql module to break out the handling of user - Take care of failed, skipped and unreachable tasks and propagate "retcode" (bsc#1173911) (bsc#1173909) - Added: * do-not-raise-streamclosederror-traceback-but-only-lo.patch * fix-the-removed-six.itermitems-and-six.-_type-262.patch * backport-virt-patches-from-3001-256.patch * various-fixes-to-the-mysql-module-to-break-out-the-h.patch * ansiblegate-take-care-of-failed-skipped-and-unreacha.patch * fix-virt.update-with-cpu-defined-263.patch ++++ zypper: - Use new testcase API in libzypp. - BuildRequires: libzypp-devel >= 17.25.0. - help: prevent 'whatis' from writing to stderr (bsc#1176712) - wp: point out that command is aliased to a search command and searches case-insensitive (jsc#SLE-16271) - version 1.14.39 ------------------------------------------------------------------ ------------------ 2020-9-17 - Sep 17 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Overhaul configuration fetching: * Add udev rules to wait for either ignition, combustion or fw_cfg drives * Allow combustion.firstboot in addition to ignition.firstboot M combustion A combustion-prepare.service M combustion.service M module-setup.sh - Bump version to 0.2 ++++ kernel-default: - blacklist.conf: Append 'gpu: ipu-v3: image-convert: Wait for all EOFs before completing a tile' - commit cd2ad4e - drm/sun4i: backend: Disable alpha on the lowest plane on the A20 (bsc#1152472) - commit a28c02e - drm/sun4i: backend: Support alpha property on lowest plane (bsc#1152472) - commit 081a7ef - drm/sun4i: Fix dsi dcs long write function (bsc#1152472) - commit 510ebc1 - drm/sun4i: add missing put_device() call in (bsc#1152472) - commit 69345eb - drm/virtio: fix missing dma_fence_put() in (bsc#1152489) * context changes - commit 2d93b7f - drm/ast: Initialize DRAM type before posting GPU (bsc#1152472) * context changes - commit 933f31f - drm/mgag200: Remove declaration of mgag200_mmap() from header file (bsc#1152472) * context changes - commit 435259b ++++ multipath-tools: - Update to version 0.8.2+140.5146cae * drop nr_active field, always count active paths (bsc#1125043) * kpartx.rules: fix handling of synthetic uevents (bsc#1161923) * libmpathpersist: limit PRIN allocation length to 8192 bytes (bsc#1165786) * avoid data corruption caused by duplicate alias in bindings file (bsc#1172429) * improve logging for failure to set dev_loss_tmo (bsc#1173060, bsc#1173064) * Fix handling of hardware properties for maps without paths (bsc#1176644) - Backported upstream fixes (bsc#1176670): * multipath: add "-e" option to enable foreign libraries (bsc#1139837) * multipath-tools: add HPE MSA 1060/2060 to hwtable * ALUA support for PURE FlashArray * libmultipath: EMC PowerMax NVMe device config * libmultipath: pathinfo(): don't filter emtpy devnode names * libmultipath: fix ALUA autodetection when paths are down * libmultipath: fix (max_)polling_interval setting logic * libmultipath: count pending paths as active on loads * multipathd: disable queueing for recreated map in uev_remove_map * multipathd: fix check_path errors with removed map * multipathd: add new paths under vecs lock * multipath: deal with delegation failures correctly * Added memory leak testing and fixed various leaks * Various minor fixes, code correctness improvements - Dropped upstream merged patch: * Drop patch: libmultipath-set-enable_foreign-to-NONE-by-default.patch - Added README.alua - Added %check section in spec file - Modernized BuildRequires ++++ gnutls: - FIPS: Add TLS KDF selftest (bsc#1176671) * add gnutls-FIPS-TLS_KDF_selftest.patch ++++ systemd: - Import a prisitine copy of Factory which will serve as a new base for SLE15-SP3 (osc copypac from project:Base:System package:systemd revision:1120, using expand, using client side copy) - Remove dangling symlink /usr/lib/systemd/system/sockets.target.wants/systemd-journald-audit.socket Otherwise the build system complains. - Import commit 1cab0d44584687ace92d1df30eadf264231e3b65 (include v246.5) 304ec2c7ab fstab-generator: add 'nofail' when NFS 'bg' option is used (bsc#1176513) 6ae277fb37 test: adapt TEST-21-SYSUSERS for SUSE acd8bfd2cc test: adapt TEST-13-NSPAWN-SMOKE for SUSE [...] For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/a4e393eecb9dbe140a6c7d57419c291d786155cf...1cab0d44584687ace92d1df30eadf264231e3b65 ++++ qemu: - Change qemu-x86 packaging relationship with qemu-microvm from Requires to Recommends - Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441 bsc#1176494) usb-fix-setup_len-init-CVE-2020-14364.patch - Fix DoS in packet processing of various emulated NICs (CVE-2020-16092 bsc#1174641) hw-net-net_tx_pkt-fix-assertion-failure-.patch - Fix buffer overflow in the XGMAC device (CVE-2020-15863 bsc#1174386) hw-net-xgmac-Fix-buffer-overflow-in-xgma.patch - Note: v4.2.1 update included fix for CVE-2020-24352 bsc#1175370 ------------------------------------------------------------------ ------------------ 2020-9-16 - Sep 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Btrfs: implement full reflink support for inline extents (bsc#1176019). - Refresh patches.suse/btrfs-fix-lost-i_size-update-after-cloning-inline-ex.patch. - commit 1499e64 - Btrfs: simplify inline extent handling when doing reflinks (bsc#1176019). - commit 378e9bc - Btrfs: move all reflink implementation code into its own file (bsc#1176019). - Refresh patches.suse/btrfs-fix-lost-i_size-update-after-cloning-inline-ex.patch. - commit 24935c8 ++++ systemd: - Drop 0001-udev-temporarly-restore-the-creation-a-few-symlinks-.patch linuxrc has already been fixed. - Add 0001-udev-temporarly-restore-the-creation-a-few-symlinks-.patch A temporary patch until the installer environment is updated to create some of the symlinks that udevd used to create during its startup but now udevd relies on the init system to do so. ++++ qemu: - Add infrastructure to do package splits when split-off package isn't required and doesn't (otherwise) include any previously installed files. More recent versions of qemu have split out non-essential functionality into loadable modules, so we need our packaging infrastructure to be prepared to handle that. ------------------------------------------------------------------ ------------------ 2020-9-15 - Sep 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - nvme-pci: override the value of the controller's numa node (bsc#1176507). - commit 1ad78c9 - Remove patch causing regression (bsc#1094244 ltc#168122). - Delete patches.suse/powerpc-64s-machine-check-interrupt-update-NMI-accou.patch. - Refresh patches.suse/powerpc-64s-machine-check-do-not-trace-real-mode-han.patch. - commit f30b04b - mlx4: disable device on shutdown (git-fixes). - commit 878fd39 - nvme-multipath: retry commands for dying queues (bsc#1171688). - commit 50f2e12 - smb3: warn on confusing error scenario with sec=krb5 (bsc#1176548). - commit 87d97c1 - cifs: Fix leak when handling lease break for cached root fid (bsc#1176242). - commit 3f36e87 - SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559). - commit da99223 - SMB3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558). - commit 7fc229a - SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#1176546). - Refresh patches.suse/SMB3-Honor-lease-disabling-for-multiuser-mounts.patch. - commit 9b622c7 - SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545). - commit c2120ee - cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544). - commit a9ca8fc - cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536). - commit 92bbeda - driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW} (bsc#1176486 ltc#188130). - commit daeec95 - powerpc/papr_scm: Limit the readability of 'perf_stats' sysfs attribute (bsc#1176486 ltc#188130). - commit 5a8c141 - net: initialize fastreuse on inet_inherit_port (networking-stable-20_08_15). - net: refactor bind_bucket fastreuse into helper (networking-stable-20_08_15). - net: Fix potential memory leak in proto_register() (networking-stable-20_08_15). - net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15). - net/tls: Fix kmap usage (networking-stable-20_08_15). - tcp: correct read of TFO keys on big endian systems (networking-stable-20_08_15). - net: Set fput_needed iff FDPUT_FPUT is set (networking-stable-20_08_15). - commit 172e095 - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (CVE-2020-25284 bsc#1176543). - ceph: don't allow setlease on cephfs (bsc#1176537). - ceph: handle zero-length feature mask in session messages (bsc#1176540). - ceph: use frag's MDS in either mode (bsc#1176542). - ceph: set sec_context xattr on symlink creation (bsc#1176541). - ceph: fix use-after-free for fsc->mdsc (bsc#1176539). - ceph: fix potential mdsc use-after-free crash (bsc#1176538). - commit 87663ec ++++ qemu: - Allow to IPL secure guests with -no-reboot (bsc#1174863) s390x-protvirt-allow-to-IPL-secure-guest.patch ------------------------------------------------------------------ ------------------ 2020-9-14 - Sep 14 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Avoid concurrent run of Ignition and Combustion initialization scripts to a avoid a duplicate mount of the same device. ++++ kernel-default: - RDMA/bnxt_re: Remove set but not used variable 'qplib_ctx' (bsc#1170774). - commit d51761b - blacklist.conf: 2356bb4b8221 tracing/kprobes, x86/ptrace: Fix regs argument order for i386 - commit c54f3f0 - RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds (bsc#1170774). - RDMA/bnxt_re: Static NQ depth allocation (bsc#1170774). - RDMA/mlx4: Read pkey table length instead of hardcoded value (git-fixes). - commit d897d3a - ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes). - commit b5a1bd1 - powerpc/kernel: Cleanup machine check function declarations (bsc#1065729). - commit 05b1221 - series.conf: cleanup - update upstream references and move to sorted section: patches.suse/edac-ghes-setup-dimm-label-from-dmi-and-use-it-in-error-reports.patch patches.suse/edac-i10nm-update-driver-to-support-different-bus-number-config-register-offsets.patch patches.suse/edac-skx-i10nm-make-some-configurations-cpu-model-specific.patch patches.suse/firmware_loader-fix-memory-leak-for-paged-buffer.patch patches.suse/net-packet-fix-overflow-in-tpacket_rcv.patch patches.suse/x86-cpu-add-a-steppings-field-to-struct-x86_cpu_id.patch patches.suse/x86-cpu-add-table-argument-to-cpu_matches.patch patches.suse/x86-smpboot-remove-the-last-icpu-macro.patch patches.suse/x86-speculation-add-special-register-buffer-data-sampling-srbds-mitigation.patch patches.suse/x86-speculation-add-srbds-vulnerability-and-mitigation-documentation.patch - move mainline backports into sorted section: patches.suse/revert-zram-convert-remaining-class_attr-to-class_attr_ro patches.suse/vgacon-fix-out-of-bounds-write-to-the-scrollback-buf.patch No effect on expanded tree. - commit 0435bb2 ++++ gnutls: - Fix heap buffer overflow in handshake with no_renegotiation alert sent * CVE-2020-24659 (bsc#1176181) - add gnutls-CVE-2020-24659.patch - FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086) - add patches * 0001-Add-Full-Public-Key-Check-for-DH.patch * 0001-Add-test-to-ensure-DH-exchange-behaves-correctly.patch * 0002-Add-test-to-ensure-ECDH-exchange-behaves-correctly.patch * 0003-Add-plumbing-to-handle-Q-parameter-in-DH-exchanges.patch * 0004-Always-pass-in-and-check-Q-in-TLS-1.3.patch * 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch * 0006-Pass-down-Q-for-FFDHE-in-al-pre-TLS1.3-as-well.patch * 0001-dh-primes-add-MODP-primes-from-RFC-3526.patch * 0002-dhe-check-if-DH-params-in-SKE-match-the-FIPS-approve.patch * 0001-dh-check-validity-of-Z-before-export.patch * 0002-ecdh-check-validity-of-P-before-export.patch * 0003-dh-primes-make-the-FIPS-approved-check-return-Q-valu.patch * 0004-dh-perform-SP800-56A-rev3-full-pubkey-validation-on-.patch * 0005-ecdh-perform-SP800-56A-rev3-full-pubkey-validation-o.patch - drop obsolete gnutls-3.6.7-fips_DH_ECDH_key_tests.patch ------------------------------------------------------------------ ------------------ 2020-9-11 - Sep 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: reset tree root pointer after error in init_tree_roots (bsc#1176019). - commit d323df2 - btrfs: rename btrfs_put_fs_root and btrfs_grab_fs_root (bsc#1176019). - Refresh patches.suse/0001-btrfs-reloc-fix-reloc-root-leak-and-NULL-pointer-der.patch. - Refresh patches.suse/0002-btrfs-reloc-clear-DEAD_RELOC_TREE-bit-for-orphan-roo.patch. - Refresh patches.suse/btrfs-fix-corrupt-log-due-to-concurrent-fsync-of-ino.patch. - commit 6d38357 - btrfs: add a leak check for roots (bsc#1176019). - Refresh patches.suse/btrfs-btrfs-use-the-new-VFS-super_block_dev.patch. - commit 331ee79 - btrfs: make the init of static elements in fs_info separate (bsc#1176019). - commit e201abc - btrfs: move fs_info init work into it's own helper function (bsc#1176019). - commit 83952d0 - btrfs: Streamline btrfs_fs_info::backup_root_index semantics (bsc#1176019). - Refresh patches.suse/btrfs-8888-add-allow_unsupported-module-parameter.patch. - commit b8636e1 - series.conf: fix sort - fix order of patches in sorted section - commit 4d61931 - fix patches metadata - fix Patch-mainline: patches.suse/bitfield.h-don-t-compile-time-validate-_val-in-FIELD_FIT.patch patches.suse/kernel-cpu_pm-Fix-uninitted-local-in-cpu_pm.patch patches.suse/mm-limit-boost_watermark-on-small-zones.patch patches.suse/mm-page_alloc-fix-core-hung-in-free_pcppages_bulk.patch patches.suse/mm-page_alloc-silence-a-KASAN-false-positive.patch patches.suse/mm-remove-VM_BUG_ON-PageSlab-from-page_mapcount.patch patches.suse/mm-shuffle-don-t-move-pages-between-zones-and-don-t-read-garbage-memmaps.patch patches.suse/mm-sparse-rename-pfn_present-to-pfn_in_present_section.patch patches.suse/mm-thp-fix-defrag-setting-if-newline-is-not-used.patch - commit 8d21545 ++++ libsolv: - fix deduceq2addedmap clearing bits outside of the map - conda: feature depriorization first - conda: fix startswith implementation - move find_update_seeds() call in cleandeps calculation - set SOLVABLE_BUILDHOST in rpm and rpmmd parsers - new testcase_mangle_repo_names() function - new solv_fmemopen() function - bump version to 0.7.15 ------------------------------------------------------------------ ------------------ 2020-9-10 - Sep 10 2020 ------------------- ------------------------------------------------------------------ ++++ gettext-runtime: - Added gettext-0.19.8.1-fix-uninitialized-free.patch (boo#1176142) ++++ kernel-default: - btrfs: Rename find_oldest_super_backup to init_backup_root_slot (bsc#1176019). - commit dd087e3 - btrfs: Remove unused next_root_backup function (bsc#1176019). - commit fb3bd27 - btrfs: Don't use objectid_mutex during mount (bsc#1176019). - commit c44ea8c - btrfs: Factor out tree roots initialization during mount (bsc#1176019). - Refresh patches.suse/btrfs-free-more-things-in-btrfs_free_fs_info.patch. - commit 10657bc - btrfs: use bool argument in free_root_pointers() (bsc#1176019). - commit 743977b - btrfs: Add read_backup_root (bsc#1176019). - commit 3f9983e - btrfs: Remove newest_gen argument from find_oldest_super_backup (bsc#1176019). - commit 58cb4f5 - btrfs: Cleanup and simplify find_newest_super_backup (bsc#1176019). - commit 478d905 - btrfs: add __cold attribute to more functions (bsc#1176019). - commit 71f76ab - btrfs: free more things in btrfs_free_fs_info (bsc#1176019). - Refresh patches.suse/btrfs-8888-add-allow_unsupported-module-parameter.patch. - commit b6ec803 - btrfs: push btrfs_grab_fs_root into btrfs_get_fs_root (bsc#1176019). - commit a76defc - btrfs: use btrfs_put_fs_root to free roots always (bsc#1176019). - Refresh patches.suse/btrfs-fix-corrupt-log-due-to-concurrent-fsync-of-ino.patch. - commit 41b464c - btrfs: hold a ref on the root in open_ctree (bsc#1176019). - commit f1db66d - btrfs: export and rename free_fs_info (bsc#1176019). - commit 0b624c8 - btrfs: hold a ref on the root in btrfs_check_uuid_tree_entry (bsc#1176019). - commit eca88c1 - btrfs: hold a ref on the root in btrfs_recover_log_trees (bsc#1176019). - commit 351a260 - btrfs: hold a ref on the root in create_pending_snapshot (bsc#1176019). - commit 8b70b77 - btrfs: hold a ref on the root in get_subvol_name_from_objectid (bsc#1176019). - commit faabe37 - btrfs: hold a ref on the root in btrfs_ioctl_send (bsc#1176019). - commit 9a7a7b3 - btrfs: hold a ref on the root in scrub_print_warning_inode (bsc#1176019). - commit 3f0e119 - btrfs: hold a ref for the root in btrfs_find_orphan_roots (bsc#1176019). - commit 681f58e - btrfs: push grab_fs_root into read_fs_root (bsc#1176019). - Refresh patches.suse/0001-btrfs-reloc-fix-reloc-root-leak-and-NULL-pointer-der.patch. - Refresh patches.suse/0002-btrfs-reloc-clear-DEAD_RELOC_TREE-bit-for-orphan-roo.patch. - commit 4d5675a - blacklist.conf: user-visible change to perf - commit caa4d65 - blacklist.conf: cleanup need not be backported - commit f1a5da2 - net/smc: put slot when connection is killed (git-fixes). - commit 8ddc482 - btrfs: hold a ref on the root in btrfs_recover_relocation (bsc#1176019). - commit 4544b15 - btrfs: hold a ref on the root in create_reloc_inode (bsc#1176019). - commit 5ad1c23 - btrfs: hold a ref on the root in find_data_references (bsc#1176019). - commit b847756 - btrfs: hold a ref on the root in record_reloc_root_in_trans (bsc#1176019). - commit ed6b331 - btrfs: hold a ref on the root in merge_reloc_roots (bsc#1176019). - Refresh patches.suse/0001-btrfs-reloc-fix-reloc-root-leak-and-NULL-pointer-der.patch. - Refresh patches.suse/0002-btrfs-reloc-clear-DEAD_RELOC_TREE-bit-for-orphan-roo.patch. - commit 6e65a90 - mm, page_alloc: fix core hung in free_pcppages_bulk() (git fixes (mm/pgalloc)). - bitfield.h: don't compile-time validate _val in FIELD_FIT (git fixes (bitfield)). - mm/page_alloc: silence a KASAN false positive (git fixes (mm/pgalloc)). - mm/shuffle: don't move pages between zones and don't read garbage memmaps (git fixes (mm/pgalloc)). - kernel/cpu_pm: Fix uninitted local in cpu_pm (git fixes (kernel/pm)). - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() (git fixes (mm/compaction)). - mm: limit boost_watermark on small zones (git fixes (mm/pgalloc)). - mm/sparse: rename pfn_present() to pfn_in_present_section() (git fixes (mm/pgalloc)). - mm, thp: fix defrag setting if newline is not used (git fixes (mm/thp)). - commit 72b22a6 - btrfs: hold a ref on the root in prepare_to_merge (bsc#1176019). - commit 28b372d - btrfs: hold a ref on the root in build_backref_tree (bsc#1176019). - commit abebe41 - btrfs: hold ref on root in btrfs_ioctl_default_subvol (bsc#1176019). - commit c589a9c - btrfs: hold a ref on the root in btrfs_ioctl_get_subvol_info (bsc#1176019). - commit 390b892 - btrfs: hold a ref on the root in btrfs_search_path_in_tree_user (bsc#1176019). - commit bbc4f14 - btrfs: hold a ref on the root in btrfs_search_path_in_tree (bsc#1176019). - commit cd32183 - btrfs: hold a ref on the root in search_ioctl (bsc#1176019). - commit 8173466 - btrfs: hold a ref on the root in create_subvol (bsc#1176019). - commit 5cde960 - btrfs: hold a ref on the root in fixup_tree_root_location (bsc#1176019). - commit 320ca12 - btrfs: hold a ref on the root in __btrfs_run_defrag_inode (bsc#1176019). - commit 95a17fd - btrfs: hold a root ref in btrfs_get_dentry (bsc#1176019). - commit 7aed71d - btrfs: hold a ref on the root in resolve_indirect_ref (bsc#1176019). - commit 628db82 - btrfs: hold a ref on fs roots while they're in the radix tree (bsc#1176019). - commit 3062c74 - blacklist.conf: Theoritical issues that does not apply to kernel configuration - commit 2c26708 - blacklist.conf: Build fix that is not relevant to kernel configuration - commit 758bef3 - btrfs: handle NULL roots in btrfs_put/btrfs_grab_fs_root (bsc#1176019). - commit 58d4ba4 - btrfs: make the fs root init functions static (bsc#1176019). - commit feb2dca - btrfs: open code btrfs_read_fs_root_no_name (bsc#1176019). - commit ab1f957 - powerpc: Add cputime_to_nsecs() (bsc#1065729). - commit dee0106 - livepatch: Add -fdump-ipa-clones to build (fate#323487). Add support for -fdump-ipa-clones GCC option. Update config files accordingly. - commit 59bf95b - blacklist.conf: fix needed only if fake NUMA support is removed - commit 458b58b - s390/dasd: fix inability to use DASD with DIAG driver (git-fixes). - s390/mm: fix huge pte soft dirty copying (git-fixes). - s390/setup: init jump labels before command line parsing (git-fixes). - commit 0b57226 - blacklist.conf: s390: PAGE_DEFAULT_KEY is always zero - commit 047e63e ++++ mozilla-nss: - Modifications for NIST SP 800-56Ar3 compliance. This adds checks and restricts Diffie-Hellman parameters in FIPS mode (bsc#1176173). New patches: * nss-fips-stricter-dh.patch * nss-fips-kdf-self-tests.patch ++++ systemd: - Rework how we prevent journald from both enabling auditd and recording audit messages journald.conf gained a new setting Audit= to control whether journald enables audit during the boot process. So let's use it and make sure it's disabled by default by shipping a drop-in that overrides upstream default. Also we used to patch systemd to prevent journald from reading the audit messages. There's still no way for downstream to configure that properly (we would need to mask systemd-journald-audit.socket meaning shipping a symlink in /etc) but I think dropping systemd-journald-audit.socket from the package is a nicer way to do that as some users might choose to reenable this setting (by reintroducing the socket unit in /etc). - Enable audit support (bsc#1175883) Enabling audit support in systemd will only make PID1 (and some of its services) to generate some audit records for certain events. But it doesn't affect journald, which has been prevented from recording audit messages in the journal (SUSE specific behavior). ++++ policycoreutils: - Add get_os_version.patch get_os_version is implemented in a very RH/Fedora specific way. Ensure that it returns a valid string for SUSE by changing the default. Also remove the RH specific logic when generating HTML versions of the SELinux documentation ++++ selinux-policy: - Update to version 20200910. Refreshed * fix_authlogin.patch * fix_nagios.patch * fix_systemd.patch * fix_usermanage.patch - Delete suse_specific.patch, moved content into fix_selinuxutil.patch - Cleanup of booleans-* presets * Enabled user_rw_noexattrfile unconfined_chrome_sandbox_transition unconfined_mozilla_plugin_transition for the minimal policy * Disabled xserver_object_manager for the MLS policy * Disabled openvpn_enable_homedirs privoxy_connect_any selinuxuser_direct_dri_enabled selinuxuser_ping (aka user_ping) squid_connect_any telepathy_tcp_connect_generic_network_ports for the targeted policy Change your local config if you need them - Build HTML version of manpages for the -devel package ------------------------------------------------------------------ ------------------ 2020-9-9 - Sep 9 2020 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-21-0064ecd132c30a939125acbc5b9a1c7bcd180fa0.patch * add screen.xterm-256color to DIR_COLORS - Add patch git-22-f5e90d70d119b6aa12d019947029f9337aec378d.patch * check for Packages.db and use this instead of Packages (boo#1171762) - Add patch git-23-8f1fe28287466235ade9c62fa5995eba9e642660.patch * Rename path() to _path() to avoid using a general name. - Add patch git-24-2de52ae391e2963eb1913183a6b0530c7e781b55.patch * DIR_COLORS add TERM rxvt-unicode-256color (bug#1006973) - Add patch git-25-287cf7cb851c0636fa46a610015d2d22ad36acea.patch * sort TERM entries in etc/DIR_COLORS - Add patch git-26-0c2f2340cc6ebb51f20b36e550adc517a6b2ae42.patch * DIR_COLORS: merge TERM entries with list from (bug#1006973) - Add patch git-27-abf7927eebbd4d7f47a362d49ae7856520682c49.patch * refresh_initrd call modprobe as /sbin/modprobe (bug#1011548) - Add patch git-28-3351bcc9613ba022503103e7e4ffd01e7bd8e0fd.patch * etc/profile add some missing ;; in case esac statements - Add patch git-29-5220a5f6ba250503ccda326e65ca069d245a5ebe.patch * profile and csh.login: on s390x set TERM to dumb on serial console for sclp_line0 and ttyS0 console (bug#1153946) - Add patch git-30-b9dd70f33a124556f16dbbafc89585a82218ad61.patch * backup-rpmdb: exit if zypp.pid is there and running (bug#1161239) - Add patch git-31-52dc403d54f2c926ee5cc892d1a8a830a45d7412.patch * also add color alias for ip command, jira#sle-9880, bsc#1153943 - Add patch git-32-0ee79834ea9ebf6573a7b903f374c21e53a56c14.patch * alias.bash check if ip command knows color=auto (jsc#SLE-7679) ++++ grub2: - Make efi hand off the default entry point of the linux command (bsc#1176134) * 0001-efi-linux-provide-linux-command.patch ++++ kernel-default: - iommu/vt-d: Handle non-page aligned address (bsc#1176367). - commit 8f4c091 - blacklist.conf: Add de2b41be8fcc x86, vmlinux.lds: Page-align end of ..page_aligned sections - commit 0f6cfca - iommu/vt-d: Handle 36bit addressing for x86-32 (bsc#1176362). - iommu/amd: Do not use IOMMUv2 functionality when SME is active (bsc#1174358). - iommu/amd: Do not force direct mapping when SME is active (bsc#1174358). - iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176359). - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176358). - iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176364). - vfio-pci: Avoid recursive read-lock usage (bsc#1176366). - iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176357). - iommu/vt-d: Fix PASID devTLB invalidation (bsc#1176361). - iommu/vt-d: Remove global page support in devTLB flush (bsc#1176363). - iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#1176360). - iommu/vt-d: Support flushing more translation cache types (bsc#1176365). - commit d9d3306 - refresh config files - commit 09c22d1 - btrfs: remove btrfs_read_fs_root, not used anymore (bsc#1176019). - commit 27b7c0e - btrfs: make relocation use btrfs_read_tree_root() (bsc#1176019). - commit 83c5766 - btrfs: export and use btrfs_read_tree_root for tree-log (bsc#1176019). - commit c457d40 - fix patch metadata - change from "queued" to "never": patches.suse/0001-xen-don-t-reschedule-in-preemption-off-sections.patch - commit 9a83f52 - btrfs: make btrfs_find_orphan_roots use btrfs_get_fs_root (bsc#1176019). - commit 348b1af - btrfs: move fs root init stuff into btrfs_init_fs_root (bsc#1176019). - commit cb580c0 - btrfs: push __setup_root into btrfs_alloc_root (bsc#1176019). - commit 062eab0 - series.conf: cleanup - move to sorted section: patches.suse/x86-asm-64-Align-start-of-__clear_user-loop-to-16-by.patch - commit 3cee501 - btrfs: drop create parameter to btrfs_get_extent() (bsc#1176019). - commit 051d33b - powerpc/64: mark emergency stacks valid to unwind (bsc#1156395). - commit cf61a29 - blacklist.conf: 318af7b80b6a ("Revert "kbuild: use -flive-patching when CONFIG_LIVEPATCH is enabled"") Contrary to the upstream we'll support the original patch, since it makes things easier for us as of now. - commit 5f31678 - powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244 ltc#168122). - powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122). - powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#168122). - powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122). - powerpc/64s: machine check interrupt update NMI accounting (bsc#1094244 ltc#168122). - powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack (bsc#1094244 ltc#168122). - powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122). - powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#168122). - powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244 ltc#168122). - powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122). - powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244 ltc#168122). - commit a8046af - scsi: zfcp: Fix use-after-free in request timeout handlers (git-fixes). - commit afdea91 - blacklist.conf: zfcp comment fix - commit 063b5f1 - blacklist.conf: add cafe01ef8fcb248583038e1be071383530fe355a - commit 5a7e3c7 - dm: don't call report zones for more than the user requested (git fixes (block drivers)). - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() (git fixes (block drivers)). - md: raid0/linear: fix dereference before null check on pointer mddev (git fixes (block drivers)). - sbitmap: Consider cleared bits in sbitmap_bitmap_show() (git fixes (block drivers)). - blktrace: fix debugfs use after free (git fixes (block drivers)). - block: revert back to synchronous request_queue removal (git fixes (block drivers)). - block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)). - dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)). - virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes (block drivers)). - dm writecache: add cond_resched to loop in persistent_memory_claim() (git fixes (block drivers)). - dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)). - dm zoned: assign max_io_len correctly (git fixes (block drivers)). - bcache: Convert pr_ uses to a more typical style (git fixes (block drivers)). - commit 35db4b2 - blacklist.conf: add 7bf137298cb73afdb8c5536e474f7ba71ab1c235 - commit cdf662f - scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes). - scsi: qla2xxx: Fix regression on sparc64 (git-fixes). - commit b922436 - powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S (bsc#1065729). - commit 9cbba57 - scsi: libfc: Fix for double free() (bsc#1174899). - commit 941605d - powerpc/book3s64/radix: Add kernel command line option to disable radix GTSE (bsc#1055186 ltc#153436 FATE#323286 jsc#SLE-13512). - powerpc/mm/radix: Create separate mappings for hot-plugged memory (bsc#1055186 ltc#153436 FATE#323286). - powerpc/mm/radix: Remove split_kernel_mapping() (bsc#1055186 ltc#153436 FATE#323286). - powerpc/mm/radix: Free PUD table when freeing pagetable (bsc#1055186 ltc#153436 FATE#323286). - powerpc/mm/radix: Fix PTE/PMD fragment count for early page table mappings (bsc#1055186 ltc#153436 FATE#323286). - powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#153436 FATE#323286 jsc#SLE-13512). - powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436 FATE#323286 jsc#SLE-13512). - commit d06aeea - Refresh patches.suse/nvdimm-Avoid-race-between-probe-and-reading-device-a.patch Update submit URL to v2 - commit f6fe239 ++++ open-lldp: - Update to version v1.0.1+64.29d12e584af1: * l2_packet: Guard ETH_P_LLDP define (bsc#1156545) ------------------------------------------------------------------ ------------------ 2020-9-8 - Sep 8 2020 ------------------- ------------------------------------------------------------------ ++++ bcache-tools: - Cure fallout from %_libexecdir change [boo#1174075, boo#1176244] ++++ kernel-default: - crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175718). - crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175718). - crypto: dh - check validity of Z before export (bsc#1175718). - lib/mpi: Add mpi_sub_ui() (bsc#1175718). - crypto: ecdh - check validity of Z before export (bsc#1175718). - commit 1b908a3 - nvme-fc: set max_segments to lldd max value (bsc#1176038). - commit d7e9e95 - s390/qeth: don't process empty bridge port events (git-fixes). - s390/qeth: integrate RX refill worker with NAPI (git-fixes). - s390/qeth: tolerate pre-filled RX buffer (git-fixes). - commit 0d5daa2 - rpm/kernel-binary.spec.in: pack .ipa-clones files for live patching When -fdump-ipa-clones option is enabled, GCC reports about its cloning operation during IPA optimizations. We use the information for live patches preparation, because it is crucial to know if and how functions are optimized. Currently, we create the needed .ipa-clones dump files manually. It is unnecessary, because the files may be created automatically during our kernel build. Prepare for the step and provide the resulting files in - livepatch-devel package. - commit 98e5a9d - s390: fix GENERIC_LOCKBREAK dependency typo in Kconfig (git-fixes). - x86/hotplug: Silence APIC only after all interrupts are migrated (git-fixes). - test_kmod: avoid potential double free in trigger_config_run_type() (git-fixes). - initramfs: remove clean_rootfs (git-fixes). - initramfs: remove the populate_initrd_image and clean_rootfs stubs (git-fixes). - scsi: lpfc: Add dependency on CPU_FREQ (git-fixes). - block: Use non _rcu version of list functions for tag_set_list (git-fixes). - scsi: qla2xxx: Suppress two recently introduced compiler warnings (git-fixes). - commit de8f3c2 - blacklist.conf: Add documenation fixes and kabi breaker - commit dba74e9 - tg3: Fix soft lockup when tg3_reset_task() fails (git-fixes). - cxgb4: fix thermal zone device registration (git-fixes). - bnxt: don't enable NAPI until rings are ready (git-fixes). - taprio: Fix using wrong queues in gate mask (bsc#1154353). - bnxt_en: fix HWRM error when querying VF temperature (git-fixes). - bnxt_en: Fix possible crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix PCI AER error recovery flow (git-fixes). - bnxt_en: Check for zero dir entries in NVRAM (git-fixes). - bnxt_en: Don't query FW when netif_running() is false (git-fixes). - bonding: fix a potential double-unregister (git-fixes). - i40e: Fix crash during removing i40e driver (git-fixes). - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (git-fixes). - commit 4d82728 - selftests/net: relax cpu affinity requirement in msg_zerocopy test (networking-stable-20_08_08). - dpaa2-eth: Fix passing zero to 'PTR_ERR' warning (networking-stable-20_08_08). - net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() (networking-stable-20_08_08). - tcp: apply a floor of 1 for RTT samples from TCP timestamps (networking-stable-20_08_08). - net: gre: recompute gre csum for sctp over gre tunnels (networking-stable-20_08_08). - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() (networking-stable-20_08_08). - net: ethernet: mtk_eth_soc: fix MTU warnings (networking-stable-20_08_08). - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure (networking-stable-20_08_08). - ipv6: fix memory leaks on IPV6_ADDRFORM path (networking-stable-20_08_08). - ipv4: Silence suspicious RCU usage warning (networking-stable-20_08_08). - vxlan: Ensure FDB dump is performed under RCU (networking-stable-20_08_08). - ipv6: Fix nexthop refcnt leak when creating ipv6 route info (networking-stable-20_08_08). - commit a270aeb - dev: Defer free of skbs in flush_backlog (networking-stable-20_07_29). - qrtr: orphan socket in qrtr_release() (networking-stable-20_07_29). - bonding: check return value of register_netdevice() in bond_newlink() (networking-stable-20_07_29). - sctp: shrink stream outq when fails to do addstream reconf (networking-stable-20_07_29). - sctp: shrink stream outq only when new outcnt < old outcnt (networking-stable-20_07_29). - enetc: Remove the mdio bus on PF probe bailout (networking-stable-20_07_29). - drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29). - net: dsa: microchip: call phy_remove_link_mode during probe (networking-stable-20_07_29). - kABI: net: dsa: microchip: call phy_remove_link_mode during probe (kabi). - net: udp: Fix wrong clean up for IS_UDPLITE macro (networking-stable-20_07_29). - net-sysfs: add a newline when printing 'tx_timeout' by sysfs (networking-stable-20_07_29). - mlxsw: destroy workqueue when trap_register in mlxsw_emad_init (networking-stable-20_07_29). - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA (networking-stable-20_07_29). - bonding: check error value of register_netdevice() immediately (networking-stable-20_07_29). - net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration (networking-stable-20_07_29). - vsock/virtio: annotate 'the_virtio_vsock' RCU pointer (networking-stable-20_07_29). - bnxt_en: Fix completion ring sizing with TPA enabled (networking-stable-20_07_29). - bnxt_en: Fix race when modifying pause settings (networking-stable-20_07_29). - commit 15b35e2 - EDAC: Fix reference count leaks (bsc#1152489). - commit 3f4ad8e ++++ efivar: - Add efivar-bsc1175989-handle-NULL-set-variable.patch to fix segfault on non-EFI systems (bsc#1175989) - Delete unused file: reproducible.patch ++++ openssl-1_1: - Add shared secret KAT to FIPS DH selftest [bsc#1175844] * add openssl-fips-DH_selftest_shared_secret_KAT.patch ++++ podman: - Cleanup %install section to use "make install" - install missing systemd units for the new Rest API (bsc#1175957) and a few man-pages that where missing before - Drop varlink API related bits (in favor of the new API) - fix install location for zsh completions ------------------------------------------------------------------ ------------------ 2020-9-7 - Sep 7 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1152489). - commit 64f04e6 - blacklist.conf: 2accfa69050c cpu/speculation: Add prototype for cpu_show_srbds() - commit 12941df - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#1174899). - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899). - commit f5d1493 - series.conf: Update meta-data and corresponding patches - commit 397e951 - Refresh patches.suse/x86-asm-64-Align-start-of-__clear_user-loop-to-16-by.patch. - commit e3c9d3b - blacklist.conf: cc5277fe66cf x86/resctrl: Fix a NULL vs IS_ERR() static checker warning in rdt_cdp_peer_get() - commit 67c6df6 - blacklist.conf: 2c18bd525c47 x86/resctrl: Fix memory bandwidth counter width for AMD Fix moved to SP3, see bsc#1172757 - commit bacb8af - epoll: call final ep_events_available() check under the lock (bsc#1176237). - epoll: atomically remove wait entry on wake up (bsc#1176236). - commit 86b758b - rpm/kernel-source.spec.in: Also use bz compression (boo#1175882). - commit 375ec84 - rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#SLE-13618). - commit 971fc3d - EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1152489). - commit dae70cc - EDAC/amd64: Add AMD family 17h model 60h PCI IDs (bsc#1152489). - commit 059d4f2 - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (bsc#1065600). - commit b863d57 - xen: don't reschedule in preemption off sections (bsc#1175749). - commit 2a68c8d - include/asm-generic/vmlinux.lds.h: align ro_after_init (git-fixes). - include/linux/poison.h: remove obsolete comment (git-fixes). - include/linux/bitops.h: avoid clang shift-count-overflow warnings (git-fixes). - thermal: qcom-spmi-temp-alarm: Don't suppress negative temp (git-fixes). - thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 (git-fixes). - dmaengine: dw-edma: Fix scatter-gather address calculation (git-fixes). - dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes). - dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate() (git-fixes). - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling (git-fixes). - drm/radeon: Prefer lower feedback dividers (git-fixes). - batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes). - batman-adv: Fix own OGM check in aggregated OGMs (git-fixes). - batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes). - media: cedrus: Add missing v4l2_ctrl_request_hdl_put() (git-fixes). - HID: core: Sanitize event code and type when mapping input (git-fixes). - HID: core: Correctly handle ReportSize being zero (git-fixes). - usb: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes). - USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes). - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes). - USB: gadget: u_f: add overflow checks to VLA macros (git-fixes). - xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes). - usb: uas: Add quirk for PNY Pro Elite (git-fixes). - USB: lvtest: return proper error code in probe (git-fixes). - USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes). - USB: yurex: Fix bad gfp argument (git-fixes). - drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes). - drm/amd/pm: correct the thermal alert temperature limit settings (git-fixes). - drm/amdgpu/gfx10: refine mgcg setting (git-fixes). - drm/amd/pm: correct Vega20 swctf limit setting (git-fixes). - drm/amd/pm: correct Vega12 swctf limit setting (git-fixes). - drm/amd/pm: correct Vega10 swctf limit setting (git-fixes). - fbcon: prevent user font height or width change from causing potential out-of-bounds access (git-fixes). - vt: defer kfree() of vc_screenbuf in vc_do_resize() (git-fixes). - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() (git-fixes). - HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands (git-fixes). - drm/amd/display: Switch to immediate mode for updating infopackets (git-fixes). - drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading (git-fixes). - drm/amd/powerplay: correct Vega20 cached smu feature state (git-fixes). - spi: stm32: always perform registers configuration prior to transfer (git-fixes). - spi: stm32: fix stm32_spi_prepare_mbr in case of odd clk_rate (git-fixes). - spi: stm32: fix fifo threshold level in case of short transfer (git-fixes). - spi: stm32h7: fix race condition at end of transfer (git-fixes). - spi: stm32: clear only asserted irq flags on interrupt (git-fixes). - mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes). - fbmem: pull fbcon_update_vcs() out of fb_set_var() (git-fixes). - HID: quirks: add NOGET quirk for Logitech GROUP (git-fixes). - PCI: Fix pci_create_slot() reference count leak (git-fixes). - media: davinci: vpif_capture: fix potential double free (git-fixes). - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() (git-fixes). - ASoC: tegra: Fix reference count leaks (git-fixes). - ASoC: img-parallel-out: Fix a reference count leak (git-fixes). - ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt (git-fixes). - rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes). - drm/nouveau: Fix reference count leak in nouveau_connector_detect (git-fixes). - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit (git-fixes). - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open (git-fixes). - omapfb: fix multiple reference count leaks due to pm_runtime_get_sync (git-fixes). - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails (git-fixes). - drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config (git-fixes). - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes). - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes). - drm/radeon: fix multiple reference count leak (git-fixes). - drm/amdkfd: Fix reference count leaks (git-fixes). - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value (git-fixes). - media: gpio-ir-tx: improve precision of transmitted signal due to scheduling (git-fixes). - drm/sched: Fix passing zero to 'PTR_ERR' warning v2 (git-fixes). - commit aa50939 - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (git-fixes). - commit 4a76c88 ++++ libxml2: - Security fix: [bsc#1176179, CVE-2020-24977] * xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal - Add patch libxml2-CVE-2020-24977.patch ++++ zeromq: - CVE-2020-15166.patch: fix the possibility of unauthenticated clients causing a denial-of-service (bsc#1176116, CVE-2020-15166) ------------------------------------------------------------------ ------------------ 2020-9-6 - Sep 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - series.conf: cleanup - update upstream reference and resort: patches.suse/ibmvnic-fix-NULL-tx_pools-and-rx_tools-issue-at-do_r.patch - commit 8ff6392 - ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes). - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled (git-fixes). - ALSA: hda: hdmi - add Rocketlake support (git-fixes). - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check (git-fixes). - ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO (git-fixes). - ALSA: hda/hdmi: always check pin power status in i915 pin fixup (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes). - ALSA: usb-audio: Add basic capture support for Pioneer DJ DJM-250MK2 (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for UR22C (git-fixes). - Revert "ALSA: hda: Add support for Loongson 7A1000 controller" (git-fixes). - ALSA: hda/tegra: Program WAKEEN register for Tegra (git-fixes). - ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes). - ALSA: ca0106: fix error code handling (git-fixes). - ALSA: usb-audio: Disable autosuspend for Lenovo ThinkStation P620 (git-fixes). - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes). - ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes). - ASoC: SOF: Intel: add PCI ID for CometLake-S (git-fixes). - commit 56f2f52 ------------------------------------------------------------------ ------------------ 2020-9-4 - Sep 4 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Add combustion-prepare.service to enable network if needed: M combustion A combustion-prepare.service M combustion.service M module-setup.sh - Don't fail if no config drive found to not break ignition with fw_cfg ++++ ignition: - 02_ignition_firstboot, ignition-enable-network.sh: Drop ip=dhcp, it's the default anyway and avoids a delay on boot (boo#1173402) - 02_ignition_firstboot: Drop rd.neednet=1, both ignition and combustion enable it themselves when necessary ------------------------------------------------------------------ ------------------ 2020-9-3 - Sep 3 2020 ------------------- ------------------------------------------------------------------ ++++ ignition: - Change virtualization detection from virt-what to systemd-detect-virt; this avoids a dependency to a hardcoded libexec path in module-setup.sh (which broke during the recent migration to /usr/libexec) ++++ kernel-default: - net/packet: fix overflow in tpacket_rcv (CVE-2020-14386 bsc#1176069). - commit b3a3711 - xfs: fix boundary test in xfs_attr_shortform_verify (CVE-2020-14385 bsc#1176137). - commit e45cbdb - fix patch metadata - fix Patch-mainline: patches.suse/sched-Add-a-tracepoint-to-track-rq-nr_running.patch patches.suse/sched-Better-document-ttwu.patch patches.suse/sched-Fix-use-of-count-for-nr_running-tracepoint.patch patches.suse/sched-cputime-Improve-cputime_adjust.patch patches.suse/sched-debug-Add-new-tracepoints-to-track-util_est.patch patches.suse/sched-debug-Fix-the-alignment-of-the-show-state-debug-output.patch patches.suse/sched-fair-Remove-unused-sd-parameter-from-scale_rt_capacity.patch patches.suse/sched-fair-update_pick_idlest-Select-group-with-lowest-group_util-when-idle_cpus-are-equal.patch patches.suse/sched-nohz-stop-passing-around-unused-ticks-parameter.patch patches.suse/sched-pelt-Remove-redundant-cap_scale-definition.patch - commit 1ab5af9 - blacklist.conf: dma-debug: speed up debug code that is disabled in SUSE kernels - commit aa33a0d - blacklist.conf: kstrto*: comment fix - commit 26002cd - blacklist.conf: kthread: comment fix - commit 7fd20f3 - mei: me: disable mei interface on Mehlow server platforms (bsc#1175952). - commit a2053ac - mei: fix CNL itouch device number to match the spec (bsc#1175952). - commit a4a5282 - mei: me: disable mei interface on LBG servers (bsc#1175952). - commit e28fa12 - sched/debug: Fix the alignment of the show-state debug output (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Fix use of count for nr_running tracepoint (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: update_pick_idlest() Select group with lowest group_util when idle_cpus are equal (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: nohz: stop passing around unused "ticks" parameter (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Better document ttwu() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Add a tracepoint to track rq->nr_running (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/debug: Add new tracepoints to track util_est (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Remove unused 'sd' parameter from scale_rt_capacity() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/pelt: Remove redundant cap_scale() definition (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/cputime: Improve cputime_adjust() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 7ea4247 - Update patches.suse/btrfs-Move-free_pages_out-label-in-inline-extent-han.patch (bsc#1174484). Fix wrong bsc reference number exposed by Filipe: https://bugzilla.suse.com/show_bug.cgi?id=1175263#c1 - commit 8c0ade9 ++++ patterns-microos: - replace kubic-locale-archive with glibc-locale-base (bsc#1176079) ++++ selinux-policy: - Drop BuildRequires for python, python-xml. It's not needed anymore ------------------------------------------------------------------ ------------------ 2020-9-2 - Sep 2 2020 ------------------- ------------------------------------------------------------------ ++++ gzip: - Enable DFLTCC compression for s390x for levels 1-6 (i. e. to make it used by default) by adding -DDFLTCC_LEVEL_MASK=0x7e to CLFAGS. [jsc#SLE-13775] ++++ kernel-default: - scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Provide description for lpfc_mem_alloc()'s 'align' param (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Correct some pretty obvious misdocumentation (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: NVMe remote port devloss_tmo from lldd (bcs#1173060 bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). Replace patches.suse/lpfc-synchronize-nvme-transport-and-lpfc-driver-devloss_tmo.patch with upstream version of the fix. - scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - scsi: lpfc: Avoid another null dereference in lpfc_sli4_hba_unset() (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). - commit b565a9f - kabi/severities: ignore kABI for net/ethernet/mscc/ References: bsc#1176001,bsc#1175999 Exported symbols from drivers/net/ethernet/mscc/ are only used by drivers/net/dsa/ocelot/ - commit 16c1e85 - ext4: handle read only external journal device (bsc#1176063). - commit 06e42e2 - Update patches.suse/firmware-smccc-drop-smccc_version-enum-and-use-arm_smccc_version_1_x-instead.patch By the time the backport happened the file of SMCCC v1.2 'arm64/kernel/paravirt.c' didn't exist. It was introduced later on with 94bebd30479. Add missing hunk to fix compile breaks on aarch64. - commit 3d16a74 ++++ python3-core: - Add faulthandler_stack_overflow_on_GCC10.patch to make build working even with GCC10 (bpo#38965). ++++ systemd: - Upgrade to v246.4 (commit f1344d5b7f31e98aedb01e606f41d74d3caaf446) See https://github.com/openSUSE/systemd/blob/SUSE/v246/NEWS for details. Now that the number of SUSE specific patches has been shrinked and is pretty low (12 at the time of this writing), they are no more tracked by the git repo and are now handled at the package level. Hence It is easier to maintain and identify them. This effectively means that SUSE/v246 will contain upstream commits only. Added 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch Added 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch Added 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch Added 0004-tmpfiles-support-exclude-statements-based-on-file-ow.patch Added 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch Added 0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch Added 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch Added 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch Added 0009-pid1-handle-console-specificities-weirdness-for-s390.patch Added 0010-journald-disable-audit-support-completely-from-the-j.patch Added 0011-core-disable-session-keyring-per-system-sevice-entir.patch Added 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch ++++ podman: - Update to v2.0.6 * Fixed a bug where running systemd in a container on a cgroups v1 system would fail. * Fixed a bug where /etc/passwd could be re-created every time a container is restarted if the container's /etc/passwd did not contain an entry for the user the container was started as. * Fixed a bug where containers without an /etc/passwd file specifying a non-root user would not start. * Fixed a bug where the --remote flag would sometimes not make remote connections and would instead attempt to run Podman locally. ++++ python3: - Add faulthandler_stack_overflow_on_GCC10.patch to make build working even with GCC10 (bpo#38965). ------------------------------------------------------------------ ------------------ 2020-9-1 - Sep 1 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/book3s64/radix: Fix boot failure with large amount of guest memory (bsc#1176022 ltc#187208). - commit 8bb9577 - btrfs: rename btrfs_block_group_cache (bsc#1176019). - Refresh patches.suse/btrfs-scrub-Don-t-check-free-space-before-marking-a-.patch. - commit 1e82a09 - btrfs: use btrfs_block_group_cache_done in update_block_group (bsc#1176019). - Update patches.suse/btrfs-add-dedicated-members-for-start-and-length-of-.patch (bsc#1176019). - commit 9bd7aef - btrfs: block-group: Reuse the item key from caller of read_one_block_group() (bsc#1176019). - commit a94961e - btrfs: block-group: Refactor btrfs_read_block_groups() (bsc#1176019). - commit 29102c4 - btrfs: add dedicated members for start and length of a block group (bsc#1176019). - Refresh patches.suse/0001-btrfs-scrub-Require-mandatory-block-group-RO-for-dev.patch. - Refresh patches.suse/0002-btrfs-kill-min_allocable_bytes-in-inc_block_group_ro.patch. - Refresh patches.suse/0002-btrfs-take-overcommit-into-account-in-inc_block_grou.patch. - Refresh patches.suse/Btrfs-fix-block-group-remaining-RO-forever-after-err.patch. - Refresh patches.suse/btrfs-fix-a-block-group-ref-counter-leak-after-failu.patch. - Refresh patches.suse/btrfs-fix-race-between-block-group-removal-and-block.patch. - commit 1e9fcdd - btrfs: rename extent buffer block group item accessors (bsc#1176019). - commit 8b22e32 - btrfs: rename block_group_item on-stack accessors to follow naming (bsc#1176019). - commit 93bdcbc - btrfs: remove embedded block_group_cache::item (bsc#1176019). - commit 667dac6 - btrfs: move block_group_item::flags to block group (bsc#1176019). - commit 6f39840 - btrfs: move block_group_item::used to block group (bsc#1176019). - Refresh patches.suse/0002-btrfs-take-overcommit-into-account-in-inc_block_grou.patch. - commit 225cb14 - btrfs: drop unused parameter is_new from btrfs_iget (bsc#1176019). - commit 3fe9dc3 - btrfs: stop clearing EXTENT_DIRTY in inode I/O tree (bsc#1176019). - Refresh patches.suse/btrfs-qgroup-fix-data-leak-caused-by-race-between-wr.patch. - commit 8d60367 - sdhci: tegra: Add missing TMCLK for data timeout (git-fixes). - sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186 (git-fixes). - sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210 (git-fixes). - mmc: mediatek: add optional module reset property (git-fixes). - mmc: dt-bindings: Add resets/reset-names for Mediatek MMC bindings (git-fixes). - mmc: sdhci-acpi: Fix HS400 tuning for AMDI0040 (git-fixes). - commit c4a6eec - dpaa_eth: Fix one possible memleak in dpaa_eth_probe (bsc#1175996). - net: dsa: felix: send VLANs on CPU port as egress-tagged (bsc#1175998). - felix: Fix initialization of ioremap resources (bsc#1175997). - net: dsa: ocelot: the MAC table on Felix is twice as large (bsc#1175999). - net: enetc: fix an issue about leak system resources (bsc#1176000). - net: mscc: ocelot: fix untagged packet drops when enslaving to vlan aware bridge (bsc#1176001). - commit 6defddf - blacklist.conf: arm64: add coresight fixes Coresight is not enabled in SLE15-SP2 - commit 973814d ++++ python3-core: - Just cleanup and reordering items to synchronize with python38 ++++ patterns-microos: - make dependency of grub2-branding-SLE hard - bump version to 5.0.0 ++++ python3: - Just cleanup and reordering items to synchronize with python38 ++++ selinux-policy: - Drop fix_dbus.patch_orig, was included by accident - Drop segenxml_interpreter.patch, not used anymore ------------------------------------------------------------------ ------------------ 2020-8-31 - Aug 31 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667). - commit 254a9e5 - Set VIRTIO_CONSOLE=y (bsc#1175667). - commit 73ac49e - i2c: rcar: in slave mode, clear NACK earlier (git-fixes). - i2c: core: Don't fail PRP0001 enumeration when no ID table exist (git-fixes). - device property: Fix the secondary firmware node handling in set_primary_fwnode() (git-fixes). - drm/amd/powerplay: Fix hardmins not being sent to SMU for RV (git-fixes). - drm/msm/a6xx: fix crashdec section name typo (git-fixes). - drm/msm/gpu: make ringbuffer readonly (git-fixes). - drm/msm/adreno: fix updating ring fence (git-fixes). - commit 861fb8e - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken (git-fixes). - PCI: Add device even if driver attach failed (git-fixes). - PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect (git-fixes). - commit 0174122 - PM: sleep: core: Fix the handling of pending runtime resume requests (git-fixes). - commit 0dfcb13 - regulator: fix memory leak on error path of regulator_register() (git-fixes). - commit 924cca3 - USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge (git-fixes). - usb: host: ohci-exynos: Fix error handling in exynos_ohci_probe() (git-fixes). - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D (git-fixes). - xhci: Always restore EP_SOFT_CLEAR_TOGGLE even if ep reset failed (git-fixes). - usb: host: xhci: fix ep context print mismatch in debugfs (git-fixes). - usb: gadget: f_tcm: Fix some resource leaks in some error paths (git-fixes). - USB: cdc-acm: rework notification_buffer resizing (git-fixes). - virtio_pci_modern: Fix the comment of virtio_pci_find_capability() (git-fixes). - USB: serial: ftdi_sio: fix break and sysrq handling (git-fixes). - USB: serial: ftdi_sio: clean up receive processing (git-fixes). - USB: serial: ftdi_sio: make process-packet buffer unsigned (git-fixes). - USB: rename USB quirk to USB_QUIRK_ENDPOINT_IGNORE (git-fixes). - commit 139c620 - Fix build error when CONFIG_ACPI is not set/enabled: (bsc#1065600). - commit b05ccc4 - efi: avoid error message when booting under Xen (bsc#1172419). - commit e2269b0 - drm/xen-front: Fix misused IS_ERR_OR_NULL checks (bsc#1065600). - commit 495693e - powerpc/perf: Fix crashes with generic_compat_pmu & BHRB (bsc#1156395). - commit 823dc81 - xen/gntdev: Fix dmabuf import with non-zero sgt offset (bsc#1065600). - commit 4c3d2e5 - Revert "xen/balloon: Fix crash when ballooning on x86 32 bit PAE" (bsc#1065600). - commit 92eacc3 - xen/balloon: make the balloon wait interruptible (bsc#1065600). - commit e8237de - xen/balloon: fix accounting in alloc_xenballooned_pages error path (bsc#1065600). - commit eda7ced - fix patch metadata - fix upstream reference: patches.suse/0002-dax-do-not-print-error-message-for-non-persistent-me.patch - commit be9f703 ++++ python3-core: - Format with spec-cleaner ++++ python3: - Format with spec-cleaner ------------------------------------------------------------------ ------------------ 2020-8-30 - Aug 30 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update kabi files. - update to September 2020 maintenance update submission (commit 8bb516dc7a0a) - commit 77f2936 - bcache: allocate meta data pages as compound pages (bsc#1172873). - commit 55a313b - block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148). - block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148). - commit 7c62217 - dax: do not print error message for non-persistent memory block device (bsc#1171073). - dax: print error message by pr_info() in __generic_fsdax_supported() (bsc#1171073). - commit d1ad35e ++++ mdadm: - mdadm: treat the Dell softraid array as local array (bsc#1175004) 1003-mdadm-treat-the-Dell-softraid-array-as-local-array.patch ------------------------------------------------------------------ ------------------ 2020-8-28 - Aug 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - obsolete_kmp: provide newer version than the obsoleted one (boo#1170232). - commit c5ecb27 - hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() (git-fixes). - hv_netvsc: Remove "unlikely" from netvsc_select_queue (git-fixes). - hv_netvsc: do not use VF device if link is down (git-fixes). - commit 83af1e6 - update upstream reference - update "net" repository URL: patches.suse/ibmvnic-fix-NULL-tx_pools-and-rx_tools-issue-at-do_r.patch - commit f299d68 - soc/tegra: pmc: Enable PMIC wake event on Tegra194 (bsc#1175834). - commit e2e5a5c - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873 ltc#187922). - commit eff0cb0 - kabi/severities: ignore qla2xxx as all symbols are internal - commit cbc9e8b ++++ zlib: - Add patch to fix compression level switching bsc#1175811 bsc#1175830 bsc#1175831 * zlib-compression-switching.patch ++++ libzypp: - VendorAttr: Const-correct API and let Target provide its settings (bsc#1174918) - Support buildnr with commit hash in purge-kernels (bsc#1175342) This adds special behaviour for when a kernel version has the rebuild counter before the kernel commit hash. - Improve Italian traslation of the "breaking dependencies" message (bsc#1173529) - Make sure reading from lsof does not block forever (bsc#1174240) - Just collect details for the signatures found (fixes #229) - version 17.24.2 (22) ++++ patterns-microos: - recommend grub2-branding-SLE by base pattern ++++ u-boot-rpiarm64: - Fix network synchronization issue between send and receive buffer (bsc#1175902) Patch queue updated from git://github.com/openSUSE/u-boot.git sle15-sp2 * Patches added: 0036-bcmgenet-fix-DMA-buffer-management.patch 0037-bcmgenet-Add-support-for-rgmii-rxid.patch ++++ zypper: - Directly list subcommands in 'zypper help' (bsc#1165424) - man: enhance description of the global package cache (bsc#1175592) - Remove extern C block wrapping augeas.h as it breaks the build on Arch Linux. - Point out that plaindir repos do not follow symlinks (bsc#1174561) - Fix help command for list-patches - man: Point out that plain rpm packages are not downloaded to the global package cache (bsc#1173273) - version 1.14.38 ------------------------------------------------------------------ ------------------ 2020-8-27 - Aug 27 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix verification requested but nobody cares error when loading external module in secure boot off (bsc#1175766) * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch ++++ kernel-default: - scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790). - commit 3f94600 - blacklist.conf: Update for perf userspace git-fixes - commit 981209c - scsi/fc: kABI fixes for new ELS_RPD definition (bsc#1171688 bsc#1174003). - commit 6839081 - efi: libstub/tpm: enable tpm eventlog function for ARM platforms (bsc#1173267). - commit 1168a55 - Revert "scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe" (bsc#1171688 bsc#1174003). - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Indicate correct supported speeds for Mezz card (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688 bsc#1174003). - scsi: qla2xxx: SAN congestion management implementation (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Introduce a function for computing the debug message prefix (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (bsc#1171688 bsc#1174003). - scsi: Fix trivial spelling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688 bsc#1174003). Refresh patches.suse/scsi-qla2xxx-Set-NVMe-status-code-for-failed-NVMe-FC.patch - scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case into lower case (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix the code that reads from mailbox registers (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use register names instead of register offsets (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688 bsc#1174003). - scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688 bsc#1174003). - commit 675dd78 - serial: 8250: change lock order in serial8250_do_startup() (git-fixes). - serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes). - serial: pl011: Don't leak amba_ports entry on driver register error (git-fixes). - kernel/relay.c: fix memleak on destroy relay channel (git-fixes). - drm/amd/display: fix pow() crashing when given base 0 (git-fixes). - drm/amd/display: Fix EDID parsing after resume from suspend (git-fixes). - rtc: goldfish: Enable interrupt in set_alarm() when necessary (git-fixes). - Input: psmouse - add a newline when printing 'proto' by sysfs (git-fixes). - media: camss: fix memory leaks on error handling paths in probe (git-fixes). - media: vpss: clean up resources in init (git-fixes). - media: rockchip: rga: Only set output CSC mode for RGB input (git-fixes). - media: rockchip: rga: Introduce color fmt macros and refactor CSC mode logic (git-fixes). - media: budget-core: Improve exception handling in budget_register() (git-fixes). - commit 0974903 - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691). - commit e293f1c ++++ openssl-1_1: - Include ECDH/DH Requirements from SP800-56Arev3 [bsc#1175844, bsc#1173470] - Add patches: * openssl-DH.patch * openssl-kdf-selftest.patch * openssl-kdf-tls-selftest.patch * openssl-kdf-ssh-selftest.patch ++++ libssh2_org: - Drop man and groff BuildRequires: both are no longer used in current versions. ++++ systemd: - Adjust %pre and %post for the restoration of upstream tmp.mount (boo#1175779) ++++ zlib: - Set -DDFLTCC_LEVEL_MASK=0x7e on s390/s390x jsc#13776 ------------------------------------------------------------------ ------------------ 2020-8-26 - Aug 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh patches.suse/nvme-multipath-round-robin-eliminate-fallback-variable.patch. - commit f3c5d53 - Refresh patches.suse/nvme-multipath-round-robin-fix-single-non-optimized-path-case.patch. - commit d615e5c - powerpc/iommu: Allow bypass-only for DMA (bsc#1156395). - commit 70ae27e - powerpc/fadump: Fix build error with CONFIG_PRESERVE_FA_DUMP=y (bsc#1156395). - commit a889646 - powerpc/perf: Fix missing is_sier_aviable() during build (bsc#1065729). - pseries: Fix 64 bit logical memory block panic (bsc#1065729). - KVM: PPC: Book3S PR: Remove uninitialized_var() usage (bsc#1065729). - commit 45994c6 - selftests/livepatch: fix mem leaks in test-klp-shadow-vars (bsc#1071995). - commit 0e9c3d5 - powerpc/pseries/hotplug-cpu: wait indefinitely for vCPU death (fate#322438 bsc#1085030 ltC#165630). - commit d3a8444 - selftests/livepatch: more verification in test-klp-shadow-vars (bsc#1071995). - commit fead416 - selftests/livepatch: rework test-klp-shadow-vars (bsc#1071995). - commit c5a8b83 - selftests/livepatch: simplify test-klp-callbacks busy target tests (bsc#1071995). - commit ab54a11 - powerpc/64s: Don't init FSCR_DSCR in __init_FSCR() (bsc#1065729). - commit a21209e - tracing: Use trace_sched_process_free() instead of exit() for pid tracing (git-fixes). - commit 6da73c8 - tracepoint: Mark __tracepoint_string's __used (git-fixes). - commit 9722e3c - blacklist.conf: 96b4833b6827 ("tracing/hwlat: Honor the tracing_cpumask") CONFIG_HWLAT_TRACER is not set anywhere. - commit 314fc84 - blacklist.conf: 7ef282e05132 ("tracing: Move pipe reference to trace array instead of current_tracer") As mentioned in the changelog, it is a cleanup and not really a critical fix. - commit 9fc5f45 - Mark the SLE15-SP2 kernel properly released. There perhaps was a typo, when SUSE_KERNEL_RELEASED missed the trailing "D" - this leads to our kernels being marked as "Unreleased kernel". SUSE_KERNEL_RELEASED is defined in rpm/kernel-binary.spec.in. To fix that, it should be enough to switch from SUSE_KERNEL_RELEASE to SUSE_KERNEL_RELEASED. - commit 2de2687 - bfq: fix blkio cgroup leakage v4 (bsc#1175775). - commit 78cc5b1 - kernfs: do not call fsnotify() with name without a parent (bsc#1175770). - commit 7f9fdb0 - ext4: fix checking of directory entry validity for inline directories (bsc#1175771). - commit 50ef0f0 - ext2: fix missing percpu_counter_inc (bsc#1175774). - commit 5a50871 - mm: filemap: clear idle flag for writes (bsc#1175769). - commit 7a6a0d8 - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() (bsc#1175772). - commit feb29da - dlm: Fix kobject memleak (bsc#1175768). - commit 88c29e9 - mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs (jsc#SLE-13411). - i2c: i801: Add support for Intel Tiger Lake PCH-H (jsc#SLE-13411). - i2c: i801: Add support for Intel Emmitsburg PCH (jsc#SLE-13411). - spi: pxa2xx: Add support for Intel Tiger Lake PCH-H (jsc#SLE-13411). - i2c: i801: Add support for Intel Comet Lake PCH-V (jsc#SLE-13411). - commit ec0755f - ip6_gre: fix null-ptr-deref in ip6gre_init_net() (git-fixes). - commit 7f7d231 ++++ openldap2: - bsc#1175568 CVE-2020-8027 openldap_update_modules_path.sh has a number of issues in it's design that lead to security issues. This file has been removed, from the package, and the %post execution of the install. The function is replaced by /usr/sbin/slapd-ldif-update-crc and /usr/lib/openldap/fixup-modulepath, through the addition of the source files: * fixup-modulepath.sh * slapd-ldif-update-crc.sh * update-crc.sh ++++ systemd: - Import commit a4e393eecb9dbe140a6c7d57419c291d786155cf d8e3bd4e22 Revert "core: don't send SIGKILL to user@.service immediatly during shutdown" ------------------------------------------------------------------ ------------------ 2020-8-25 - Aug 25 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - update upstream references after rebase Once again, scsi maintainer branch got rebased, leaving our Git-commit tags invalid and git_sort complaining heavily. Update the tags to rebased branch. - commit 9c95c04 - fix patch metadata - fix Patch-mainline: patches.suse/md-cluster-Fix-potential-error-pointer-dereference-i.patch patches.suse/md-raid5-Fix-Force-reconstruct-write-io-stuck-in-deg.patch - commit 5986388 - ext4: check journal inode extents more carefully (bsc#1173485). - commit 17c289f - ext4: don't allow overlapping system zones (bsc#1173485). - commit d96644e - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485). - commit 6d00054 - ext4: fix potential negative array index in do_split() (bsc#1173798 CVE-2020-14314). - commit 078f390 - ext4: don't BUG on inconsistent journal feature (bsc#1171634). - commit f410395 - config/x86_64: Make CONFIG_PINCTRL_AMD=y (bsc#1174800) The pinctrl driver has to be initialized before hid-i2c and others. For assuring it, change it built-in, since we can't put the module ordering. This change follows the SLE15-SP2 kernel behavior. - commit 96cf8f7 - Refresh patches.suse/sched-fair-Optimize-dequeue_task_fair.patch. - commit bdf744b - sched/fair: fix NOHZ next idle balance (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 54284ef - update upstream references and move into sorted section: patches.suse/0001-proc-meminfo-avoid-open-coded-reading-of-mv_committed_as.patch. patches.suse/0002-mm-util-make-vm_memory_comitted-more-accurate.patch. patches.suse/0003-mm-adjust-vm_committed_as_batch-according-to-vm-overcommit-policy.patch. patches.suse/fsnotify-Rearrange-fast-path-to-minimise-overhead-when-there-is-no-watcher.patch. - commit 400e8aa - mlxsw: pci: Fix use-after-free in case of failed devlink reload (networking-stable-20_07_17). - mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON() (networking-stable-20_07_17). - bnxt_en: fix NULL dereference in case SR-IOV configuration fails (networking-stable-20_07_17). - net/mlx5e: Fix 50G per lane indication (networking-stable-20_07_17). - net/mlx5: Fix eeprom support for SFP module (networking-stable-20_07_17). - tcp: make sure listeners don't initialize congestion-control state (networking-stable-20_07_17). - net_sched: fix a memory leak in atm_tc_init() (networking-stable-20_07_17). - l2tp: remove skb_dst_set() from l2tp_xmit_skb() (networking-stable-20_07_17). - vlan: consolidate VLAN parsing code and limit max parsing depth (networking-stable-20_07_17). - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb (networking-stable-20_07_17). - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg (networking-stable-20_07_17). - ipv6: Fix use of anycast address with loopback (networking-stable-20_07_17). - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem (networking-stable-20_07_17). - ipv6: fib6_select_path can not use out path for nexthop objects (networking-stable-20_07_17). - sched: consistently handle layer3 header accesses in the presence of VLANs (networking-stable-20_07_17). - net: dsa: microchip: set the correct number of ports (networking-stable-20_07_17). - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure (networking-stable-20_07_17). - tcp: md5: do not send silly options in SYNCOOKIES (networking-stable-20_07_17). - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers (networking-stable-20_07_17). - genetlink: remove genl_bind (networking-stable-20_07_17). - kABI: genetlink: remove genl_bind (kabi). - net: qrtr: Fix an out of bounds read qrtr_endpoint_post() (networking-stable-20_07_17). - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() (networking-stable-20_07_17). - net: mvneta: fix use of state->speed (networking-stable-20_07_17). - llc: make sure applications use ARPHRD_ETHER (networking-stable-20_07_17). - commit ce8586d - x86/bugs/multihit: Fix mitigation reporting when VMX is not in use (git-fixes). - commit 52699f0 ++++ libX11: - U_0001-Fix-an-integer-overflow-in-init_om.patch * Fix an integer overflow in init_om() [CVE-2020-14363, boo#1175239] ++++ util-linux: - Fix for SG#57988, bsc#1174942: libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts to CIFS with mount –a. ++++ gcc10: - Update to gcc-10 branch head (c0746a1beb1ba073c7981eb09f), git583. * Fixes ABI breakage for as-base CDTORs of final classes. [gcc#95428] ++++ systemd: - Drop requirement on 'sysvinit-tools' It was used to workaround bug #886599 by explicitly calling vhangup(8) from getty@.service so when this service was stopped a virtually hangup on the specified terminal when were stopped to give the shell a few seconds to save its history. But this workaround was dropped since it had no effect (SLE12-GM was released with it but was still suffering from the bug) and was replaced by commit e9db43d5910717a108, which was released from v226 and backported to SLE12/SLE12-SP1. ++++ libvirt: - Xen: Add support for passing arbitrary commands to the qemu device model, similar to the xl.cfg(5) device_model_args setting b0cad42e-xen-dm-cmdline-passthrough.patch, 3d76f4fc-xen-dm-cmdline-config-converter.patch bsc#1174139 ++++ podman: - Update to v2.0.5 (bsc#1175821) * Features - Rootless Podman will now add an entry to /etc/passwd for the user who ran Podman if run with --userns=keep-id. - The podman system connection command has been reworked to support multiple connections, and reenabled for use! - Podman now has a new global flag, --connection, to specify a connection to a remote Podman API instance. * Changes - Podman's automatic systemd integration (activated by the --systemd=true flag, set by default) will now activate for containers using /usr/local/sbin/init as their command, instead of just /usr/sbin/init and /sbin/init (and any path ending in systemd). - Seccomp profiles specified by the --security-opt seccomp=... flag to podman create and podman run will now be honored even if the container was created using --privileged. * Bugfixes - Fixed a bug where the podman play kube would not honor the hostIP field for port forwarding (#5964). - Fixed a bug where the podman generate systemd command would panic on an invalid restart policy being specified (#7271). - Fixed a bug where the podman images command could take a very long time (several minutes) to complete when a large number of images were present. - Fixed a bug where the podman logs command with the --tail flag would not work properly when a large amount of output would be printed ((#7230)[https://github.com//issues/7230]). - Fixed a bug where the podman exec command with remote Podman would not return a non-zero exit code when the exec session failed to start (e.g. invoking a non-existent command) (#6893). - Fixed a bug where the podman load command with remote Podman would did not honor user-specified tags (#7124). - Fixed a bug where the podman system service command, when run as a non-root user by Systemd, did not properly handle the Podman pause process and would not restart properly as a result (#7180). - Fixed a bug where the --publish flag to podman create, podman run, and podman pod create did not properly handle a host IP of 0.0.0.0 (attempting to bind to literal 0.0.0.0, instead of all IPs on the system) (#7104). - Fixed a bug where the podman start --attach command would not print the container's exit code when the command exited due to the container exiting. - Fixed a bug where the podman rm command with remote Podman would not remove volumes, even if the --volumes flag was specified (#7128). - Fixed a bug where the podman run command with remote Podman and the --rm flag could exit before the container was fully removed. - Fixed a bug where the --pod new:... flag to podman run and podman create would create a pod that did not share any namespaces. - Fixed a bug where the --preserve-fds flag to podman run and podman exec could close the wrong file descriptors while trying to close user-provided descriptors after passing them into the container. - Fixed a bug where default environment variables ($PATH and $TERM) were not set in containers when not provided by the image. - Fixed a bug where pod infra containers were not properly unmounted after exiting. - Fixed a bug where networks created with podman network create with an IPv6 subnet did not properly set an IPv6 default route. - Fixed a bug where the podman save command would not work properly when its output was piped to another command (#7017). - Fixed a bug where containers using a systemd init on a cgroups v1 system could leak mounts under /sys/fs/cgroup/systemd to the host. - Fixed a bug where podman build would not generate an event on completion (#7022). - Fixed a bug where the podman history command with remote Podman printed incorrect creation times for layers (#7122). - Fixed a bug where Podman would not create working directories specified by the container image if they did not exist. - Fixed a bug where Podman did not clear CMD from the container image if the user overrode ENTRYPOINT (#7115). - Fixed a bug where error parsing image names were not fully reported (part of the error message containing the exact issue was dropped). - Fixed a bug where the podman images command with remote Podman did not support printing image tags in Go templates supplied to the --format flag (#7123). - Fixed a bug where the podman rmi --force command would not attempt to unmount containers it was removing, which could cause a failure to remove the image. - Fixed a bug where the podman generate systemd --new command could incorrectly quote arguments to Podman that contained whitespace, leading to nonfunctional unit files (#7285). - Fixed a bug where the podman version command did not properly include build time and Git commit. - Fixed a bug where running systemd in a Podman container on a system that did not use the systemd cgroup manager would fail (#6734). - Fixed a bug where capabilities from --cap-add were not properly added when a container was started as a non-root user via --user. - Fixed a bug where Pod infra containers were not properly cleaned up when they stopped, causing networking issues (#7103). * API - Fixed a bug where the libpod and compat Build endpoints did not accept the application/tar content type (instead only accepting application/x-tar) (#7185). - Fixed a bug where the libpod Exists endpoint would attempt to write a second header in some error conditions (#7197). - Fixed a bug where compat and libpod Network Inspect and Network Remove endpoints would return a 500 instead of 404 when the requested network was not found. - Added a versioned _ping endpoint (e.g. http://localhost/v1.40/_ping). - Fixed a bug where containers started through a systemd-managed instance of the REST API would be shut down when podman system service shut down due to its idle timeout (#7294). - Added stronger parameter verification for the libpod Network Create endpoint to ensure subnet mask is a valid value. - The Pod URL parameter to the Libpod Container List endpoint has been deprecated; the information previously gated by the Pod boolean will now be included in the response unconditionally. * Misc - Updated Buildah to v1.15.1 - Updated containers/image library to v5.5.2 ++++ util-linux-systemd: - Fix for SG#57988, bsc#1174942: libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts to CIFS with mount –a. ------------------------------------------------------------------ ------------------ 2020-8-24 - Aug 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: ena: Make missed_tx stat incremental (git-fixes). - net: ena: Change WARN_ON expression in ena_del_napi_in_range() (bsc#1154492). - net: ena: Prevent reset after device destruction (git-fixes). - commit 25750c1 - mm/vunmap: add cond_resched() in vunmap_pmd_range (bsc#1175654 ltc#184617). - commit 313860f - md-cluster: Fix potential error pointer dereference in resize_bitmaps() (git-fixes). - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 (git-fixes). - commit 5f598a1 - Update kabi files. - update to released maintenance update (commit dbe0add4c655) - commit d427f85 - series.conf: cleanup - update upstream references and resort: patches.suse/bonding-fix-active-backup-failover-for-current-ARP-s.patch patches.suse/powerpc-pseries-Do-not-initiate-shutdown-when-system.patch - commit 1f2a0f0 ++++ gcc10: - Update to gcc-10 branch head (d523b5201cce1796717a8ca669), git580. * Includes gcc10-streamer-backports1.patch and gcc10-streamer-backports2.patch. * Includes fixes for LTO ICE [bsc#1175168] and aarc64 128bit CAS miscompilation [bsc#1174753]. ------------------------------------------------------------------ ------------------ 2020-8-23 - Aug 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - update patch metadata - update Git-repo tag: patches.suse/bonding-fix-active-backup-failover-for-current-ARP-s.patch - commit 9d16d24 ------------------------------------------------------------------ ------------------ 2020-8-22 - Aug 22 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Make consistent check to enable relative path on btrfs (bsc#1174567) * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch ------------------------------------------------------------------ ------------------ 2020-8-21 - Aug 21 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - LVM failing to activate hot spare on surprise removal (bsc#1175110) + bug-1175110_dmeventd-avoid-bail-out-preventing-repair-in-raid-pl.patch - change lvm2.spec source URL - lvm2.spec ++++ grub2: - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery (bsc#1172745) * 0001-ieee1275-powerpc-implements-fibre-channel-discovery-.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch ++++ kernel-default: - ALSA: hda: avoid reset of sdo_limit (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion (git-fixes). - ASoC: intel: Fix memleak in sst_media_open (git-fixes). - ASoC: wm8994: Avoid attempts to read unreadable registers (git-fixes). - ASoC: msm8916-wcd-analog: fix register Interrupt offset (git-fixes). - ASoC: q6routing: add dummy register read/write function (git-fixes). - ASoC: q6afe-dai: mark all widgets registers as SND_SOC_NOPM (git-fixes). - ALSA: usb-audio: ignore broken processing/extension unit (git-fixes). - ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes). - ALSA: usb-audio: Update documentation comment for MS2109 quirk (git-fixes). - ALSA: isa: fix spelling mistakes in the comments (git-fixes). - ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1) (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Flex Book (git-fixes). - commit 2cf9c73 - RDMA/mlx5: Fix typo in enum name (git-fixes). - cpumap: Use non-locked version __ptr_ring_consume_batched (git-fixes). - commit b117316 - igc: Fix PTP initialization (bsc#1160634). - vmxnet3: use correct tcp hdr length when packet is encapsulated (bsc#1175199). - RDMA/mlx5: Add missing srcu_read_lock in ODP implicit flow (jsc#SLE-8446). - net/mlx5: DR, Change push vlan action sequence (jsc#SLE-8464). - ice: Graceful error handling in HW table calloc failure (jsc#SLE-7926). - ice: Clear and free XLT entries on reset (jsc#SLE-7926). - commit da2585a - bonding: fix active-backup failover for current ARP slave (bsc#1174771). - commit 2837560 - enetc: Fix tx rings bitmap iteration range, irq handling (networking-stable-20_06_28). - sch_cake: don't call diffserv parsing code when it is not needed (networking-stable-20_06_28). - sch_cake: don't try to reallocate or unshare skb unconditionally (networking-stable-20_06_28). - sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket (networking-stable-20_06_28). - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT (networking-stable-20_06_28). - net: bridge: enfore alignment for ethernet address (networking-stable-20_06_28). - tcp: don't ignore ECN CWR on pure ACK (networking-stable-20_06_28). - openvswitch: take into account de-fragmentation/gso_size in execute_check_pkt_len (networking-stable-20_06_28). - net: Do not clear the sock TX queue in sk_set_socket() (networking-stable-20_06_28). - net: increment xmit_recursion level in dev_direct_xmit() (networking-stable-20_06_28). - net: Fix the arp error in some cases (networking-stable-20_06_28). - ip_tunnel: fix use-after-free in ip_tunnel_lookup() (networking-stable-20_06_28). - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() (networking-stable-20_06_28). - net: core: reduce recursion limit value (networking-stable-20_06_28). - net: fix memleak in register_netdevice() (networking-stable-20_06_28). - net: usb: ax88179_178a: fix packet alignment padding (networking-stable-20_06_28). - tcp: grow window for OOO packets only for SACK flows (networking-stable-20_06_28). - mvpp2: ethtool rxtx stats fix (networking-stable-20_06_28). - rocker: fix incorrect error handling in dma_rings_init (networking-stable-20_06_28). - mld: fix memory leak in ipv6_mc_destroy_dev() (networking-stable-20_06_28). - commit 1f17d28 - KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART (bsc#1133021). - KVM: x86: Fix APIC page invalidation race (bsc#1133021). - KVM: Reinstall old memslots if arch preparation fails (bsc#1133021). - commit 8362c5b - ipvs: fix the connection sync failed in some cases (bsc#1174699). - commit d96eaab ++++ openldap2: - bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. * 0206-openldap-tlso-use-openssl-api-to-verify-host.patch ++++ lvm2: - LVM failing to activate hot spare on surprise removal (bsc#1175110) + bug-1175110_dmeventd-avoid-bail-out-preventing-repair-in-raid-pl.patch - change lvm2.spec source URL - lvm2.spec ++++ python3-core: - riscv64-support.patch: bpo-33377: add triplets for mips-r6 and riscv (#6655) - riscv64-ctypes.patch: bpo-35847: RISC-V needs CTYPES_PASS_BY_REF_HACK (GH-11694) - Update list of tests to exclude under qemu linux-user ++++ python3: - riscv64-support.patch: bpo-33377: add triplets for mips-r6 and riscv (#6655) - riscv64-ctypes.patch: bpo-35847: RISC-V needs CTYPES_PASS_BY_REF_HACK (GH-11694) - Update list of tests to exclude under qemu linux-user ++++ system-users: - Don't add group nogroup to user nobody, as many daemons misuse 'nogroup' as own group ------------------------------------------------------------------ ------------------ 2020-8-20 - Aug 20 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/pseries: Do not initiate shutdown when system is running on UPS (bsc#1175440 ltc#187574). - commit 738b1b0 - btrfs: fix memory leaks after failure to lookup checksums during inode logging (bsc#1175550). - commit 91d88bc - btrfs: remove useless check for copy_items() return value (bsc#1175546). - commit 564c2ae - btrfs: make full fsyncs always operate on the entire file again (bsc#1175546). - commit 75261f5 - btrfs: make ranged full fsyncs more efficient (bsc#1175546). - commit 4839ec4 - btrfs: factor out inode items copy loop from btrfs_log_inode() (bsc#1175546). - commit 269fe12 - btrfs: add helper to get the end offset of a file extent item (bsc#1175546). - commit 60d1bb0 - btrfs: fix missing file extent item for hole after ranged fsync (bsc#1175546). - commit dd0a610 - scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow (bsc#1172418). - commit 408e9b4 - spi: stm32: fixes suspend/resume management (git-fixes). - HID: input: Fix devices that return multiple bytes in battery report (git-fixes). - Bluetooth: add a mutex lock to avoid UAF in do_enale_set (git-fixes). - iwlegacy: Check the return value of pcie_capability_read_*() (git-fixes). - brcmfmac: set state of hanger slot to FREE when flushing PSQ (git-fixes). - brcmfmac: To fix Bss Info flag definition Bug (git-fixes). - brcmfmac: keep SDIO watchdog running when console_interval is non-zero (git-fixes). - drm: msm: a6xx: fix gpu failure after system resume (git-fixes). - drm/msm: ratelimit crtc event overflow error (git-fixes). - drm/ttm/nouveau: don't call tt destroy callback on alloc failure (git-fixes bsc#1175232). - drm/nouveau: fix reference count leak in nouveau_debugfs_strap_peek (git-fixes). - drm/nouveau: fix multiple instances of reference count leaks (git-fixes). - gpu: host1x: debug: Fix multiple channels emitting messages simultaneously (git-fixes). - drm/amd/powerplay: fix compile error with ARCH=arc (git-fixes). - drm/etnaviv: fix ref count leak via pm_runtime_get_sync (git-fixes). - drm/nouveau/kms/nv50-: Fix disabling dithering (git-fixes). - video: fbdev: neofb: fix memory leak in neo_scan_monitor() (git-fixes). - video: fbdev: savage: fix memory leak on error handling path in probe (git-fixes). - drm/amdgpu/display bail early in dm_pp_get_static_clocks (git-fixes). - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync (git-fixes). - drm/amdgpu: avoid dereferencing a NULL pointer (git-fixes). - drm/radeon: disable AGP by default (git-fixes). - drm/tilcdc: fix leak & null ref in panel_connector_get_modes (git-fixes). - drm/debugfs: fix plain echo to connector "force" attribute (git-fixes). - mmc: sdhci-pci-o2micro: Bug fix for O2 host controller Seabird1 (git-fixes). - mmc: sdhci-cadence: do not use hardware tuning for SD mode (git-fixes). - usb: mtu3: clear dual mode of u3port when disable device (git-fixes). - usb: bdc: Halt controller on suspend (git-fixes). - bdc: Fix bug causing crash after multiple disconnects (git-fixes). - usb: gadget: net2280: fix memory leak on probe error handling paths (git-fixes). - dyndbg: fix a BUG_ON in ddebug_describe_flags (git-fixes). - ACPICA: Do not increment operation_region reference counts for field units (git-fixes). - spi: spidev: Align buffers for DMA (git-fixes). - soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag (git-fixes). - platform/x86: asus-nb-wmi: add support for ASUS ROG Zephyrus G14 and G15 (git-fixes). - crypto: aesni - Fix build with LLVM_IAS=1 (git-fixes). - crypto: aesni - add compatibility with IAS (git-fixes). - platform/x86: ISST: Add new PCI device ids (git-fixes). - commit 6acba4d ++++ libpwquality: - update to 1.4.2: * Fix regression in handling retry, enforce_for_root, and local_users_only options introduced with the previous release. ++++ python3-core: - Update the python keyring - Correct libpython name - Drop patches which are not mentioned in spec: * CVE-2019-5010-null-defer-x509-cert-DOS.patch * F00102-lib64.patch * F00251-change-user-install-location.patch * OBS_dev-shm.patch * SUSE-FEDORA-multilib.patch * bpo-31046_ensurepip_honours_prefix.patch * bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch * bpo36302-sort-module-sources.patch * bpo40784-Fix-sqlite3-deterministic-test.patch * bsc1167501-invalid-alignment.patch * python3-imp-returntype.patch - Working around missing python-packaging dependency in python-Sphinx (bsc#1174571) is not necessary anymore. ++++ systemd: - Import commit 6d6d92930acad63f9b9029c305a672c32c550d2d (include merge of v245.7) 797ad47d3e vconsole-setup: downgrade log message when setting font fails on dummy console (bsc#1172195 bsc#1173539) [...] For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/b12cd8b89b4bccfcf972b47153a2b01cd7775932...6d6d92930acad63f9b9029c305a672c32c550d2d - Drop 0001-Revert-job-Don-t-mark-as-redundant-if-deps-are-relev.patch Upstream finally reverted it and it's part of both v245.7 and master. ++++ python3: - Update the python keyring - Correct libpython name - Drop patches which are not mentioned in spec: * CVE-2019-5010-null-defer-x509-cert-DOS.patch * F00102-lib64.patch * F00251-change-user-install-location.patch * OBS_dev-shm.patch * SUSE-FEDORA-multilib.patch * bpo-31046_ensurepip_honours_prefix.patch * bpo34022-stop_hash-based_invalidation_w_SOURCE_DATE_EPOCH.patch * bpo36302-sort-module-sources.patch * bpo40784-Fix-sqlite3-deterministic-test.patch * bsc1167501-invalid-alignment.patch * python3-imp-returntype.patch - Working around missing python-packaging dependency in python-Sphinx (bsc#1174571) is not necessary anymore. ------------------------------------------------------------------ ------------------ 2020-8-19 - Aug 19 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+suse.156.g7d852636: * net-lib.sh: support infiniband network mac addresses (bsc#996146) * 95nfs: use ip_params_for_remote_addr() (bsc#1167494) * 95iscsi: use ip_params_for_remote_addr() (bsc#1167494) * dracut-functions: add ip_params_for_remote_addr() helper (bsc#1167494) ++++ kernel-default: - series.conf: cleanup - update upstream references and resort: patches.suse/nvme-multipath-do-not-fall-back-to-__nvme_find_path-.patch patches.suse/nvme-multipath-fix-logic-for-non-optimized-paths.patch - fix Git-commit after rebase and moved into "almost mainline" section: patches.suse/nvme-multipath-round-robin-eliminate-fallback-variable.patch patches.suse/nvme-multipath-round-robin-fix-single-non-optimized-path-case.patch - commit 8eb0dea - btrfs: treat RWF_{,D}SYNC writes as sync for CRCs (bsc#1175493). - commit f823fb0 - PCI: hv: Fix a timing issue which causes kdump to fail occasionally (bsc#1172871, git-fixes). - commit e5d6bfd - rpm/kernel-binary.spec.in: restrict livepatch metapackage to default flavor It has been reported that the kernel-*-livepatch metapackage got erroneously enabled for SLE15-SP3's new -preempt flavor, leading to a unresolvable dependency to a non-existing kernel-livepatch-x.y.z-preempt package. As SLE12 and SLE12-SP1 have run out of livepatching support, the need to build said metapackage for the -xen flavor is gone and the only remaining flavor for which they're still wanted is -default. Restrict the build of the kernel-*-livepatch metapackage to the -default flavor. - commit 58949f3 - Drivers: hv: vmbus: Only notify Hyper-V for die events that are oops (bsc#1175128). - commit 0bc8a06 - kABI: Fix kABI after EFI_RT_PROPERTIES table backport (bsc#1174029, bsc#1174110, bsc#1174111). - commit b284d8a ++++ python3-core: - Update to 3.6.12 (bsc#1179193) * Ensure python3.dll is loaded from correct locations when Python is embedded * The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address). * Prevent http header injection by rejecting control characters in http.client.putrequest(…). * Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now UnpicklingError instead of crashing. * Avoid infinite loop when reading specially crafted TAR files using the tarfile module - Drop merged fixtures: * CVE-2020-14422-ipaddress-hash-collision.patch * CVE-2019-20907_tarfile-inf-loop.patch * recursion.tar - This release also fixes CVE-2020-26116 (bsc#1177211) and CVE-2019-20907 (bsc#1174091). ++++ libvirt: - virdevmapper: Handle kernel without device-mapper support feb8564a-handle-no-devmapper.patch, 53d9af1e-ignore-devmapper-open-errors.patch boo#1175465 - qemu: Avoid stale capabilities cache host CPU or kernel command line changes c5fffb95-kernel-cmdline-parser.patch, b611b620-check-s390-secure-guest.patch, 657365e7-check-amd-secure-guest.patch, 0254ceab-s390-host-validate-check.patch, 4b561d49-amd-host-validate-check.patch, 2c3ffa37-update-amd-doc.patch, f0d0cd61-update-s390-doc.patch, 8cb9d249-autoptr-file-callback.patch, a551dd5f-intro-virHostCPUGetSignature.patch, 44f826e4-virHostCPUGetSignature-x86.patch, 2a68ceaa-virHostCPUGetSignature-ppc64.patch, d3d87e0c-virHostCPUGetSignature-s390.patch, 004804a7-qemu-invalidate-caps.patch bsc#1173157 ++++ python3: - Update to 3.6.12 (bsc#1179193) * Ensure python3.dll is loaded from correct locations when Python is embedded * The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address). * Prevent http header injection by rejecting control characters in http.client.putrequest(…). * Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now UnpicklingError instead of crashing. * Avoid infinite loop when reading specially crafted TAR files using the tarfile module - Drop merged fixtures: * CVE-2020-14422-ipaddress-hash-collision.patch * CVE-2019-20907_tarfile-inf-loop.patch * recursion.tar - This release also fixes CVE-2020-26116 (bsc#1177211) and CVE-2019-20907 (bsc#1174091). ------------------------------------------------------------------ ------------------ 2020-8-18 - Aug 18 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix for CVE-2020-15705 (bsc#1174421) * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0002-cmdline-Provide-cmdline-functions-as-module.patch ++++ ignition: - Add patch to fix install on %arm: * ignition-fix-arm32-installation.patch ++++ iputils: - Remove 2 old patches (iputils-sec-ping-unblock.diff, iputils-ping-interrupt.diff) Although not documented, they both belong to bsc#674304. Fix from 2011 was resolved upstream in commit 810dd7f ("ping,ping6: Unmask signals on start-up.") [1], released in s20121112. - Update iputils-remove-bogus-check-required-for-2.4.9-kernels.patch (backport 4471ac6 to add changes in header files) - Use git format for iputils-ping-fix-pmtu-for-ipv6.patch (required by %autosetup -p1) - Use %autosetup -p1 ++++ kernel-default: - scsi_dh_alua: set 'transitioning' state on unit attention (bsc#1171000, bsc#1165933). - commit cf7ac61 - scsi_dh_alua: return BLK_STS_AGAIN for ALUA transitioning state (bsc#1165933, bsc#1171000). - commit f6e8a74 - block: return status code in blk_mq_end_request() (bsc#1171000, bsc#1165933). - commit 0b97993 - series.conf: refresh - update upstream reference and resort: patches.suse/ALSA-usb-audio-fix-overeager-device-match-for-MacroS.patch - commit 3e22b20 - fix patch metadata - fix Patch-mainline: patches.suse/btrfs-Move-free_pages_out-label-in-inline-extent-han.patch - commit 113168c - fix patch metadata - fix Patch-mainline and drop Git-repo: patches.suse/xfrm-policy-match-with-both-mark-and-mask-on-user-in.patch - commit 18fa7c9 - efi/efivars: Expose RT service availability via efivars abstraction (bsc#1174029, bsc#1174110, bsc#1174111). - commit 7b1e418 - efi: Mark all EFI runtime services as unsupported on non-EFI boot (bsc#1174029, bsc#1174110, bsc#1174111). - commit 4f0f2d2 - Revert "drm/amd/display: Expose connector VRR range via debugfs" (bsc#1152489) * refreshed for context changes - commit c657a41 - drm/ingenic: Fix incorrect assumption about plane->index (bsc#1152489) * refreshed for context changes - commit bc5c9df - drm/bridge: dw-hdmi: Don't cleanup i2c adapter and ddc ptr in (bsc#1152472) * refreshed for context changes - commit 44aa1b6 - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() (bsc#1152489) * refreshed for context changes - commit e3e1287 - blacklist.conf: Append 'drm/i915: Move cec_notifier to intel_hdmi_connector_unregister, v2.' - commit a8c7d52 - blacklist.conf: Append 'drm/i915/gt: Only swap to a random sibling once upon creation' - commit d52efd4 - blacklist.conf: Append 'drm/amd/powerplay: fix a crash when overclocking Vega M' - commit e5e21f4 - blacklist.conf: Append 'drm/radeon: fix double free' - commit 280a51f - blacklist.conf: Append 'drm/i915/fbc: Fix fence_y_offset handling' - commit 479361f - blacklist.conf: Append 'drm/i915/gt: Do not schedule normal requests immediately along virtual' - commit 23a91d5 - net: ena: support new LLQ acceleration mode (bsc#1174852). - net: ena: move llq configuration from ena_probe to ena_device_init() (bsc#1174852). - net: ena: enable support of rss hash key and function changes (bsc#1174852). - net: ena: add support for traffic mirroring (bsc#1174852). - net: ena: cosmetic: change ena_com_stats_admin stats to u64 (bsc#1174852). - net: ena: cosmetic: satisfy gcc warning (bsc#1174852). - net: ena: add reserved PCI device ID (bsc#1174852). - net: ena: avoid unnecessary rearming of interrupt vector when busy-polling (bsc#1174852). - net: ena: Fix using plain integer as NULL pointer in ena_init_napi_in_range (bsc#1174852). - net: ena: reduce driver load time (bsc#1174852). - net: ena: cosmetic: minor code changes (bsc#1174852). - net: ena: cosmetic: fix spacing issues (bsc#1174852). - net: ena: cosmetic: code reorderings (bsc#1174852). - net: ena: cosmetic: remove unnecessary code (bsc#1174852). - net: ena: cosmetic: fix line break issues (bsc#1174852). - net: ena: cosmetic: fix spelling and grammar mistakes in comments (bsc#1174852). - net: ena: cosmetic: set queue sizes to u32 for consistency (bsc#1174852). - net: ena: cosmetic: rename ena_update_tx/rx_rings_intr_moderation() (bsc#1174852). - net: ena: simplify ena_com_update_intr_delay_resolution() (bsc#1174852). - net: ena: fix ena_com_comp_status_to_errno() return value (bsc#1174852). - net: ena: use explicit variable size for clarity (bsc#1174852). - net: ena: rename ena_com_free_desc to make API more uniform (bsc#1174852). - net: ena: add support for the rx offset feature (bsc#1174852). - net: ena: cosmetic: extract code to ena_indirection_table_set() (bsc#1174852). - net: ena: cosmetic: remove unnecessary spaces and tabs in ena_com.h macros (bsc#1174852). - net: ena: use SHUTDOWN as reset reason when closing interface (bsc#1174852). - net: ena: drop superfluous prototype (bsc#1174852). - net: ena: add support for reporting of packet drops (bsc#1174852). - net: ena: add unmask interrupts statistics to ethtool (bsc#1174852). - net: ena: remove code that does nothing (bsc#1174852). - net: ena: changes to RSS hash key allocation (bsc#1174852). - net: ena: change default RSS hash function to Toeplitz (bsc#1174852). - net: ena: allow setting the hash function without changing the key (bsc#1174852). - net: ena: fix error returning in ena_com_get_hash_function() (bsc#1174852). - net: ena: avoid unnecessary admin command when RSS function set fails (bsc#1174852). - net/ena: Fix build warning in ena_xdp_set() (bsc#1174852). - net: ena: Make some functions static (bsc#1174852). - net: ena: ethtool: clean up minor indentation issue (bsc#1174852). - net: ena: ethtool: remove redundant non-zero check on rc (bsc#1174852). - net: ena: remove set but not used variable 'hash_key' (bsc#1174852). - net: ena: fix continuous keep-alive resets (bsc#1174852). - net: ena: avoid memory access violation by validating req_id properly (bsc#1174852). - net: ena: fix request of incorrect number of IRQ vectors (bsc#1174852). - commit c12b7e0 - blacklist.conf: Append 'drm/radeon: fix fb_div check in ni_init_smc_spll_table()' - commit 85aef32 - blacklist.conf: Append 'Revert "drm/amd/display: disable dcn20 abm feature for bring up"' - commit 196a32f - blacklist.conf: Append 'drm: encoder_slave: fix refcouting error for modules' - commit 29d30a2 - drm/amdgpu/display: use blanked rather than plane state for sync (bsc#1152489) * refreshed for context changes * protect code with CONFIG_DRM_AMD_DC_DCN2_0 - commit 481d44a - drm/bridge: ti-sn65dsi86: Fix off-by-one error in clock choice (bsc#1152489) * refreshed for context changes - commit fa0e7b9 - drm/dbi: Fix SPI Type 1 (9-bit) transfer (bsc#1152472) * move drm_mipi_dbi.c -> tinydrm/mipi-dbi.c - commit 7401aea ++++ microos-tools: - Update to version 2.4 - fixes for autorelabel in initrd - Use systemds tmpfiles.d/tmp.conf to relabel /tmp and cleanup /tmp after 10 days and /var/tmp after 30 days - Don't install tmp.mount.d/selinux.conf on Factory [bsc#1175379] ++++ podman: - Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib ------------------------------------------------------------------ ------------------ 2020-8-17 - Aug 17 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: fix lost i_size update after cloning inline extent (bsc#1175377). - commit c827d4a - Btrfs: avoid unnecessary splits when setting bits on an extent io tree (bsc#1175377). - commit 2f40ee4 - btrfs: delete the ordered isize update code (bsc#1175377). - commit cd0b66c - btrfs: replace all uses of btrfs_ordered_update_i_size (bsc#1175377). - Refresh patches.suse/0004-btrfs-change-timing-for-qgroup-reserved-space-for-or.patch. - commit ea0db18 - btrfs: don't set path->leave_spinning for truncate (bsc#1175377). - commit d3721b5 - Btrfs: fix deadlock during fast fsync when logging prealloc extents beyond eof (bsc#1175377). - commit dd561f7 - Btrfs: fix race between shrinking truncate and fiemap (bsc#1175377). - commit 09d1d3a - btrfs: Rename btrfs_join_transaction_nolock (bsc#1175377). - Refresh patches.suse/0004-btrfs-change-timing-for-qgroup-reserved-space-for-or.patch. - Refresh patches.suse/btrfs-improve-global-reserve-stealing-logic.patch. - Refresh patches.suse/btrfs-make-btrfs_ordered_extent-naming-consistent-wi.patch. - commit fb4625a - btrfs: use the file extent tree infrastructure (bsc#1175377). - Refresh patches.suse/0002-btrfs-inode-move-qgroup-reserved-space-release-to-th.patch. - commit ac53cba - btrfs: introduce per-inode file extent tree (bsc#1175377). - Refresh patches.suse/btrfs-fix-corrupt-log-due-to-concurrent-fsync-of-ino.patch. - commit add4417 - btrfs: use btrfs_ordered_update_i_size in clone_finish_inode_update (bsc#1175377). - commit 266b2b3 - btrfs: move extent_io_tree defs to their own header (bsc#1175377). - Refresh patches.suse/btrfs-8888-add-allow_unsupported-module-parameter.patch. - Refresh patches.suse/btrfs-fix-corrupt-log-due-to-concurrent-fsync-of-ino.patch. - commit 4f0dd59 - btrfs: separate out the extent io init function (bsc#1175377). - commit 82311bf - btrfs: separate out the extent leak code (bsc#1175377). - commit 210fc6b - Btrfs: remove unnecessary delalloc mutex for inodes (bsc#1175377). - commit 0e0ed2f - scsi: dh: Add Fujitsu device to devinfo and dh lists (bsc#1174026). - commit 64f1b61 - kABI fix for sock_cgroup_data (bsc#1175213 CVE-2020-14356). - cgroup: Fix sock_cgroup_data on big-endian (bsc#1175213 CVE-2020-14356). - cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (bsc#1175213 CVE-2020-14356). - commit a3b6e53 - firmware_loader: fix memory leak for paged buffer (bsc#1175367). - commit 8b7305c - nvme: add a Identify Namespace Identification Descriptor list quirk (git-fixes). - commit 7a85489 - scsi: ipr: remove unneeded semicolon (jsc#SLE-13654). - scsi: ipr: Use scnprintf() for avoiding potential buffer overflow (jsc#SLE-13654). - scsi: ipr: Fix softlockup when rescanning devices in petitboot (jsc#SLE-13654). - commit 48dc40d - nvme: fix a crash in nvme_mpath_add_disk (git-fixes, bsc#1159058). - commit 9afbddd - nvme: fix identify error status silent ignore (git-fixes, bsc#1159058). - commit 1c12147 - Refresh patches.suse/mm-fix-protection-usage-propagation.patch. add upstream references - commit 8e0bfa9 - xfs: preserve rmapbt swapext block reservation from freed blocks (git-fixes). - commit 86a5ed2 - xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork (git-fixes). - commit 5f2713c - xfs: fix inode allocation block res calculation precedence (git-fixes). - commit 575ee59 - xfs: fix reflink quota reservation accounting error (git-fixes). - commit 887a853 - arm64: dts: clearfog-gt-8k: set gigabit PHY reset deassert delay (bsc#1175347). - commit 4c9be8d - arm64: dts: exynos: Fix silent hang after boot on Espresso (bsc#1175346). - arm64: dts: imx8qxp-mek: Remove unexisting Ethernet PHY (bsc#1175345). - arm64: dts: uDPU: fix broken ethernet (bsc#1175344). - commit ebcb713 - blacklist.conf: arm64: add intel DTS - commit d0107a6 - blacklist.conf: fix ignored arm64 devicetree folders - commit 1175c5d - btrfs: trim: fix underflow in trim length to prevent access beyond device boundary (bsc#1175263). - btrfs: inode: fix NULL pointer dereference if inode doesn't need compression (bsc#1174484). - btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range (bsc#1175263). - commit 0b38364 - locktorture: Print ratio of acquisitions, not failures (bsc#1149032). - commit 7698a26 ------------------------------------------------------------------ ------------------ 2020-8-16 - Aug 16 2020 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - udpate to 1.1.2 (bsc#1175821) - fix build issues with libmusl. - fix memory leak when creating whiteout files. - fix lookup for overflow uid when it is different than the overflow gid. ++++ kernel-default: - mfd: dln2: Run event handler loop under spinlock (git-fixes). - mfd: arizona: Ensure 32k clock is put on driver unbind and error (git-fixes). - pwm: bcm-iproc: handle clk_get_rate() return (git-fixes). - commit a79237e ------------------------------------------------------------------ ------------------ 2020-8-15 - Aug 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: echoaudio: Fix potential Oops in snd_echo_resume() (git-fixes). - ALSA: hda/hdmi: Use force connectivity quirk on another HP desktop (git-fixes). - ALSA: hda/realtek - Fix unused variable warning (git-fixes). - ALSA: hda - reverse the setting value in the micmute_led_set (git-fixes). - ALSA: echoaduio: Drop superfluous volatile modifier (git-fixes). - ALSA: usb-audio: Disable Lenovo P620 Rear line-in volume control (git-fixes). - ALSA: usb-audio: add quirk for Pioneer DDJ-RB (git-fixes). - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109 (git-fixes). - ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO (git-fixes). - ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged (git-fixes). - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support (git-fixes). - ALSA: usb-audio: fix spelling mistake "buss" -> "bus" (git-fixes). - commit 9eb0560 - Re-sort and refresh the upstreamed USB-audio patch - commit 56623bd ------------------------------------------------------------------ ------------------ 2020-8-14 - Aug 14 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - r8169: read common register for PCI commit (bsc#1175296). - commit 33be6a7 - r8169: move disabling interrupt coalescing to RTL8169/RTL8168 init (bsc#1175296). - commit 150a24b - r8169: fix rtl_hw_jumbo_disable for RTL8168evl (bsc#1175296). - r8169: fix resume on cable plug-in (bsc#1175296). - r8169: fix jumbo configuration for RTL8168evl (bsc#1175296). - r8169: fix jumbo packet handling on resume from suspend (bsc#1175296). - commit 205974e - scsi: smartpqi: bump version to 1.2.16-010 (bsc#1172418). - commit c7cf3da - scsi: smartpqi: add RAID bypass counter (bsc#1172418). - commit 626afe0 - scsi: smartpqi: support device deletion via sysfs (bsc#1172418). - commit a628df1 - scsi: smartpqi: avoid crashing kernel for controller issues (bsc#1172418). - commit bfa2645 - scsi: smartpqi: update logical volume size after expansion (bsc#1172418). - commit 2f4b5a4 - scsi: smartpqi: add id support for SmartRAID 3152-8i (bsc#1172418). - commit 2eeedae - scsi: smartpqi: Identify physical devices without issuing INQUIRY (bsc#1172418). - commit 34ee136 - kABI: restore signature of xfrm_policy_bysel_ctx() and xfrm_policy_byid() (bsc#1174645). - xfrm: policy: match with both mark and mask on user interfaces (bsc#1174645). - commit b412835 - block: Fix the type of 'sts' in bsg_queue_rq() (git-fixes). - commit 1ab9963 - powerpc/nvdimm: use H_SCM_QUERY hcall on H_OVERLAP error (bsc#1175284). - powerpc/nvdimm: Use HCALL error as the return value (bsc#1175284). - commit 619bc4d - net: phy: fix memory leak in device-create error path (git-fixes). - i2c: iproc: fix race between client unreg and isr (git-fixes). - i2c: rcar: avoid race when unregistering slave (git-fixes). - i2c: rcar: slave: only send STOP event when we have been addressed (git-fixes). - net: phy: Check harder for errors in get_phy_id() (git-fixes). - commit a5bf009 ++++ microos-tools: - Add tmp.mount for SUSE MicroOS 5.0 [jsc#SMO-2] ------------------------------------------------------------------ ------------------ 2020-8-13 - Aug 13 2020 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix: [bsc#1175109, CVE-2020-8231] * An application that performs multiple requests with libcurl's multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wrong connection and instead pick another one the application has created since then. - Add curl-CVE-2020-8231.patch ++++ grub2: - Make grub-calloc inline to avoid symbol not found error as the system may not use updated grub to boot the system (bsc#1174782) (bsc#1175060) (bsc#1175036) * 0001-kern-mm.c-Make-grub_calloc-inline.patch ++++ kernel-default: - series.conf: refresh - update upstream reference and resort: patches.suse/clk-bcm2835-do-not-use-prediv-with-bcm2711-s-plls.patch - commit f0a312b - clk: at91: sckc: register slow_rc with accuracy option (git-fixes). - clk: at91: sam9x60: fix main rc oscillator frequency (git-fixes). - clk: at91: sam9x60-pll: check fcore against ranges (git-fixes). - clk: at91: sam9x60-pll: use logical or for range check (git-fixes). - clk: at91: clk-generated: check best_rate against ranges (git-fixes). - clk: at91: clk-generated: continue if __clk_determine_rate() returns error (git-fixes). - clk: clk-atlas6: fix return value check in atlas6_clk_init() (git-fixes). - clk: iproc: round clock rate to the closest (git-fixes). - clk: rockchip: Revert "fix wrong mmc sample phase shift for rk3328" (git-fixes). - clk: actions: Fix h_clk for Actions S500 SoC (git-fixes). - clk: qcom: gcc-sdm660: Fix up gcc_mss_mnoc_bimc_axi_clk (git-fixes). - clk: qcom: gcc-sdm660: Add missing modem reset (git-fixes). - watchdog: initialize device before misc_register (git-fixes). - watchdog: f71808e_wdt: clear watchdog timeout occurred flag (git-fixes). - watchdog: f71808e_wdt: remove use of wrong watchdog_info option (git-fixes). - watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options (git-fixes). - drm/vmwgfx: Fix two list_for_each loop exit tests (git-fixes). - drm/vmwgfx: Use correct vmw_legacy_display_unit pointer (git-fixes). - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi (git-fixes). - kernel.h: remove duplicate include of asm/div64.h (git-fixes). - platform/chrome: cros_ec_ishtp: Fix a double-unlock issue (git-fixes). - remoteproc: qcom: q6v5: Update running state before requesting stop (git-fixes). - remoteproc: qcom_q6v5_mss: Validate modem blob firmware size before load (git-fixes). - remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load (git-fixes). - Input: sentelic - fix error return when fsp_reg_write fails (git-fixes). - drm/i915/gt: Unlock engine-pm after queuing the kernel context switch (git-fixes). - drm/i915/gt: Close race between engine_park and intel_gt_retire_requests (git-fixes). - drm/i915/gt: Move new timelines to the end of active_list (git-fixes). - commit 760f8de - irqchip/gic: Atomically update affinity (bsc#1175195). - commit 5ad8b58 - integrity: Check properly whether EFI GetVariable() is available (bsc#1174029, bsc#1174110, bsc#1174111). - Refresh patches.suse/0003-MODSIGN-load-blacklist-from-MOKx.patch. - commit 3c8f305 - x86/ima: Use EFI GetVariable only when available (bsc#1174029, bsc#1174110, bsc#1174111). - commit bc28a75 - efi: Use EFI ResetSystem only when available (bsc#1174029, bsc#1174110, bsc#1174111). - commit ff49d51 - scsi: iscsi: Use EFI GetVariable only when available (bsc#1174029, bsc#1174110, bsc#1174111). - commit 4afad03 ++++ patterns-microos: - clean-up of patterns, more consistent pattern naming ------------------------------------------------------------------ ------------------ 2020-8-12 - Aug 12 2020 ------------------- ------------------------------------------------------------------ ++++ container-selinux: - Minimize BuildRequires ++++ ignition: - Fixed "ignition presets not applied" (boo#1172510) - Refresh 0001-fix-install-permissions.patch to match pull request ++++ kernel-default: - fix patches metadata - fix Patch-mainline: patches.suse/btrfs-Remove-delalloc_end-argument-from-extent_clear.patch patches.suse/btrfs-Remove-leftover-of-in-band-dedupe.patch patches.suse/btrfs-fix-a-block-group-ref-counter-leak-after-failu.patch patches.suse/btrfs-fix-block-group-leak-when-removing-fails.patch patches.suse/btrfs-fix-bytes_may_use-underflow-when-running-balan.patch patches.suse/btrfs-fix-corrupt-log-due-to-concurrent-fsync-of-ino.patch patches.suse/btrfs-fix-data-block-group-relocation-failure-due-to.patch patches.suse/btrfs-fix-double-free-on-ulist-after-backref-resolut.patch patches.suse/btrfs-fix-fatal-extent_buffer-readahead-vs-releasepa.patch patches.suse/btrfs-fix-page-leaks-after-failure-to-lock-page-for-.patch patches.suse/btrfs-fix-race-between-block-group-removal-and-block.patch patches.suse/btrfs-fix-space_info-bytes_may_use-underflow-after-n.patch patches.suse/btrfs-fix-space_info-bytes_may_use-underflow-during-.patch patches.suse/btrfs-fix-wrong-file-range-cleanup-after-an-error-fi.patch - commit d629da8 - btrfs: fix page leaks after failure to lock page for delalloc (bsc#1175149). - commit 11c5046 - btrfs: fix double free on ulist after backref resolution failure (bsc#1175149). - commit e175c08 - btrfs: fix fatal extent_buffer readahead vs releasepage race (bsc#1175149). - commit 6894e62 - btrfs: fix bytes_may_use underflow when running balance and scrub in parallel (bsc#1175149). - commit 3c1d24d - btrfs: fix data block group relocation failure due to concurrent scrub (bsc#1175149). - commit e7dccf4 - btrfs: fix race between block group removal and block group creation (bsc#1175149). - commit 22ed64a - btrfs: fix a block group ref counter leak after failure to remove block group (bsc#1175149). - commit 5c3ef7d - btrfs: fix block group leak when removing fails (bsc#1175149). - commit 03037b8 - btrfs: fix space_info bytes_may_use underflow during space cache writeout (bsc#1175149). - commit 9586d9c - btrfs: fix space_info bytes_may_use underflow after nocow buffered write (bsc#1175149). - commit 457cc33 - btrfs: fix wrong file range cleanup after an error filling dealloc range (bsc#1175149). - commit e7b219b - arm64: csum: Fix handling of bad packets (bsc#1175192). - arm64: kgdb: Fix single-step exception handling oops (bsc#1175191). - KVM: arm64: Annotate hyp NMI-related functions as __always_inline (bsc#1175190). - arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints (bsc#1175189). - arm64: cacheflush: Fix KGDB trap detection (bsc#1175188). - arm64: kexec_file: print appropriate variable (bsc#1175187). - arm64: insn: Fix two bugs in encoding 32-bit logical immediates (bsc#1175186). - arm64: Fix PTRACE_SYSEMU semantics (bsc#1175185). - arm64: fix the flush_icache_range arguments in machine_kexec (bsc#1175184). - arm64: hugetlb: avoid potential NULL dereference (bsc#1175183). - arm64: vdso: Add -fasynchronous-unwind-tables to cflags (bsc#1175182). - arm64: vdso: don't free unallocated pages (bsc#1175181). - arm64: armv8_deprecated: Fix undef_hook mask for thumb setend (bsc#1175180). - commit 5e20125 - btrfs: Remove leftover of in-band dedupe (bsc#1175149). - refresh patches.suse/btrfs-move-basic-block_group-definitions-to-their-own-header.patch - commit f3a05f0 - btrfs: Remove delalloc_end argument from extent_clear_unlock_delalloc (bsc#1175149). - commit 24d05e3 - btrfs: fix corrupt log due to concurrent fsync of inodes with shared extents (bsc#1175149). - commit af1520b - blacklist: ignore Spreadtrum clk fix with wrong SHA - commit 418cf06 - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS (bsc#1175176). - fuse: fix weird page warning (bsc#1175175). - commit ec519b8 - ibmveth: Fix use of ibmveth in a bridge (bsc#1174387 ltc#187506). - commit 60cd53b - genirq/affinity: Remove const qualifier from node_to_cpumask argument (bsc#1174897 ltc#187090). - genirq/affinity: Spread vectors on node according to nr_cpu ratio (bsc#1174897 ltc#187090). - genirq/affinity: Improve __irq_build_affinity_masks() (bsc#1174897 ltc#187090). - commit 5d5f43f - bpfilter: reject kernel addresses (bsc#1155518). - net/bpfilter: split __bpfilter_process_sockopt (bsc#1155518). - bpfilter: fix up a sparse annotation (bsc#1155518). - bpfilter: Initialize pos variable (bsc#1155518). - net/bpfilter: Initialize pos in __bpfilter_process_sockopt (bsc#1155518). - bpfilter: switch to kernel_write (bsc#1155518). - commit 00f0f2f - rpm/modules.fips: * add ecdh_generic (boo#1173813) - commit 5b147f9 - media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities() (git-fixes). - staging: rtl8712: handle firmware load failure (git-fixes). - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() (git-fixes). - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt() (git-fixes). - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() (git-fixes). - usb: xhci: Fix ASMedia ASM1142 DMA addressing (git-fixes). - usb: xhci: define IDs for various ASMedia host controllers (git-fixes). - USB: serial: qcserial: add EM7305 QDL product ID (git-fixes). - mtd: properly check all write ioctls for permissions (git-fixes). - cfg80211: check vendor command doit pointer before use (git-fixes). - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent (git-fixes). - net: lan78xx: replace bogus endpoint lookup (git-fixes). - usb: hso: check for return value in hso_serial_common_create() (git-fixes). - i2c: slave: add sanity check when unregistering (git-fixes). - i2c: slave: improve sanity check when registering (git-fixes). - firmware: Fix a reference count leak (git-fixes). - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure (git-fixes). - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some reason (git-fixes). - AX.25: Prevent integer overflows in connect and sendmsg (git-fixes). - AX.25: Prevent out-of-bounds read in ax25_sendmsg() (git-fixes). - AX.25: Fix out-of-bounds read in ax25_connect() (git-fixes). - commit 01f7466 - infiniband: hfi1: Use EFI GetVariable only when available (bsc#1174029, bsc#1174110, bsc#1174111). - commit 5f092e5 - vgacon: Fix for missing check in scrollback handling (bsc#1174205 CVE-2020-14331). Update upstream status. - commit e6ac692 ++++ microos-tools: - Update to version 2.3 - SELinux support [jsc#SMO-15] - overwrite tmp.mount options with SELinux label for /tmp - Add generator to label mount points if required - Add dracut module to relabel core system if required - Add locale-check to reset locale to system default if the one set by SSH does not exist [bsc#1156175] - Set TMPDIR for salt to not use /tmp (preparation for noexec) ++++ podman: - Change hard requires for AppArmor to Recommends. They are not needed for runtime or with SELinux but already installed if AppArmor is used [jsc#SMO-15] ++++ salt: - Require /usr/bin/python instead of /bin/python for RHEL-family (bsc#1173936) - Don't install SuSEfirewall2 service files in Factory - Fix __mount_device wrapper to accept separate args and kwargs - Fix the registration of libvirt pool and nodedev events - Accept nested namespaces in spacewalk.api runner function. (bsc#1172211) - info_installed works without status attr now (bsc#1171461) - Added: * info_installed-works-without-status-attr-now.patch * fix-__mount_device-wrapper-253.patch * opensuse-3000-libvirt-engine-fixes-248.patch * opensuse-3000-spacewalk-runner-parse-command-247.patch ++++ transactional-update: - Version 2.24.1 - SELinux: adjust labels for etc, fstab and grub.cfg ------------------------------------------------------------------ ------------------ 2020-8-11 - Aug 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - soc/tegra: pmc: Enable PMIC wake event on Tegra210 (bsc#1175116). - commit af9a16c - powerpc/pseries/hotplug-cpu: Remove double free in error path (bsc#1065729). - powerpc/boot: Fix CONFIG_PPC_MPC52XX references (bsc#1065729). - powerpc: Allow 4224 bytes of stack expansion for the signal frame (bsc#1065729). - powerpc/book3s64/pkeys: Use PVR check instead of cpu feature (bsc#1065729). - powerpc/vdso: Fix vdso cpu truncation (bsc#1065729). - powerpc/rtas: don't online CPUs for partition suspend (bsc#1065729). - powerpc/pseries: remove cede offline state for CPUs (bsc#1065729). - ibmvnic: Fix IRQ mapping disposal in error path (bsc#1175112 ltc#187459). - powerpc/64s: Fix early_init_mmu section mismatch (bsc#1065729). - commit 59a966b - efi: Register EFI rtc platform device only when available (bsc#1174029, bsc#1174110, bsc#1174111). - commit 7ac188a - efi: Use more granular check for availability for variable services (bsc#1174029, bsc#1174110, bsc#1174111). - commit 90067a7 - blacklist.conf: add sparse warning fixes - commit 301555e - PCI: rcar: Fix runtime PM imbalance on error (git-fixes). - PCI: cadence: Fix updating Vendor ID and Subsystem Vendor ID register (git-fixes). - commit 272b523 - arm64: dts: qcom: msm8998-clamshell: Fix label on l15 regulator (git-fixes). - commit 8896400 - efi: Add support for EFI_RT_PROPERTIES table (bsc#1174029, bsc#1174110, bsc#1174111). - commit 4e5fc8c - efi: Store mask of supported runtime services in struct efi (bsc#1174029, bsc#1174110, bsc#1174111). - Refresh patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch. - commit 738249f ++++ mozilla-nss: - Fix for Firefox failing in fips mode (bsc#1174697) Updated and rebased patch nss-fips-constructor-self-tests.patch Rebased patches: add-relro-linker-option.patch malloc.patch nss-fips-constructor-self-tests.patch nss-fips-fix-missing-nspr.patch nss-fix-dh-pkcs-derive-inverted-logic.patch nss-opt.patch ++++ patterns-microos: - fixed wrong package names, removed unneeded patterns ++++ selinux-policy: - macros.selinux-policy: move rpm-state directory to /run and make sure it exists ------------------------------------------------------------------ ------------------ 2020-8-10 - Aug 10 2020 ------------------- ------------------------------------------------------------------ ++++ container-selinux: - Update to version 2.143.0 - support containerd/cri ++++ filesystem: - Fix building on SLE-15 SP1 - Remove /etc/init.d [jsc#SMO-14], /etc/cron.*, /selinux, /etc/xdg ++++ kernel-default: - blacklist.conf: Add inapplicable drm/i915 commit for git-fixes - commit 89499be - drm/i915: Drop no-semaphore boosting (bsc#1174737). - Refresh patches.suse/drm-i915-Reorder-await_execution-before-await_reques.patch. - commit abd8209 - drm/i915: Prevent using semaphores to chain up to external fences (bsc#1174737). - Refresh patches.suse/drm-i915-Reorder-await_execution-before-await_reques.patch. - commit 8cf5766 - drm/i915: Peel dma-fence-chains for await (bsc#1174737). - Refresh patches.suse/drm-i915-Reorder-await_execution-before-await_reques.patch. - commit 1951d28 - drm/i915: Pull waiting on an external dma-fence into its routine (bsc#1174737). - Refresh patches.suse/drm-i915-Reorder-await_execution-before-await_reques.patch. - commit b2bfc63 - drm/i915: Ignore submit-fences on the same timeline (bsc#1174737). - commit fae2bcb - drm/i915: Rely on direct submission to the queue (bsc#1174737). - Refresh patches.suse/drm-i915-Remove-wait-priority-boosting.patch. - commit a8208d8 - drm/i915: Remove wait priority boosting (bsc#1174737). - commit 0fea26e - pinctrl: ingenic: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes). - pinctrl: single: fix function name in documentation (git-fixes). - pinctrl-single: fix pcs_parse_pinconf() return value (git-fixes). - mtd: rawnand: qcom: avoid write to unavailable register (git-fixes). - mtd: rawnand: fsl_upm: Remove unused mtd var (git-fixes). - power: supply: check if calc_soc succeeded in pm860x_init_battery (git-fixes). - PCI: tegra: Revert tegra124 raw_violation_fixup (git-fixes). - PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes). - PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes). - PCI: qcom: Add missing reset for ipq806x (git-fixes). - PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes). - PCI: switchtec: Add missing __iomem tag to fix sparse warnings (git-fixes). - PCI: switchtec: Add missing __iomem and __user tags to fix sparse warnings (git-fixes). - PCI: Release IVRS table in AMD ACS quirk (git-fixes). - PCI: Fix pci_cfg_wait queue locking problem (git-fixes). - PCI/ASPM: Add missing newline in sysfs 'policy' (git-fixes). - clk: bcm63xx-gate: fix last clock availability (git-fixes). - go7007: add sanity checking for endpoints (git-fixes). - media: exynos4-is: Add missed check for pinctrl_lookup_state() (git-fixes). - media: nuvoton-cir: remove setting tx carrier functions (git-fixes). - media: vsp1: dl: Fix NULL pointer dereference on unbind (git-fixes). - media: firewire: Using uninitialized values in node_probe() (git-fixes). - media: media-request: Fix crash if memory allocation fails (git-fixes). - media: marvell-ccic: Add missed v4l2_async_notifier_cleanup() (git-fixes). - media: cxusb-analog: fix V4L2 dependency (git-fixes). - iio: improve IIO_CONCENTRATION channel type description (git-fixes). - staging: vchiq_arm: Add a matching unregister call (git-fixes). - integrity: remove redundant initialization of variable ret (git-fixes). - omapfb: dss: Fix max fclk divider for omap36xx (git-fixes). - media: sur40: Remove uninitialized_var() usage (git-fixes). - clk: spear: Remove uninitialized_var() usage (git-fixes). - clk: st: Remove uninitialized_var() usage (git-fixes). - ide: Remove uninitialized_var() usage (git-fixes). - rtlwifi: rtl8192cu: Remove uninitialized_var() usage (git-fixes). - drbd: Remove uninitialized_var() usage (git-fixes). - random32: move the pseudo-random 32-bit definitions to prandom.h (git-fixes). - PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context() (git-fixes). - random32: remove net_rand_state from the latent entropy gcc plugin (git-fixes). - commit 5480d4c - powerpc/papr_scm: Add support for fetching nvdimm 'fuel-gauge' metric (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - powerpc/papr_scm: Fetch nvdimm performance stats from PHYP (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - powerpc/papr_scm: Implement support for PAPR_PDSM_HEALTH (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - ndctl/papr_scm,uapi: Add support for PAPR nvdimm specific methods (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - powerpc/papr_scm: Improve error logging and handling papr_scm_ndctl() (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - powerpc/papr_scm: Fetch nvdimm health information from PHYP (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - seq_buf: Export seq_buf_printf (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - powerpc: Document details on H_SCM_HEALTH hcall (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - powerpc/papr_scm: Mark papr_scm_ndctl() as static (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769). - commit 83564d9 - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109 (bsc#1174625). - commit 2c2144c - ocfs2: fix remounting needed after setfacl command (bsc#1173954). - commit 5e09cdc ++++ patterns-microos: - initial version ------------------------------------------------------------------ ------------------ 2020-8-9 - Aug 9 2020 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.6.0: * news: add notes for 2.6.0 * travis: test container build * README: always run latest release of ignition-validate container * release-checklist: update Quay release tag * build_releases: specialize for container build * Revert "build_releases: drop script" * ci: use faster compression for buildextend-live * cloudstack|openstack: propagate ErrNeedNet * internal/config: allow Ignition generated key-files for all devices * dracut/30ignition: Add packages to delete users/groups * tests/positive: Add test for deleting users * tests/stubs: Add blackbox testing stub for userdel and groupdel * config: add ShouldExist to schema * passwd: allow removing the existing users/groups * Revert "ci: skip rootfs.uuid test while ratcheting ignition-dracut merge" * ci: drop cosa compress call - Add 0001-fix-install-permissions.patch: Fix permissions of installed files - Add 0003-fix-i386-build.patch: Fix build on 32 Bit x86 machines ++++ kernel-default: - series.conf: refresh - update upstream references and resort: patches.suse/powerpc-fadump-fix-race-between-pstore-write-and-fad.patch patches.suse/powerpc-pseries-PCIE-PHB-reset.patch patches.suse/powerpc-xmon-Reset-RCU-and-soft-lockup-watchdogs.patch - commit fe82dc0 - fix patch metadata - fix confusing References tags: patches.suse/arm64-dts-allwinner-a64-Remove-unused-SPDIF-sound-ca.patch patches.suse/arm64-dts-imx8mm-evk-correct-ldo1-ldo2-voltage-range.patch patches.suse/arm64-dts-librem5-devkit-add-a-vbus-supply-to-usb0.patch patches.suse/arm64-dts-ls1028a-delete-extraneous-interrupt-cells-.patch patches.suse/arm64-dts-rockchip-Rename-dwc3-device-nodes-on-rk339.patch patches.suse/arm64-dts-rockchip-Replace-RK805-PMIC-node-name-with.patch patches.suse/arm64-dts-rockchip-fix-rk3399-puma-gmac-reset-gpio.patch patches.suse/arm64-dts-rockchip-fix-rk3399-puma-vcc5v0-host-gpio.patch patches.suse/arm64-dts-uniphier-Set-SCSSI-clock-and-reset-IDs-for.patch patches.suse/arm64-tegra-Enable-I2C-controller-for-EEPROM.patch patches.suse/arm64-tegra-Fix-Tegra194-PCIe-compatible-string.patch patches.suse/arm64-tegra-Fix-ethernet-phy-mode-for-Jetson-Xavier.patch patches.suse/arm64-tegra-Fix-flag-for-64-bit-resources-in-ranges-.patch - commit 176f025 ------------------------------------------------------------------ ------------------ 2020-8-7 - Aug 7 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: arm64: Select TASK_DELAY_ACCT+TASKSTATS rather than SCHEDSTATS (bsc#1172197 jsc#SLE-13593). - arm64: Retrieve stolen time as paravirtualized guest (bsc#1172197 jsc#SLE-13593). - KVM: arm64: Provide VCPU attributes for stolen time (bsc#1172197 jsc#SLE-13593). - KVM: Allow kvm_device_ops to be const (bsc#1172197 jsc#SLE-13593). - KVM: arm64: Support stolen time reporting via shared structure (bsc#1172197 jsc#SLE-13593). - KVM: Implement kvm_put_guest() (bsc#1172197 jsc#SLE-13593). - KVM: arm64: Implement PV_TIME_FEATURES call (bsc#1172197 jsc#SLE-13593). Refresh: patches.suse/arm-arm64-provide-a-wrapper-for-smccc-1-1-calls.patch patches.suse/firmware-smccc-add-the-definition-for-smcccv1-2-version-error-codes.patch - KVM: arm/arm64: Factor out hypercall handling from PSCI code (bsc#1172197 jsc#SLE-13593). - KVM: arm64: Document PV-time interface (bsc#1172197 jsc#SLE-13593). - commit f17479f - arm64: dts: rockchip: fix rk3399-puma gmac reset gpio (none bsc#1175021). - arm64: dts: rockchip: fix rk3399-puma vcc5v0-host gpio (none bsc#1175020). - arm64: dts: imx8mm-evk: correct ldo1/ldo2 voltage range (none bsc#1175019). - arm64: tegra: Fix flag for 64-bit resources in 'ranges' property (none bsc#1175018). - arm64: tegra: Fix ethernet phy-mode for Jetson Xavier (none bsc#1175017). - arm64: dts: allwinner: a64: Remove unused SPDIF sound card (none bsc#1175016). - arm64: dts: rockchip: Rename dwc3 device nodes on rk3399 to make dtc happy (none bsc#1175015). - arm64: dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards (none bsc#1175014). - arm64: dts: librem5-devkit: add a vbus supply to usb0 (none bsc#1175013). - arm64: dts: ls1028a: delete extraneous #interrupt-cells for ENETC RCIE (none bsc#1175012). - arm64: dts: uniphier: Set SCSSI clock and reset IDs for each channel (none bsc#1175011). - arm64: tegra: Enable I2C controller for EEPROM (none bsc#1175010). - arm64: tegra: Fix Tegra194 PCIe compatible string (none bsc#1175009). - commit a5198b8 - blacklist.conf: ignore rk3368 dts fixes - commit ee22702 - blacklist.conf: add unsupported Arm devicetree folder - commit b7cfb90 - series.conf: refresh - update upstream reference and resort: patches.suse/brcmfmac-set-timeout-value-when-configuring-power-save.patch - commit 3eb2862 - series.conf: refresh - update upstream references and resort: patches.suse/brcmfmac-Transform-compatible-string-for-FW-loading.patch patches.suse/scsi-lpfc-Add-an-internal-trace-log-buffer.patch patches.suse/scsi-lpfc-Add-blk_io_poll-support-for-latency-improv.patch patches.suse/scsi-lpfc-Add-support-to-display-if-adapter-dumps-ar.patch patches.suse/scsi-lpfc-Allow-applications-to-issue-Common-Set-Fea.patch patches.suse/scsi-lpfc-Fix-NVMe-rport-deregister-and-registration.patch patches.suse/scsi-lpfc-Fix-inconsistent-indenting.patch patches.suse/scsi-lpfc-Fix-interrupt-assignments-when-multiple-ve.patch patches.suse/scsi-lpfc-Fix-kdump-hang-on-PPC.patch patches.suse/scsi-lpfc-Fix-language-in-0373-message-to-reflect-no.patch patches.suse/scsi-lpfc-Fix-less-than-zero-comparison-of-unsigned-.patch patches.suse/scsi-lpfc-Fix-missing-MDS-functionality.patch patches.suse/scsi-lpfc-Fix-oops-due-to-overrun-when-reading-SLI3-.patch patches.suse/scsi-lpfc-Fix-shost-refcount-mismatch-when-deleting-.patch patches.suse/scsi-lpfc-Fix-stack-trace-seen-while-setting-rrq-act.patch patches.suse/scsi-lpfc-Fix-unused-assignment-in-lpfc_sli4_bsg_lin.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.2.patch - commit adcc571 - thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() (git-fixes). - Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode (git-fixes). - staging: rtl8192u: fix a dubious looking mask before a shift (git-fixes). - spi: lantiq-ssc: Fix warning by using WQ_MEM_RECLAIM (git-fixes). - spi: davinci: Remove uninitialized_var() usage (git-fixes). - commit e403b7a - fix patch metadata - fix Patch-mainline: patches.suse/btrfs-make-btrfs_ordered_extent-naming-consistent-wi.patch - commit 3f5df49 - ALSA: echoaudio: Race conditions around "opencount" (git-fixes). - commit 9c2eff2 - ALSA: pci: delete repeated words in comments (git-fixes). - ALSA: isa: delete repeated words in comments (git-fixes). - ALSA: seq: oss: Serialize ioctls (git-fixes). - ALSA: hda/hdmi: Add quirk to force connectivity (git-fixes). - ALSA: usb-audio: add startech usb audio dock name (git-fixes). - ALSA: usb-audio: Add support for Lenovo ThinkStation P620 (git-fixes). - ASoC: hdac_hda: fix deadlock after PCM open error (git-fixes). - ALSA: hda: fix snd_hda_codec_cleanup() documentation (git-fixes). - ASoC: Intel: bxt_rt298: add missing .owner field (git-fixes). - ASoC: SOF: nocodec: add missing .owner field (git-fixes). - ASoC: fsl_sai: Fix value of FSL_SAI_CR1_RFW_MASK (git-fixes). - ASoC: meson: axg-tdmin: fix g12a skew (git-fixes). - ASoC: meson: axg-tdm-interface: fix link fmt setup (git-fixes). - ASoC: meson: fixes the missed kfree() for axg_card_add_tdm_loopback (git-fixes). - Revert "ALSA: hda: call runtime_allow() for all hda controllers" (git-fixes). - ALSA: hda/ca0132 - Fix AE-5 microphone selection commands (git-fixes). - ALSA: hda/ca0132 - Add new quirk ID for Recon3D (git-fixes). - ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value (git-fixes). - ALSA: usb-audio: endpoint : remove needless check before usb_free_coherent() (git-fixes). - ALSA: asihpi: delete duplicated word (git-fixes). - ALSA: line6: Use kmemdup in podhd_set_monitor_level() (git-fixes). - ALSA: hda: Add support for Loongson 7A1000 controller (git-fixes). - ALSA: hda/tegra: Disable sync-write operation (git-fixes). - ALSA: echoaudio: re-enable IRQs on failure path (git-fixes). - ALSA: line6: add hw monitor volume control for POD HD500 (git-fixes). - ALSA: xen: Remove superfluous fall through comments (git-fixes). - ALSA: atmel: Remove invalid "fall through" comments (git-fixes). - ALSA: echoaudio: Address bugs in the interrupt handling (git-fixes). - ALSA: echoaudio: Prevent some noise on unloading the module (git-fixes). - ALSA: echoaudio: Prevent races in calls to set_audio_format() (git-fixes). - ALSA: echoaudio: Remove redundant check (git-fixes). - ALSA: usb/line6: remove 'defined but not used' warning (git-fixes). - ALSA: pci/au88x0: remove "defined but not used" warnings (git-fixes). - ALSA: vx_core: remove warning for empty loop body (git-fixes). - ALSA: pcmcia/pdaudiocf: fix kernel-doc (git-fixes). - ALSA: pci/via82xx: remove 'set but not used' warnings (git-fixes). - ALSA: pci/fm801: fix kernel-doc (git-fixes). - ALSA: pci/es1938: remove 'set but not used' warning (git-fixes). - ALSA: xen: remove 'set but not used' warning (git-fixes). - ALSA: pci/oxygen/xonar_wm87x6: remove always true condition (git-fixes). - ALSA: pci/rme9652/hdspm: remove always true condition (git-fixes). - ALSA: pci/korg1212: remove 'set but not used' warnings (git-fixes). - ALSA: pci/emu10k1: remove 'set but not used' warning (git-fixes). - ALSA: firewire: fix kernel-doc (git-fixes). - ALSA: pci/ctxfi: fix kernel-doc warnings (git-fixes). - ALSA: pci/ctxfi/ctatc: fix kernel-doc (git-fixes). - ALSA: pci/aw2-saa7146: remove 'set but not used' warning (git-fixes). - ALSA: pci/echoaudio: remove 'set but not used' warning (git-fixes). - ALSA: pci/asihpi: remove 'set but not used' warning (git-fixes). - ALSA: pci/asihpi: fix kernel-doc (git-fixes). - ALSA: pci/asihpi: remove 'set but not used' warnings (git-fixes). - ALSA: isa/gus: remove 'set but not used' warning (git-fixes). - ALSA: isa/gus: remove -Wmissing-prototypes warnings (git-fixes). - ALSA: core: pcm_iec958: fix kernel-doc (git-fixes). - ALSA: usb-audio: Fix some typos (git-fixes). - ALSA: hda: Enable sync-write operation as default for all controllers (git-fixes). - ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops (git-fixes). - commit 49b9124 - fix patch metadata - fix Patch-mainline: patches.suse/rhashtable-Document-the-right-function-parameters.patch patches.suse/rhashtable-Fix-unprotected-RCU-dereference-in-__rht_.patch - commit 1af1b05 ------------------------------------------------------------------ ------------------ 2020-8-6 - Aug 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Re-sort another cherry-picked i915 patch in the upstream Refresh patches.suse/drm-i915-Actually-emit-the-await_start.patch - commit 46112ad - Resort the i915 cherry-picked patch Refresh patches.suse/drm-i915-Protect-i915_request_await_start-from-early.patch patches.suse/drm-i915-Return-early-for-await_start-on-same-timeli.patch - commit 20cca9b - drm/i915: Return early for await_start on same timeline (bsc#1174737). - Refresh patches.suse/drm-i915-Protect-i915_request_await_start-from-early.patch. - commit 06dbabf - drm/i915: Improve the start alignment of bonded pairs (bsc#1174737). - Refresh patches.suse/drm-i915-Reorder-await_execution-before-await_reques.patch. - commit 44313fe - drm/i915: Mark up unlocked update of i915_request.hwsp_seqno (bsc#1174737). - commit 50bee7f - drm/i915: Mark racy read of intel_engine_cs.saturated (bsc#1174737). - commit e5038ad - drm/i915: Do not poison i915_request.link on removal (bsc#1174737). - commit 808ecc5 - drm/i915: Actually emit the await_start (bsc#1174737). - commit f0424b5 - drm/i915: Protect i915_request_await_start from early waits (bsc#1174737). - commit 03accf1 - drm/i915: Flush execution tasklets before checking request status (bsc#1174737). - drm/i915: Flush tasklet submission before sleeping on i915_request_wait (bsc#1174737). - commit 140a397 - drm/i915/gt: Flush submission tasklet before waiting/retiring (bsc#1174737). - commit b17d2a1 - drm/i915: Keep track of request among the scheduling lists (bsc#1174737). - commit 4388a9e - drm/i915: Eliminate the trylock for awaiting an earlier request (bsc#1174737). - Refresh patches.suse/0002-drm-i915-gt-Do-not-schedule-normal-requests-immediat.patch. - commit 590b628 - xen/pvcalls-back: test for errors when calling backend_connect() (bsc#1065600). - commit cbfa27b - drm/i915: Use EAGAIN for trylock failures (bsc#1174737). - commit d8a7f90 - kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777) Exported symbols under drivers/nvme/host/ are only used by the nvme subsystem itself, except for the nvme-fc symbols. - commit 16ddcd8 - nvme-multipath: round-robin: eliminate "fallback" variable (bsc#1172108). - commit 4cdac03 - nvme: multipath: round-robin: fix single non-optimized path case (bsc#1172108). - commit 3d56aa0 - ionic: unlock queue mutex in error path (bsc#1167773). - devlink: ignore -EOPNOTSUPP errors on dumpit (bsc#1154353). - net/mlx5e: Fix kernel crash when setting vf VLANID on a VF dev (jsc#SLE-8464). - net/mlx5: E-switch, Destroy TSAR when fail to enable the mode (jsc#SLE-8464). - RDMA/mlx5: Fix prefetch memory leak if get_prefetchable_mr fails (jsc#SLE-8446). - commit 23bdd26 - libbpf: Wrap source argument of BPF_CORE_READ macro in parentheses (bsc#1155518). - bpf: Fix map leak in HASH_OF_MAPS map (bsc#1155518). - net, sk_msg: Don't use RCU_INIT_POINTER on sk_user_data (bsc#1155518). - commit a6677ae - wireless: Use linux/stddef.h instead of stddef.h (git-fixes). - commit ec3012b - wl1251: fix always return 0 error (git-fixes). - video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call (git-fixes). - video: fbdev: sm712fb: fix an issue about iounmap for a wrong address (git-fixes). - USB: serial: iuu_phoenix: fix led-activity helpers (git-fixes). - USB: serial: cp210x: re-enable auto-RTS on open (git-fixes). - USB: serial: cp210x: enable usb generic throttle/unthrottle (git-fixes). - USB: iowarrior: fix up report size handling for some devices (git-fixes). - usb: gadget: f_uac2: fix AC Interface Header Descriptor wTotalLength (git-fixes). - usb: core: fix quirks_param_set() writing to a const pointer (git-fixes). - usb: dwc2: gadget: Make use of GINTMSK2 (git-fixes). - usbip: tools: fix module name in man page (git-fixes). - usb: hso: Fix debug compile warning on sparc32 (git-fixes). - wireless: Use offsetof instead of custom macro (git-fixes). - commit 0511c57 - rtw88: fix short GI capability based on current bandwidth (git-fixes). - rtw88: fix LDPC field for RA info (git-fixes). - mac80211: fix misplaced while instead of if (git-fixes). - liquidio: Fix wrong return value in cn23xx_get_pf_num() (git-fixes). - mwifiex: Fix firmware filename for sd8997 chipset (git-fixes). - mwifiex: Fix firmware filename for sd8977 chipset (git-fixes). - mwifiex: Prevent memory corruption handling keys (git-fixes). - leds: gpio: Fix semantic error (git-fixes). - leds: core: Flush scheduled work for system suspend (git-fixes). - leds: wm831x-status: fix use-after-free on unbind (git-fixes). - leds: lm36274: fix use-after-free on unbind (git-fixes). - leds: lm3533: fix use-after-free on unbind (git-fixes). - leds: da903x: fix use-after-free on unbind (git-fixes). - phy: armada-38x: fix NETA lockup when repeatedly switching speeds (git-fixes). - phy: renesas: rcar-gen3-usb2: move irq registration to init (git-fixes). - phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY (git-fixes). - net: lan78xx: fix transfer-buffer memory leak (git-fixes). - net: lan78xx: add missing endpoint sanity check (git-fixes). - drivers/net/wan: lapb: Corrected the usage of skb_cow (git-fixes). - nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame (git-fixes). - commit ffa42ff - drm/etnaviv: Fix error path on failure to enable bus clk (git-fixes). - drm/imx: imx-ldb: Disable both channels for split mode in enc->disable() (git-fixes). - drm/imx: tve: fix regulator_disable error path (git-fixes). - drm/imx: fix use after free (git-fixes). - drm/bridge: sil_sii8620: initialize return of sii8620_readb (git-fixes). - drm: panel: simple: Fix bpc for LG LB070WV8 panel (git-fixes). - drm/stm: repair runtime power management (git-fixes). - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline (git-fixes). - drm/radeon: fix array out-of-bounds read and write issues (git-fixes). - drm/panel: otm8009a: Drop unnessary backlight_device_unregister() (git-fixes). - drm/arm: fix unintentional integer overflow on left shift (git-fixes). - drm/bridge: ti-sn65dsi86: Don't use kernel-doc comment for local array (git-fixes). - drm/bridge: ti-sn65dsi86: Clear old error bits before AUX transfers (git-fixes). - drm/gem: Fix a leak in drm_gem_objects_lookup() (git-fixes). - leds: 88pm860x: fix use-after-free on unbind (git-fixes). - leds: lm355x: avoid enum conversion warning (git-fixes). - gpio: max77620: Fix missing release of interrupt (git-fixes). - kobject: Avoid premature parent object freeing in kobject_cleanup() (git-fixes). - commit 004490b - appletalk: Fix atalk_proc_init() return path (git-fixes). - Bluetooth: hci_serdev: Only unregister device if it was registered (git-fixes). - Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags (git-fixes). - Bluetooth: Fix update of connection state in `hci_encrypt_cfm` (git-fixes). - Bluetooth: btmtksdio: fix up firmware download sequence (git-fixes). - Bluetooth: btusb: fix up firmware download sequence (git-fixes). - btmrvl: Fix firmware filename for sd8997 chipset (git-fixes). - btmrvl: Fix firmware filename for sd8977 chipset (git-fixes). - ath10k: Acquire tx_lock in tx error paths (git-fixes). - agp/intel: Fix a memory leak on module initialisation failure (git-fixes). - console: newport_con: fix an issue about leak related system resources (git-fixes). - driver core: Avoid binding drivers to dead devices (git-fixes). - devres: keep both device name and resource name in pretty name (git-fixes). - b43: Remove uninitialized_var() usage (git-fixes). - Bluetooth: fix kernel oops in store_pending_adv_report (git-fixes). - drm: hold gem reference until object is no longer accessed (git-fixes). - dlm: remove BUG() before panic() (git-fixes). - ath10k: enable transmit data ack RSSI for QCA9884 (git-fixes). - commit 964f75f ++++ zlib: - Permit a deflateParams() parameter change as soon as possible(bsc#1174736) * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch Fix DFLTCC not flushing EOBS when creating raw streams(bsc#1174551) * bsc1174551-fxi-imcomplete-raw-streams.patch ++++ transactional-update: - Version 2.24 - Add partial SELinux support ------------------------------------------------------------------ ------------------ 2020-8-5 - Aug 5 2020 ------------------- ------------------------------------------------------------------ ++++ container-selinux: - Initial version ++++ kernel-default: - firmware: smccc: Add ARCH_SOC_ID support (bsc#1174906). - Update arm64 config - firmware: smccc: Add function to fetch SMCCC version (bsc#1174906). - firmware: smccc: Refactor SMCCC specific bits into separate file (bsc#1174906). - firmware: smccc: Drop smccc_version enum and use ARM_SMCCC_VERSION_1_x instead (bsc#1174906). - firmware: smccc: Add the definition for SMCCCv1.2 version/error codes (bsc#1174906). - firmware: smccc: Update link to latest SMCCC specification (bsc#1174906). - firmware: smccc: Add HAVE_ARM_SMCCC_DISCOVERY to identify SMCCC v1.1 and above (bsc#1174906). - Update arm64 config - arm/arm64: Make use of the SMCCC 1.1 wrapper (bsc#1174906). - arm/arm64: Provide a wrapper for SMCCC 1.1 calls (bsc#1174906). - firmware: arm_sdei: use common SMCCC_CONDUIT_* (bsc#1174906). - firmware/psci: use common SMCCC_CONDUIT_* (bsc#1174906). - arm: spectre-v2: use arm_smccc_1_1_get_conduit() (bsc#1174906). - arm64: errata: use arm_smccc_1_1_get_conduit() (bsc#1174906). - arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit() (bsc#1174906). - commit 91485ab - blacklist.conf: ignore documentation fixes - commit da3606d - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (bsc#1120163). - commit a0c01d8 - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (bsc#1120163). - commit 110b26f - btrfs: qgroup: allow to unreserve range without releasing other ranges (bsc#1120163). - commit 292ee83 - btrfs: qgroup: fix data leak caused by race between writeback and truncate (bsc#1172247). - commit e7691a1 - btrfs: change timing for qgroup reserved space for ordered extents to fix reserved space leak (bsc#1172247). - commit 5f13741 - btrfs: file: reserve qgroup space after the hole punch range is locked (bsc#1172247). - commit c1e305c - btrfs: inode: move qgroup reserved space release to the callers of insert_reserved_file_extent() (bsc#1172247). - commit c77d18c - btrfs: inode: refactor the parameters of insert_reserved_file_extent() (bsc#1172247). - commit 999728e - btrfs: make btrfs_ordered_extent naming consistent with btrfs_file_extent_item (bsc#1172247). - commit 3a23bcd - bpf: net: Avoid incorrect bpf_sk_reuseport_detach call (bsc#1155518). - bpf: net: Avoid copying sk_user_data of reuseport_array during sk_clone (bsc#1155518). - net, sk_msg: Clear sk_user_data pointer on clone if tagged (bsc#1155518). - commit 9a81f17 - rhashtable: Restore RCU marking on rhash_lock_head (bsc#1174880). - rhashtable: Fix unprotected RCU dereference in __rht_ptr (bsc#1174880). - rhashtable: drop duplicated word in (bsc#1174880). - rhashtable: Drop raw RCU deref in nested_table_free (bsc#1174880). - rhashtable: Document the right function parameters (bsc#1174880). - commit c0ec5b4 ++++ gcc10: - Update to gcc-10 branch head (dda1e9d08434def88ed86557d0), git501. * Includes fix for AARCH64 kernel build failure. [bsc#1174817] * Includes aarch64 SLS mitigation changes. [bsc#1172798, CVE-2020-13844] - Add gcc10-streamer-backports1.patch and gcc10-streamer-backports2.patch. - Enable x86 CET runtime for SLES15 and Leap15 also. - Do not enable the now deprecated HSA offloading capability. ++++ selinux-policy: - Cleanup spec file and follow more closely Fedora - Label /sys/kernel/uevent_helper with tmpfiles.d/selinux-policy.conf - Move config to /etc/selinux/config and create during %post install to be compatible with upstream and documentation. - Add RPM macros for SELinux (macros.selinux-policy) - Install booleans.subs_dist - Remove unused macros - Sync make/install macros with Fedora spec file - Introduce sandbox sub-package ------------------------------------------------------------------ ------------------ 2020-8-4 - Aug 4 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts (bsc#1133021). - KVM: arm64: Stop writing aarch32's CSSELR into ACTLR (bsc#1133021). - KVM: arm64: Fix 32bit PC wrap-around (bsc#1133021). - KVM: arm: vgic: Fix limit condition when writing to GICD_IACTIVER (bsc#1133021). - KVM: arm64: Use the correct timer structure to access the physical counter (bsc#1133021). - KVM: arm/arm64: Correct AArch32 SPSR on exception entry (bsc#1133021). - KVM: arm/arm64: Correct CPSR on exception entry (bsc#1133021). - KVM: arm64: Correct PSTATE on exception entry (bsc#1133021). - KVM: Play nice with read-only memslots when querying host page size (bsc#1133021). - commit 854e6da - drm/i915: Reorder await_execution before await_request (bsc#1174737). - commit 75817a8 - drm/i915: Copy across scheduler behaviour flags across submit fences (bsc#1174737). - commit 718e478 - drm/i915: Lock signaler timeline while navigating (bsc#1174737). - commit d0600f4 - drm/i915: Mark i915_request.timeline as a volatile, rcu pointer (bsc#1174737). - Refresh patches.suse/drm-i915-Hold-reference-to-intel_frontbuffer-as-we-t.patch. - Refresh patches.suse/drm-i915-Protect-context-while-grabbing-its-name-for.patch. - Refresh patches.suse/drm-i915-Reduce-nested-prepare_remote_context-to-a-t.patch. - commit fce086e - KVM: s390: Remove false WARN_ON_ONCE for the PQAP instruction (bsc#1133021). - commit f7e204d - clk: bcm2835: Do not use prediv with bcm2711's PLLs (bsc#1174865). - brcmfmac: Set timeout value when configuring power save (bsc#1173468). - commit 4d732a9 - IB/rdmavt: Fix RQ counting issues causing use of an invalid RWQE (bsc#1174770). - commit 4c02379 - spi: rockchip: Fix error in SPI slave pio read (git-fixes). - spi: sun4i: update max transfer size reported (git-fixes). - spi: lantiq: fix: Rx overflow error in full duplex mode (git-fixes). - spi: spi-geni-qcom: Actually use our FIFO (git-fixes). - regulator: gpio: Honor regulator-boot-on property (git-fixes). - clk: scmi: Fix min and max rate when registering clocks with discrete rates (git-fixes). - firmware: arm_scmi: Keep the discrete clock rates sorted (git-fixes). - firmware: arm_scmi: Fix SCMI genpd domain probing (git-fixes). - platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() (git-fixes). - platform/x86: intel-hid: Fix return value check in check_acpi_dev() (git-fixes). - crypto: qat - fix double free in qat_uclo_create_batch_init_list (git-fixes). - crypto: ccp - Fix use of merged scatterlists (git-fixes). - crypto: ccree - fix resource leak on error path (git-fixes). - crypto: hisilicon - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified (git-fixes). - crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified (git-fixes). - crypto: caam - Fix argument type in handle_imx6_err005766 (git-fixes). - crc-t10dif: Fix potential crypto notify dead-lock (git-fixes). - tpm: Require that all digests are present in TCG_PCR_EVENT2 structures (git-fixes). - commit 64bac7f ++++ libX11: - U_006-Fix-size-calculation-in-_XimAttributeToValue.patch: * Regression fix in previous XIM client head overflow fixes (CVE-2020-14344, bsc#1174628) ++++ open-lldp: - Update to version v1.0.1+63.f977e67 (bsc#1171284,bsc#1170745,bsc#1153520): * lldp/rx.c: Reset state machine variable in process_delete_info() * lldp: do not call 'assert' in rxProcessFrame() * ecp: allow for failure to create * lldp_mand: retrieve permanent mac address in get_mac() * lldp_util: use netlink to fetch mac address * lldp_util: drop get_macstr() * linux/if_link.h: Update and add bonding netlink definitions ++++ podman: - Add BuildRequires for pkg-config(libselinux) to build with SELinux support [jsc#SMO-15] ------------------------------------------------------------------ ------------------ 2020-8-3 - Aug 3 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kABI workaround for struct kvm_device (git-fixes). Just change an variable to "const" type in kvm_device. - commit 1c95856 - kABI workaround for enum cpuhp_state (git-fixes). - commit 889dc24 - kABI workaround for struct kvm_vcpu_arch (git-fixes). Add a struct variable to the end of kvm_vcpu_arch and kvm_vcpu_arch is embedded into kvm_vcpu at the end. It is usually used by pointer and allocated dynamically, so this change should be fine even for external kvm module. - commit c324264 - patches.suse/revert-zram-convert-remaining-class_attr-to-class_attr_ro: Update tags - commit 3b99445 - gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0 (bsc#1174825). - commit 796da2e - gfs2: Another gfs2_find_jhead fix (bsc#1174824). - commit eb92077 - blacklist.conf: mtd kernel-doc fixes - commit 12371a2 - Fix for missing check in vgacon scrollback handling (bsc#1174205 CVE-2020-14331). Update to the latest findings/submission. - commit 2b80031 - ubsan: check panic_on_warn (bsc#1174805). - commit 4b3b09b ++++ libcontainers-common: - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075) ++++ podman: - Update to v2.0.4 * Fixed a bug where the output of podman image search did not populate the Description field as it was mistakenly assigned to the ID field. * Fixed a bug where podman build - and podman build on an HTTP target would fail. * Fixed a bug where rootless Podman would improperly chown the copied-up contents of anonymous volumes (#7130). * Fixed a bug where Podman would sometimes HTML-escape special characters in its CLI output. * Fixed a bug where the podman start --attach --interactive command would print the container ID of the container attached to when exiting (#7068). * Fixed a bug where podman run --ipc=host --pid=host would only set --pid=host and not --ipc=host (#7100). * Fixed a bug where the --publish argument to podman run, podman create and podman pod create would not allow binding the same container port to more than one host port (#7062). * Fixed a bug where incorrect arguments to podman images --format could cause Podman to segfault. * Fixed a bug where podman rmi --force on an image ID with more than one name and at least one container using the image would not completely remove containers using the image (#7153). * Fixed a bug where memory usage in bytes and memory use percentage were swapped in the output of podman stats - -format=json. * Fixed a bug where the libpod and compat events endpoints would fail if no filters were specified (#7078). * Fixed a bug where the CgroupVersion field in responses from the compat Info endpoint was prefixed by "v" (instead of just being "1" or "2", as is documented). ++++ toolbox: - Update to version 1.0+git20200803.7ff20b6: * Connect to the host's SSH agent in user toolboxes. * Stay in current directory, even when entering a toolbox * Use the toolbox name as the actual toolbox's hostname ------------------------------------------------------------------ ------------------ 2020-8-2 - Aug 2 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - af_key: pfkey_dump needs parameter validation (git-fixes). - mac80211: mesh: Free pending skb when destroying a mpath (git-fixes). - mac80211: mesh: Free ie data when leaving mesh (git-fixes). - i2c: also convert placeholder function to return errno (git-fixes). - drm/amd/display: Clear dm_state for fast updates (git-fixes). - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() (git-fixes). - regmap: debugfs: check count when read regmap file (git-fixes). - PM: wakeup: Show statistics for deleted wakeup sources again (git-fixes). - commit f22517a - ALSA: hda/realtek - Fixed HP right speaker no sound (git-fixes). - ALSA: hda: fix NULL pointer dereference during suspend (git-fixes). - ALSA: hda/hdmi: Fix keep_power assignment for non-component devices (git-fixes). - ALSA: hda: Workaround for spurious wakeups on some Intel platforms (git-fixes). - ALSA: hda/realtek: Fix add a "ultra_low_power" function for intel reference board (alc256) (git-fixes). - ALSA: hda/realtek: typo_fix: enable headset mic of ASUS ROG Zephyrus G14(GA401) series with ALC289 (git-fixes). - ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G15(GA502) series with ALC289 (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for SSL2 (git-fixes). - commit 7cc8f61 ------------------------------------------------------------------ ------------------ 2020-7-31 - Jul 31 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mm: Fix protection usage propagation (bsc#1174002). - commit 446569c - Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers" (git-fixes). - ARM: percpu.h: fix build error (git-fixes). - random: fix circular include dependency on arm64 after addition of percpu.h (git-fixes). - commit a78809a - uio_pdrv_genirq: Remove warning when irq is not specified (bsc#1174762). - commit 31bf7b7 - random32: update the net random state on interrupt and activity (CVE-2020-16166 bsc#1174757). - commit 81d991d - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge (git-fixes). - commit f661820 ++++ podman: - Remove obsolete libpod.conf from Package sources ++++ transactional-update: - Version 2.23 - Add "run" command to be able to execute a single command in a new snapshot - Add "--drop-if-no-change" option to discard snapshots if no changes were perfomed (BETA, required for Salt integration) - Removed previous CaaSP Salt support (gh#openSUSE/transactional-update#33) - Avoid "file not found" message on systems without /var subvol ------------------------------------------------------------------ ------------------ 2020-7-30 - Jul 30 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work (git-fixes). - staging: wlan-ng: properly check endpoint types (git-fixes). - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X (git-fixes). - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins (git-fixes). - serial: 8250_mtk: Fix high-speed baud rates clamping (git-fixes). - serial: 8250: fix null-ptr-deref in serial8250_start_tx() (git-fixes). - serial: tegra: fix CREAD handling for PIO (git-fixes). - vt: Reject zero-sized screen buffer size (git-fixes). - usb: xhci: Fix ASM2142/ASM3142 DMA addressing (git-fixes). - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers (git-fixes). - usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init() (git-fixes). - usb: dwc3: pci: add support for the Intel Jasper Lake (git-fixes). - usb: dwc3: pci: add support for the Intel Tiger Lake PCH -H variant (git-fixes). - hwmon: (scmi) Fix potential buffer overflow in scmi_hwmon_probe() (git-fixes). - hwmon: (nct6775) Accept PECI Calibration as temperature source for NCT6798D (git-fixes). - hwmon: (adm1275) Make sure we are reading enough data for different chips (git-fixes). - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow (git-fixes). - spi: mediatek: use correct SPI_CFG2_REG MACRO (git-fixes). - regmap: dev_get_regmap_match(): fix string comparison (git-fixes). - HID: apple: Disable Fn-key key-re-mapping on clone keyboards (git-fixes). - HID: steam: fixes race in handling device list (git-fixes). - HID: alps: support devices with report id 2 (git-fixes). - HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override (git-fixes). - drm/amdgpu: fix preemption unit test (git-fixes). - drm/amdgpu/gfx10: fix race condition for kiq (git-fixes). - serial: mxs-auart: add missed iounmap() in probe failure and remove (git-fixes). - dmaengine: ioat setting ioat timeout as module parameter (git-fixes). - dmaengine: fsl-edma: fix wrong tcd endianness for big-endian cpu (git-fixes). - dmaengine: tegra210-adma: Fix runtime PM imbalance on error (git-fixes). - Input: elan_i2c - only increment wakeup count on touch (git-fixes). - Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen (git-fixes). - mac80211: allow rx of mesh eapol frames with default rx key (git-fixes). - pinctrl: amd: fix npins for uart0 in kerncz_groups (git-fixes). - gpio: arizona: put pm_runtime in case of failure (git-fixes). - gpio: arizona: handle pm_runtime_get_sync failure case (git-fixes). - drivers/firmware/psci: Fix memory leakage in alloc_init_cpu_groups() (git-fixes). - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout (git-fixes). - serial: amba-pl011: Make sure we initialize the port.lock spinlock (git-fixes). - serial: 8250_pci: Move Pericom IDs to pci_ids.h (git-fixes). - commit 5b7d8a8 - nvme: kABI fixes for nvme_ctrl (bsc#1159058). - commit dc7531f - ocfs2: fix panic on nfs server over ocfs2 (bsc#1172963). - ocfs2: load global_inode_alloc (bsc#1172963). - ocfs2: avoid inode removal while nfsd is accessing it (bsc#1172963). - commit 1a01c78 - docs: fix memory.low description in cgroup-v2.rst (git-fixes). (SLE documentation might refer to cgroup-v2.rst.) - commit 1c58dff - net: Fix a documentation bug wrt. ip_unprivileged_port_start (git-fixes). (SLES tuning guide refers to ip-sysctl.txt.) - commit b51f83b - blacklist.conf: Add dc8d37ed304ee ("cpu/SMT: Fix x86 link error without CONFIG_SYSFS") - commit 24e5ac8 - blacklist.conf: Add 98919f4c9a342 ("Documentation: debugfs: Document debugfs helper for unsigned long values") - commit 5a3f2df - io-mapping: indicate mapping failure (git-fixes). - commit b3a6154 ++++ libX11: - U_001-ChangeTheData_lenParameterOf_XimAttributeToValueToCARD16.patch, U_002-FixIntegerOverflowsIn_XimAttributeToValue.patch, U_003-FixMoreUncheckedLengths.patch, U_004-FixSignedLengthValuesIn_XimGetAttributeID.patch, U_005-ZeroOutBuffersInFunctions.patch, * XIM client heap overflows (CVE-2020-14344, bsc#1174628) ++++ libvirt: - CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. 22494556-CVE-2020-14339.patch bsc#1161883, bsc#1174458 ++++ microos-tools: - Update to version 2.2 - tmpfs support got moved to systemd ++++ read-only-root-fs: - Update to version 1.0+git20200730.1243fd0: * Add comment about the mounting of /root in the initrd * Better check for already existing /etc overlay [boo#1174733] ------------------------------------------------------------------ ------------------ 2020-7-29 - Jul 29 2020 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - update to 2.42 state of the Mozilla NSS Certificate store (bsc#1174673) Removed CAs: - AddTrust External CA Root - AddTrust Class 1 CA Root - LuxTrust Global Root 2 - Staat der Nederlanden Root CA - G2 - Symantec Class 1 Public Primary Certification Authority - G4 - Symantec Class 2 Public Primary Certification Authority - G4 - VeriSign Class 3 Public Primary Certification Authority - G3 Added CAs: - certSIGN Root CA G2 - e-Szigno Root CA 2017 - Microsoft ECC Root Certificate Authority 2017 - Microsoft RSA Root Certificate Authority 2017 ++++ conmon: - Update to v2.0.20 (bsc#1175821) - journald: fix logging container name - container logging: Implement none driver - "off", "null" or "none" all work. - ctrl: warn if we fail to unlink - Drop fsync calls - Reap PIDs before running exit command - Fix log path parsing - Add --sync option to prevent conmon from double forking - Add --no-sync-log option to instruct conmon to not sync the logs of the containers upon shutting down. This feature fixes a regression where we unconditionally dropped the log sync. It is possible the container logs could be corrupted on a sudden power-off. If you need container logs to remain in consistent state after a sudden shutdown, please update from v2.0.19 to v2.0.20 ++++ kernel-default: - powerpc/pseries: PCIE PHB reset (bsc#1174689). - powerpc/eeh: Fix pseries_eeh_configure_bridge() (bsc#1174689). - commit ba8e81b - nvme: consolodate io settings (bsc#1159058). - nvme: revalidate namespace stream parameters (bsc#1159058). - nvme: consolidate chunk_sectors settings (bsc#1159058). - nvme: revalidate after verifying identifiers (bsc#1159058). - nvme-multipath: set bdi capabilities once (bsc#1159058). - nvme: check namespace head shared property (bsc#1159058). - nvme: always search for namespace head (bsc#1159058). - nvme: release namespace head reference on error (bsc#1159058). - nvme: unlink head after removing last namespace (bsc#1159058). - nvme: remove the magic 1024 constant in nvme_scan_ns_list (bsc#1159058). - nvme: avoid an Identify Controller command for each namespace (bsc#1159058). - nvme: factor out a nvme_ns_remove_by_nsid helper (bsc#1159058). - nvme: clean up nvme_scan_work (bsc#1159058). - nvme: refine the Qemu Identify CNS quirk (bsc#1159058). - nvme: remove unused parameter (bsc#1159058). - commit fe17413 - Delete patches.suse/apparmor-Fix-memory-leak-of-profile-proxy.patch (bsc#1174627) - commit dbe0add - nvme-multipath: do not fall back to __nvme_find_path() for non-optimized paths (bsc#1172108). - nvme-multipath: fix logic for non-optimized paths (bsc#1172108). - commit a2fe085 - xfrm: fix a warning in xfrm_policy_insert_list (bsc#1174645). - commit e77828e - IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command (git-fixes). - i40iw: fix null pointer dereference on a null wqe pointer (git-fixes). - commit 76175e9 - x86/stacktrace: Fix reliable check for empty user task stacks (bsc#1058115). - commit 4883ff2 - qed: suppress false-positives interrupt error messages on HW init (git-fixes). - qed: suppress "don't support RoCE & iWARP" flooding on HW init (git-fixes). - netdevsim: fix unbalaced locking in nsim_create() (git-fixes). - net: hns3: fix return value error when query MAC link status fail (git-fixes). - net: hns3: fix error handling for desc filling (git-fixes). - net: hns3: fix for not calculating TX BD send size correctly (git-fixes). - ionic: use mutex to protect queue operations (bsc#1167773). - ionic: keep rss hash after fw update (bsc#1167773). - ionic: update filter id after replay (bsc#1167773). - ionic: fix up filter locks and debug msgs (bsc#1167773). - ionic: use offset for ethtool regs data (bsc#1167773). - mlxsw: core: Fix wrong SFP EEPROM reading for upper pages 1-3 (bsc#1154488). - rtnetlink: Fix memory(net_device) leak when ->newlink fails (bsc#1154353). - bnxt_en: Init ethtool link settings after reading updated PHY configuration (jsc#SLE-8371 bsc#1153274). - RDMA/mlx5: Prevent prefetch from racing with implicit destruction (jsc#SLE-8446). - RDMA/core: Fix race in rdma_alloc_commit_uobject() (git-fixes). - RDMA/mlx5: Use xa_lock_irq when access to SRQ table (git-fixes). - IB/mlx5: Fix 50G per lane indication (git-fixes). - RDMA/siw: Fix reporting vendor_part_id (git-fixes). - IB/sa: Resolv use-after-free in ib_nl_make_request() (git-fixes). - IB/mad: Fix use after free when destroying MAD agent (git-fixes). - RDMA/counter: Query a counter before release (git-fixes). - RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (git-fixes). - RDMA/cma: Protect bind_list and listen_list while finding matching cm id (git-fixes). - RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 (git-fixes). - RDMA/efa: Set maximum pkeys device attribute (git-fixes). - RDMA/rvt: Fix potential memory leak caused by rvt_alloc_rq (git-fixes). - RDMA/siw: Fix pointer-to-int-cast warning in siw_rx_pbl() (git-fixes). - IB/cma: Fix ports memory leak in cma_configfs (git-fixes). - RDMA/mlx5: Add init2init as a modify command (git-fixes). - RDMA/hns: Fix cmdq parameter of querying pf timer resource (git-fixes). - RDMA/hns: Bugfix for querying qkey (git-fixes). - RDMA/uverbs: Fix create WQ to use the given user handle (git-fixes). - RDMA/mlx5: Verify that QP is created with RQ or SQ (git-fixes). - RDMA/mlx5: Fix udata response upon SRQ creation (git-fixes). - RDMA/rxe: Set default vendor ID (git-fixes). - IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (git-fixes). - RDMA/core: Fix double destruction of uobject (git-fixes). - RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (git-fixes). - IB/qib: Call kobject_put() when kobject_init_and_add() fails (git-fixes). - RDMA/iw_cxgb4: Fix incorrect function parameters (git-fixes). - RDMA/core: Fix double put of resource (git-fixes). - IB/core: Fix potential NULL pointer dereference in pkey cache (git-fixes). - IB/mlx4: Test return value of calls to ib_get_cached_pkey (git-fixes). - RDMA/rxe: Always return ERR_PTR from rxe_create_mmap_info() (git-fixes). - i40iw: Fix error handling in i40iw_manage_arp_cache() (git-fixes). - RDMA/core: Fix race between destroy and release FD object (git-fixes). - IB/rdmavt: Always return ERR_PTR from rvt_create_mmap_info() (git-fixes). - RDMA/core: Prevent mixed use of FDs between shared ufiles (git-fixes). - RDMA/mlx5: Set GRH fields in query QP on RoCE (git-fixes). - RDMA/siw: Fix potential siw_mem refcnt leak in siw_fastreg_mr() (git-fixes). - RDMA/mlx4: Initialize ib_spec on the stack (git-fixes). - RDMA/cm: Fix an error check in cm_alloc_id_priv() (git-fixes). - IB/hfi1: Fix memory leaks in sysfs registration and unregistration (git-fixes). - RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices (git-fixes). - RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (git-fixes). - IB/rdmavt: Delete unused routine (git-fixes). - i40iw: Report correct firmware version (git-fixes). - RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (git-fixes). - RDMA/cm: Read id.state under lock when doing pr_debug() (git-fixes). - RDMA/cm: Remove a race freeing timewait_info (git-fixes). - RDMA/cm: Fix checking for allowed duplicate listens (git-fixes). - RDMA/cm: Fix ordering of xa_alloc_cyclic() in ib_create_cm_id() (git-fixes). - IB/mlx5: Replace tunnel mpls capability bits for tunnel_offloads (git-fixes). - RDMA/siw: Fix passive connection establishment (git-fixes). - IB/mlx5: Fix missing congestion control debugfs on rep rdma device (git-fixes). - RDMA/ucma: Put a lock around every call to the rdma_cm layer (git-fixes). - RDMA/siw: Fix setting active_{speed, width} attributes (git-fixes). - RDMA/rxe: Fix configuration of atomic queue pair attributes (git-fixes). - RDMA/siw: Fix setting active_mtu attribute (git-fixes). - i40iw: Do an RCU lookup in i40iw_add_ipv4_addr (git-fixes). - RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (git-fixes). - IB/hfi1: Ensure pq is not left on waitlist (git-fixes). - RDMA/mad: Do not crash if the rdma device does not have a umad interface (git-fixes). - RDMA/core: Fix missing error check on dev_set_name() (git-fixes). - RDMA/mlx5: Fix the number of hwcounters of a dynamic counter (git-fixes). - RDMA/iwcm: Fix iwcm work deallocation (git-fixes). - RDMA/siw: Fix failure handling during device creation (git-fixes). - RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing (git-fixes). - RDMA/core: Fix protection fault in ib_mr_pool_destroy (git-fixes). - IB/hfi1, qib: Ensure RCU is locked when accessing list (git-fixes). - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (git-fixes). - Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow" (git-fixes). - commit 3509d43 - x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115). - commit c9872a0 ++++ libsemanage: - Add /var/lib/selinux ++++ policycoreutils: - Align more with Fedora spec file to get rid of python dependencies in the core system - create new python-utils sub-package - move some tools to devel sub-package - Cleanup dependencies ++++ selinux-policy: - Add policycoreutils-devel as BuildRequires ------------------------------------------------------------------ ------------------ 2020-7-28 - Jul 28 2020 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.5.0: Merge of ignition-dracut into ignition; CoreOS specific files have been removed (they can be found as part of https://github.com/coreos/fedora-coreos-config now for reference) * news: add notes for 2.5.0 * ci: skip rootfs.uuid test while ratcheting ignition-dracut merge * stages/disks: get filesystem info via device alias * dracut: remove CoreOS specific modules * Clean-up post-merge files. * ci: build metal4k image before live image * 30ignition: move conditional network startup out of ignition-dracut * tests/kola: move blackbox tests to its own dir * build_releases: drop script * templates: update checklist for current process * dracut/30ignition: fix typo in udev rule * dracut/30ignition: add Ignition LUKS * make: install systemd unit as non-executable * 30ignition: make var in dracut_func local * Add new ignition-fetch-offline.service * ci: test with git master of coreos/ignition * 30ignition: GPT setup: wait for 'boot' labeled partition * 30ignition: add wipefs to the initramfs * Remove OnFailure= from targets, put in services * ignition-setup-user.service: run before multipathd * 30ignition: clean up Ignition stages ordering * coreos-teardown-initramfs: propagate the automatic multipath conf * 99emergency-timeout: Dump all failed services * 30ignition: drop hard requirement on qemu_fw_cfg * 99emergency-timeout: improve readability of Ignition failure message * 99emergency-timeout: also check ignition-fetch.service for failure * coreos-teardown-initramfs-network: don't run when emergency.target * dracut: add logging to systemd generator * coreos-teardown-initramfs-network: also propagate hostname * coreos-teardown-initramfs-network: support coreos.no_persist_ip karg * coreos-teardown-initramfs-network: consider ifcfg files in real root for RHCOS * coreos-teardown-initramfs-network: also skip local loopback interface * coreos-teardown-initramfs-network: do SELinux relabel on copied files * coreos-teardown-initramfs-network: order ExecStop after other ignition units * coreos-teardown-initramfs-network: remove After=ignition-files.service * Add ignition-virtio-dump-journal.service * Add `basename` dependency to dracut module * coreos-teardown-initramfs-network: enable the service statically * coreos-teardown-initramfs-network: simplify networking takedown * coreos-teardown-initramfs-network: take down routes too * coreos-teardown-initramfs-network: take down teams as well * coreos-teardown-initramfs-network: remove state files on switch * coreos-teardown-initramfs-network: also propagate initramfs networking if desired * coreos-teardown-initramfs-network: refactor into more functions * add coreos-teardown-initramfs-network.service * Declare external applications as optional * Remove obsolete dependencies * Hook up to CoreOS CI * Add ignition-diskful-subsequent.target * Makefile: Remove grub/ install bits * Make setfiles optional * dracut: add some bins for s390x zVM instalation * README.md: add details about the branches here * units: add ConditionPathExists=/etc/initrd-release everywhere * Add ConditionPathExists=/etc/initrd-release to targets * 30ignition: add setfiles * 30ignition/ignition-setup-user: mount /boot partition ro * firstboot-complete: tell zipl to run * coreos-gpt-setup: workaround old lsblk not having PTUUID * Add `ignition-subsequent.target` for non-Ignition boots * ignition-firstboot-complete.service: Run as part of basic.target * Run ignition-disks earlier to avoid race condition * 30ignition: update ignition-complete.target OnFailure comment * dracut: Add an ignition-fetch.service * 30ignition: drop OnFailure handler from ignition-diskful.target * 30ignition: fix sequencing of target dependencies * Add RemainAfterExit=yes to systemd units of Type=oneshot * Makefile: New file implementing `make install` * 30ignition: move coreos-gpt-setup RemainAfterExit to correct section * 30ignition: on live images, read config.ign from custom initrd * 30ignition: make ignition-diskful a dependency of ignition-complete * 30ignition: fix double slash in ignition-setup-* dest paths * systemd: don't try to mark live boots complete * 30ignition: conditionally enable units requiring a boot disk * README.md: fix download link * update-bootengine: drop file * dracut/30ignition: localize some variables * ignition: fix correct device path when randomizing UUID * dracut/30ignition: fix typo in module_setup * ignition: split ignition-setup into base and user * dracut/30ignition: scramble disk uuid on 1st boot * grub: drop 02_ignition_firstboot * dracut: add 99emergency-timeout * 30ignition: drop CoreOS specific bits * dracut/30ignition: link to RHBZ in ignition-complete * dracut/30ignition: add OnFailure= for ExecStop= services * dracut/30ignition: order ExecStop= units before initrd-switch-root.target * dracut/30ignition: re-order directives in remount-sysroot * dracut/30ignition: add missing Before= for mount unit * dracut/30ignition: order ignition-complete.target before initrd.target * module_setup: include cdrom rules for openstack * dracut: add CoreOS integration services * dracut/30ignition: Add mount stage and drop OSTree-specific bits * dracut/30ignition: Explicitly add OnFailure=emergency.target * 30ignition: ignore coreos.randomize_disk_guid * 30ignition: drop check for coreos.oem.id * grub: support overriding network kcmdline args * README.md: update documentation * 02_ignition_firstboot: Enable networking if Ignition will run * dracut/30ignition: expect ignition binary in module directory * dracut/30ignition: add ignition-complete.target * dracut/30ignition: split out ignition-setup.service * dracut/30ignition: Only write ignition-setup.service on first boot * grub: find boot partition and use it directly * module-setup.sh: Check for module qemu_fw_cfg not build-in, so it works out of box on all arches * dracut/30ignition: general hack cleanups * dracut: adapt for s/oem/platform in Ignition * ignition-setup: don't perform umount, rely on systemd * ignition-setup: rename copy function * services: fixup unit deps to more match CL * ignition-setup: use MountFlags=slave for systemd unit * ignition-setup: changes from code review * ignition-setup: mount/unmount boot to grab user.ign * dracut: add /usr/sbin/ignition-setup to initramfs * generator: try to get ignition-setup to run on boot * generator: RemainAfterExit=yes for ignition-setup * ignition-setup: support boot or platform base/user configs * ignition-setup: remove support for default configs * Remove the check for OEM partition, not used * Always check for boot, needs to exist * Replace OEM with boot * Add ability to parse config.ign file on boot * journal: add clarifying comment for context * Remount /sysroot rw (#38) * ignition-firstboot-complete.service: Remount /boot rw * Rename `coreos.firstboot` kernel cmdline arg to `ignition.firstboot` to make options more distribution neutral. Update dracut/README.txt to take into account recent changes. * 30ignition: only instmods if module available * remove ignition-remount-sysroot.service files * ignition: run files stage at original CL ordering * ignition-disks.service: drop Requires=network.target * ignition-ask-var-mount.service: use RemainAfterExit=yes * module-setup.sh: explicitly install qemu_fw_cfg * module-setup: Make mkfs.btrfs optional * 30ignition: add support for ignition-disks * journal: Don't log to console AND kmsg * dracut/ignition: remove CL-legacy udev references * coreos-firstboot-complete: RemainAfterExit=yes * change the default level of messages send to kmsg * Add Journald forward to kernel log buffer option * fixup! Rework how we run Ignition on first boot * Rework how we run Ignition on first boot * Drop 'auto-detect' hacks in generator * Make ignition work on classic systems * ignition-generator: add hack for openstack support * Add ignition-ask-var-mount.service * no disks for now - boot systemd unit ordering issue * Run ignition-files after ostree-prepare-root.service * Prefix remount-sysroot.service with "ignition-" * README.txt: fix rpm-ostree instruction * update README * add back in forwarding journal to console * get rid of usr-generator module * For now let's assume ec2 if we are running on xen * module-setup: update module-setup so deps are pulled in * module-setup: order install list alphabetically * README: Note instructions are for classic systems * ignition-quench.clc: add the source for ignition-quench.ign * add ignition disks stage * only run Ignition on first boot * module-setup.sh should install the binaries Ignition depends on * reset to 863a8f6 * Try to fix problem * Revert "use /etc/machine-id to detect firstboot" * use /etc/machine-id to detect firstboot * Make it so we will only run once * Add README that shows people how to use this * Hack dracut to just do ignition-files. * remove extra sauce * dracut: drop obsolete comment * 99start-root: drop DEVLINKS from mdadm invocation * update CoC and legalese * dracut: ignore Azure SR-IOV VF interface * dracut: correctly sequence disk-uuid@ before ignition-setup * dracut: copy Ignition base configs into system dir * dracut: fix comment * dracut: consolidate Oracle OCI network units * dracut: add module to start iSCSI root disk * dracut: add network units for Oracle OCI * dracut: move IP/link teardown from a drop-in to a separate unit * dracut: switch to using gpt partition types * dracut: add module to assemble root raid array * update-bootengine: enable terminfo module * dracut: fail verity-setup.service if verity setup fails * dracut: update some comments in usr-generator * dracut: disable systemd-fsck@.service for /usr * dracut: prevent dev-mapper-usr.device from timing out * dracut: Move chmod into coreos-overlay with the others * dracut: Run coreos-static-network before ignition-files * dracut: add mkswap for ignition-disks * update-bootengine: take out multipath again with 045 * dracut: Have ignition depend on the upstream qemu module * dracut: use coreos-metadata to configure Packet networking on first boot * dracut: on ec2, disable systemd-networkd if ignition fails * update-bootengine: Drop amd64-generic from usage text * dracut: Drop support for diskless amd64-generic * dracut: disable networkd by default * dracut: conditionally enable coreos-digitalocean-network.service * dracut/30ignition: add mkfs.vfat * Revert "add sysusers to the initramfs" * add sysusers to the initramfs * dracut: Don't prompt twice upon reaching a dracut breakpoint * dracut: Don't instantly reboot upon reaching a dracut breakpoint * dracut: Unmount /sysroot/boot more carefully * dracut: teach ignition-generator about kvm * dracut: Delete /boot/coreos/first_boot after automatic Ignition run * dracut: Add comment * Revert "dracut: Use ConditionKernelCommandLine in Ignition units" * Revert "dracut: Run ignition-files whenever /etc/machine-id doesn't exist" * Revert "dracut: Randomize disk GUID only after ignition-disks succeeds" * dracut: Confirm entering emergency shell, reboot otherwise * dracut: Randomize disk GUID only after ignition-disks succeeds * dracut: Run ignition-files whenever /etc/machine-id doesn't exist * dracut: Use ConditionKernelCommandLine in Ignition units * dracut: Eliminate ignition.target * dracut: Migrate Ignition unit files from coreos-overlay * diskless-generator: Fix root directory mode 1777 on tmpfs * dracut: add qemu detection to ignition generator * dracut: support initramfs network configuration via cmdline * verity-generator: use BindsTo for device dependencies * verity-generator: fix race with disk modification jobs * dracut: enable coreos-digitalocean-network.service * dracut: add digitalocean network config * dracut: include cdrom_id rules * dracut: install qemu_fw_cfg lkm in ignition module * dracut: build onto the upstream systemd-networkd module * dracut: change pxe network config condition * dracut: set ClientIdentifier=mac for the PXE OEM * update-bootengine: add -k to usage message * dracut: install kernel network modules * update-bootengine: add support for bundling kernel modules * dracut: include ca-certs bundle * setup-root: fix ordering with /sysroot/usr mount * dracut: enable DHCPv6 * dracut: make gpt headers valid before randomizing * dracut: add forward-to-console option to journald * dracut: run tmpfilesd with etc-shadow config * dracut: explicitly order disk-uuid before systemd-fsck-root * dracut: read guid to randomize in disk-uuid from kernel paramater * dracut: require disk-uuid.service on coreos.randomize_disk_guid=1 * dracut: use ignition-generator to require disk-uuid.service * dracut: parse coreos.oem.id for ignition * setup-root: fix ordering between selinux-base.conf and libsemanage.conf * dracut: add mkfs.xfs to ignition * initrd-setup-root: check selinux tmpfiles configs before using them * update-bootengine: use the native ldconfig * dracut: apply etc.conf in initrd-setup-root * dracut: remove link-local addr from network config * dracut: remove junk from zz-default.network * dracut: remove Ignition udev trigger * dracut: use inst_simple instead of inst * dracut: swap ignition.force for coreos.first_boot * dracut: add mkfs dependencies for Ignition * dracut: use idiomatic method for installing rules * bootengine: apply baselayout-home.conf in initrd-setup-root * bootengine: fully populate the initrd shadow db from baselayout * bootengine: initialize /sysroot/etc shadowdb files from baselayout * bootengine: convert initrd-setup-root to a standalone shell script * bootengine: convert setup-root to a standalone systemd service * bootengine: rename 80setup-root to 99setup-root * Set up selinux tmpfiles before performing root pivot * dracut: set DefaultDependencies=no for initrd-systemd-resolved * dracut: add ignition systemd generator * dracut: add useradd, usermod, groupadd to ignition module. * dracut: udevadm settle after writing the disk GUID * dracut: take down all interfaces before switchroot * dracut: discard 99-default.link from 02systemd-networkd module * dracut: add ordering on disk-uuid.service * dracut: add Ignition * dracut: add systemd-networkd to the initramfs. * dracut: remove disk-uuid's dependence on Ignition * dracut: fix typo in disk-uuid.service * disk-uuid: add service for generating GPT UUID * verity-generator: disable default dependencies * verity-generator: add service generator for veritysetup * diskless-generator: make a real mount unit when using btrfs as rootfstype * dracut: don't explicitly remount /sysroot rw * setup-root: remove call to ldconfig * gptprio: remove kexec based implementation * diskless-generator: check value of mount.usr= and usr= * systemd: don't initialize machine-id, do initialize ld.so.conf * Explicitly supply the ACPI RSDP address to kexec on efi systems * update-bootengine: always run ldconfig in chroots before dracut * gptprio: retry mount if it fails the first time * systemd: add module to disable network device renaming * fix(update-bootengine): Exclude unnecessary dracut modules. * add(diskless-btrfs): Experiment for diskless btrfs instead of tmpfs * add(remount-sysroot.service): If needed remount root as rw * fix(99dracut-root): Replace 99fstab with an even more stupid hack. * add(10diskless-generator): Add generator for squashfs and tmpfs mounts. * fix(10usr-generator): Typo fixes * add(10usr-generator): Move usr=/dev/foo handling to a systemd generator * fix(80setup-root): Add missing -E flag to grep. * remove(80squashfs): Replaced by using fstab instead. * add(99fstab): New module to satisfy dracut without root= * fix(80setup-root): Handle initrd OEMs * fix(80setup-root): Silence "machine-id: No such file" error message * cleanup(80setup-root): Remove ${BOOTENGINE_ROOT_DIR} var * remove(80usrgptprio): Replaced by new gptprio and setup-root modules * add(80setup-root): Move fs setup logic to new module * fix(80gptprio): Gut most of gptprio, make it work for root and usr * feat(80usrgptprio) add ability for unique /etc/machine-id files * remove(80resize): Drop resize module * fix(80resize): Don't resize until after kexec * fix(80usrgptprio): Add special x-initrd.mount option to /sysroot/usr * add(resize): New dracut module to resize ROOT before mounting. * fix(update-bootengine): Include fsck in bootengine. * fix(80squashfs): Split hook into separate parse and mount hooks. * fix(80usrgptprio): Add basic support for plain block devices * fix(80usrgptprio): Update usr= option, not root= * fix(80usrgptprio): Support kernels in both /usr/boot and /boot * fix(80usrgptprio): Fix normal test case. Enable 80usrgptprio testing. * fix(80usrgptprio): Fix mount-fail test case. * fix(80usrgptprio): Fix kexec-fail test case. * fix(80usrgptprio): Fix fail-kernel test case. * fix(80usrgptprio): Fix backup/setup of symlinks root filesystem. * fix(80usrgptprio): Fix fail-everything test case. * fix(80usrgptprio): Do not run without usr=gptprio * fix(80usrgptprio): Convert test case to same spacing as module code. * feat(80usrgptprio): initial commit * fix(gptprio): Fix fallback path when using systemd. * fix(parse-gptprio.sh): Fix up log message. * add(journald): New module for journald configuration * fix(gptprio): Add best-effort support for unloading modules before kexec * fix(gptprio): Switch to falling back on kernel/kexec failures. * fix(tests): Rework the test suite, make false positives harder. * cleanup(gptprio): Move our verbose command logging into a common function * fix(gptprio): Drop case translation, cgpt next now uses lower case * fix(update-bootengine): Silence setlocale errors * fix(update-bootengine): Fix terrible typo that broke namespace creation. * feat(dracut/80squashfs): make oem of unlimited size * feat(parse-squashfs): add in support for custom OEMs * feat(squashfs): initial commit of squashfs root support * fix(update-bootengine): Compare namespaces via mountinfo. * License project under BSD-2 license * fix(module-setup): Use dracut_install which aborts on errors. * Add(update-bootengine): Move code for running dracut out of ebuild. * fix(dracut): use lower on PARTUUID * fix(dracut): umount the root fs * feat(tests): refactor and add tests * feat(dracut): add debuggging output * feat(pre-mount-gptprio): die if the kexec returns * fix(dracut) mount boot filesystem as ro so it's not dirty when it boots * feat(dracut) add proper support for cgpt * feat(dracut): get everything working * Initial commit - Dropped 0003-Disable-resetting-UUID.patch (upstream moved the functionality into the CoreOS configuration. - Added ignition-enable-network.sh / ignition-enable-network.service: Implemented ignition-fetch-offline feature to only start networking if required ++++ kernel-default: - drm/amd/powerplay: fix a crash when overclocking Vega M (bsc#1152472) - commit e5783e4 - drm/i915: Move cec_notifier to intel_hdmi_connector_unregister, v2. (bsc#1152489) * context changes - commit 832eb1e - drm/i915/gt: Only swap to a random sibling once upon creation (bsc#1152489) * context changes - commit b0d94d8 - drm/i915/fbc: Fix fence_y_offset handling (bsc#1152489) * context changes - commit c4ded04 - rtnetlink: Fix memory(net_device) leak when ->newlink fails (git-fixes). - commit 11a9564 - NTB: ntb_test: Fix bug when counting remote files (git-fixes). - NTB: perf: Fix race condition when run with ntb_test (git-fixes). - NTB: perf: Fix support for hardware that doesn't have port numbers (git-fixes). - NTB: perf: Don't require one more memory window than number of peers (git-fixes). - NTB: ntb_pingpong: Choose doorbells based on port number (git-fixes). - NTB: Fix the default port and peer numbers for legacy drivers (git-fixes). - NTB: Revert the change to use the NTB device dev for DMA allocations (git-fixes). - NTB: ntb_tool: reading the link file should not end in a NULL byte (git-fixes). - ntb_tool: pass correct struct device to dma_alloc_coherent (git-fixes). - ntb_perf: pass correct struct device to dma_alloc_coherent (git-fixes). - ntb: hw: remove the code that sets the DMA mask (git-fixes). - NTB: Fix static check warning in perf_clear_test (git-fixes). - habanalabs: increase timeout during reset (git-fixes). - commit 6d2dc2c - geneve: fix an uninitialized value in geneve_changelink() (git-fixes). - ieee802154: fix one possible memleak in adf7242_probe (git-fixes). - nfc: nci: add missed destroy_workqueue in nci_register_device (git-fixes). - hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path (git-fixes). - i2c: i2c-qcom-geni: Fix DMA transfer race (git-fixes). - i2c: rcar: always clear ICSAR to avoid side effects (git-fixes). - Revert "i2c: cadence: Fix the hold bit setting" (git-fixes). - drm/amd/powerplay: fix a crash when overclocking Vega M (git-fixes). - drm: sun4i: hdmi: Fix inverted HPD result (git-fixes). - phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked (git-fixes). - commit ce8f443 - fpga: dfl: fix bug in port reset handshake (git-fixes). - staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift (git-fixes). - staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift (git-fixes). - staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift (git-fixes). - staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support (git-fixes). - usb: tegra: Fix allocation for the FPCI context (git-fixes). - usb: xhci-mtk: fix the failure of bandwidth allocation (git-fixes). - commit c8a893b - ath9k: Fix regression with Atheros 9271 (git-fixes). - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (git-fixes). - commit 86f66b0 - blacklist.conf: remove ath9k commit and add phy/realtek commit - commit d6994a7 - rpm/kernel-obs-build.spec.in: Enable overlayfs Overlayfs is needed for podman or docker builds when no more specific driver can be used (like lvm or btrfs). As the default build fs is ext4 currently, we need overlayfs kernel modules to be available. - commit 29474aa - vgacon: fix out of bounds write to the scrollback buffer (bsc#1174205 CVE-2020-14331). - commit ffe1c3f ++++ libcontainers-common: - Added containers/common tarball for containers.conf(5) man page - Install containers.conf default configuration in /usr/share/containers - libpod repository on github got renamed to podman - Update to image 5.5.1 - Add documentation for credHelpera - Add defaults for using the rootless policy path - Update libpod/podman to 2.0.3 - docs: user namespace can't be shared in pods - Switch references from libpod.conf to containers.conf - Allow empty host port in --publish flag - update document login see config.json as valid - Update storage to 1.20.2 - Add back skip_mount_home ++++ gcc10: - Update to gcc-10 branch head (c0438ced53bcf57e4ebb1c38c), git465. * Includes GCC 10.2 release. [bsc#1173972] [jsc#ECO-2373] * Picks up fixes for C++20 coroutines support. [jsc#SLE-12297] * Picks up fix for a recent chromium build fail. - Build x86 CET enabled runtime for Factory. - Disable GCN offloading for SLE12 and SLE15 GA. ++++ systemd: - Restore default upstream tmp.mount (/tmp as tmpfs) behaviour (boo#1173461) ++++ podman: - libpod got renamed to podman on GitHub. Point _service file to the new name. - Remove obsolete old Requires on libcontainers-image and -storage all of that is inside libcontainers-common - Require a new enough libcontainers-common version to have the default containers.conf installed. - Remove deprecated libpod.conf and create an update notice pointing to containers.conf for user that made changes to libpod.conf - Suggest katacontainers instead of recommending it. It's not enabled by default, so it's just bloat ------------------------------------------------------------------ ------------------ 2020-7-27 - Jul 27 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tpm_crb: fix fTPM on AMD Zen+ CPUs (bsc#1174362). - commit 244d11a - scsi: libfc: Skip additional kref updating work event (bsc#1173849). - scsi: libfc: Handling of extra kref (bsc#1173849). - scsi: libfc: rport state move to PLOGI if all PRLI retry exhausted (bsc#1173849). - scsi: libfc: If PRLI rejected, move rport to PLOGI state (bsc#1173849). - scsi: libfc: free response frame from GPN_ID (bsc#1173849). - commit e4b0418 - /dev/mem: Add missing memory barriers for devmem_inode (git-fixes). - commit faada70 - fix paches metadata - fix Patch-mainline: patches.suse/NFS-Fix-interrupted-slots-by-sending-a-solo-SEQUENCE.patch patches.suse/sunrpc-Fix-gss_unwrap_resp_integ-again.patch - commit 8700f50 - /dev/mem: Revoke mappings when a driver claims the region (git-fixes). - commit 12e79d4 - mm/mmap.c: close race between munmap() and expand_upwards()/downwards() (bsc#1174527). - commit 8d322cd - Bluetooth: Disconnect if E0 is used for Level 4 (bsc#1171988 CVE-2020-10135). - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm (bsc#1171988 CVE-2020-10135). - commit 247f41e - udp: Improve load balancing for SO_REUSEPORT (git-fixes). - udp: Copy has_conns in reuseport_grow() (git-fixes). - net/smc: fix restoring of fallback changes (git-fixes). - ax88172a: fix ax88172a_unbind() failures (git-fixes). - ovl: inode reference leak in ovl_is_inuse true case (git-fixes). - commit 8886a83 - IB/hfi1: Fix module use count flaw due to leftover module put calls (bsc#1174407). - IB/hfi1: Fix another case where pq is left on waitlist (bsc#1174411). - commit 4615f3f - PCI/EDR: Log only ACPI_NOTIFY_DISCONNECT_RECOVER events (bsc#1174513). - commit 4124752 - kabi fix for SUNRPC-dont-update-timeout-value-on-connection-reset.patch (bsc1174263). - commit b2c60a4 - SUNRPC dont update timeout value on connection reset (bsc#1174263). - NFS: Fix interrupted slots by sending a solo SEQUENCE operation (bsc#1174264). - commit a34253a - sunrpc: Fix gss_unwrap_resp_integ() again (bsc#1174116). - commit 74de0ef - series.conf: cleanup - update upstream reference and move into sorted section: patches.suse/sched-Fix-race-against-ptrace_freeze_trace.patch - commit d3c68dc ++++ krb5: - Fix prefix reported by krb5-config, libraries and headers are not installed under /usr/lib/mit prefix. (bsc#1174079) ++++ u-boot-rpiarm64: - Enable EFI_RT_PROPERTIES_TABLE (bsc#1174029) Patch queue updated from git://github.com/openSUSE/u-boot.git sle15-sp2 * Patches added: 0034-cmd-efidebug-new-sub-command-tables.patch 0035-efi_loader-implement-EFI_RT_PROPERT.patch ------------------------------------------------------------------ ------------------ 2020-7-26 - Jul 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - arm64: dts: ls1046ardb: set RGMII interfaces to RGMII_ID mode (bsc#1174398). - arm64: dts: ls1043a-rdb: correct RGMII delay mode to rgmii-id (bsc#1174398). - net: fsl/fman: treat all RGMII modes in memac_adjust_link() (bsc#1174398). - commit 9181d93 - net: phy: realtek: add support for configuring the RX delay on RTL8211F (bsc#1174398). - commit f56681f ------------------------------------------------------------------ ------------------ 2020-7-25 - Jul 25 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Upgrade to upstream vresion 2.1.2 as 2.1.2-suse (for jre#SES-1081), including: * use openssl for random data generation * Misspelled socket name might cause confusion to inexperienced user. * iscsi/libopeniscsiusr:add libopeniscsiuser_node.h to HEADERS * Let initiator name be created by iscsi-init.service. * iscsi: fix fd leak * iscsi: Add break to while loop * Fix compiler complaint about string copy in iscsiuio * Fix a compiler complaint about writing one byte * Fix issue with zero-length arrays at end of struct * Add iscsi-init.service * Proper disconnect of TCP connection * Fix dependency on new systemd RPM macro * Fix SIGPIPE loop in signal handler * Update iscsi-iname.c * log:modify iSCSI shared memory permissions for logs * Sequence systemd services correctly when upgrading * Ignore iface.example in iface match checks * More changes for musl. * Fix type mismatch under musl. * Change include of to * Add Wants=remote-fs-pre.target for sequencing. * Add workaround in SPEC file for installcheck. * Fix issue where "iscsi-iname -p" core dumps. * iscsi-iname: fix iscsi-iname -p access NULL pointer without given IQN prefix * Fix iscsi.service so it handles restarts better Replacing open-iscsi-2.1.1-suse.tar.bz2 with open-iscsi-2.1.2-suse.tar.bz2, and updating open-iscsi-SUSE-latest.diff.bz2 to empty, since initially there are no differences. ++++ kernel-default: - fix patch metadata - fix Patch-mainline: patches.suse/sched-fair-handle-case-of-task_h_load-returning-0.patch - commit 48a221d ------------------------------------------------------------------ ------------------ 2020-7-24 - Jul 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched/fair: handle case of task_h_load() returning 0 (bnc#1155798 (CPU scheduler functional and performance backports)). - commit ea548c6 - Refresh patches.suse/sched-Fix-loadavg-accounting-race.patch. - commit 1d3f65b - IB/hfi1: Do not destroy link_wq when the device is shut down (bsc#1174409). - IB/hfi1: Do not destroy hfi1_wq when the device is shut down (bsc#1174409). - commit 469cd59 - Update patch reference tag for cdev security fix (CVE-2020-0305, bsc#1174462) - commit 589a02e ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#129 - Check tpm.mod in the new grub2 directory (bsc#1174320) - 0.931 ++++ podman: - Update to v2.0.3 * Fix handling of entrypoint * log API: add context to allow for cancelling * fix API: Create container with an invalid configuration * Remove all instances of named return "err" from Libpod * Fix: Correct connection counters for hijacked connections * Fix: Hijacking v2 endpoints to follow rfc 7230 semantics * Remove hijacked connections from active connections list * version/info: format: allow more json variants * Correctly print STDOUT on non-terminal remote exec * Fix container and pod create commands for remote create * Mask out /sys/dev to prevent information leak from the host * Ensure sig-proxy default is propagated in start * Add SystemdMode to inspect for containers * When determining systemd mode, use full command * Fix lint * Populate remaining unused fields in `pod inspect` * Include infra container information in `pod inspect` * play-kube: add suport for "IfNotPresent" pull type * docs: user namespace can't be shared in pods * Fix "Error: unrecognized protocol \"TCP\" in port mapping" * Error on rootless mac and ip addresses * Fix & add notes regarding problematic language in codebase * abi: set default umask and rlimits * Used reference package with errors for parsing tag * fix: system df error when an image has no name * Fix Generate API title/description * Add noop function disable-content-trust * fix play kube doesn't override dockerfile ENTRYPOINT * Support default profile for apparmor * Bump github.com/containers/common to v0.14.6 * events endpoint: backwards compat to old type * events endpoint: fix panic and race condition * Switch references from libpod.conf to containers.conf * podman.service: set type to simple * podman.service: set doc to podman-system-service * podman.service: use default registries.conf * podman.service: use default killmode * podman.service: remove stop timeout * systemd: symlink user->system * vendor golang.org/x/text@v0.3.3 * Fix a bug where --pids-limit was parsed incorrectly * search: allow wildcards * [CI:DOCS]Do not copy policy.json into gating image * Fix systemd pid 1 test * Cirrus: Rotate keys post repo. rename - The libpod.conf(5) man page got removed and all references are now pointing towards containers.conf(5), which will be part of the libcontainers-common package. ++++ yast2: - update is_wsl function to match wsl1 and wsl2 osrelease spellings (boo#1174183) - 4.2.87 ------------------------------------------------------------------ ------------------ 2020-7-23 - Jul 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix patches metadata - fix Patch-mainline: patches.suse/btrfs-add-assertions-for-tree-inode-io_tree-to-exten.patch patches.suse/btrfs-drop-argument-tree-from-btrfs_lock_and_flush_o.patch patches.suse/btrfs-use-correct-count-in-btrfs_file_write_iter.patch - commit 06e9b7f - btrfs: fix RWF_NOWAIT writes blocking on extent locks and waiting for IO (bsc#1174438). - commit 6283198 - btrfs: drop argument tree from btrfs_lock_and_flush_ordered_range (bsc#1174438). - commit fddc7a9 - btrfs: add assertions for tree == inode->io_tree to extent IO helpers (bsc#1174438). - commit b6577c1 - btrfs: fix RWF_NOWAIT write not failling when we need to cow (bsc#1174438). - commit 5cd33df - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof (bsc#1174438). - commit e8b9f70 - btrfs: fix hang on snapshot creation after RWF_NOWAIT write (bsc#1174438). - commit b6d39e5 - btrfs: use correct count in btrfs_file_write_iter() (bsc#1174438). - commit b0f2e4b - dpaa_eth: Make dpaa_a050385_wa static (bsc#1174396). - dpaa_eth: FMan erratum A050385 workaround (bsc#1174396). - commit 28d087a - fsl/fman: detect FMan erratum A050385 (bsc#1174396) Update arm64 config file - commit f586da0 - PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2 (bsc#1172201). - commit 901fe3f - media: cec: silence shift wrapping warning in __cec_s_log_addrs() (git-fixes). - commit 78dd0ad - blacklist.conf: for future infrastructure, and will need kABI workarounds in each user, only if we really need it - commit 5125020 - blacklist.conf: cleanup removing unused exported symbols, unavoidable kABI breakage - commit 5042b86 - ALSA: hda/realtek: Fixed ALC298 sound bug by adding quirk for Samsung Notebook Pen S (git-fixes). - ASoC: rt5682: Report the button event in the headset type only (git-fixes). - ASoC: Intel: bytcht_es8316: Add missed put_device() (git-fixes). - ASoC: rt286: fix unexpected interrupt happens (git-fixes). - ASoC: wm8974: remove unsupported clock mode (git-fixes). - ASoC: wm8974: fix Boost Mixer Aux Switch (git-fixes). - ASoC: topology: fix tlvs in error handling for widget_dmixer (git-fixes). - ASoC: topology: fix kernel oops on route addition error (git-fixes). - ASoc: codecs: max98373: remove Idle_bias_on to let codec suspend (git-fixes). - ASoC: codecs: max98373: Removed superfluous volume control from chip default (git-fixes). - ASoC: rockchip: add format and rate constraints on rk3399 (git-fixes). - ASoC: rt5670: Fix dac- and adc- vol-tlv values being off by a factor of 10 (git-fixes). - ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10 (git-fixes). - ASoC: rt5670: Correct RT5670_LDO_SEL_MASK (git-fixes). - ALSA: info: Drop WARN_ON() from buffer NULL sanity check (git-fixes). - USB: serial: option: add Quectel EG95 LTE modem (git-fixes). - USB: serial: ch341: add new Product ID for CH340 (git-fixes). - USB: serial: option: add GosunCn GM500 series (git-fixes). - USB: serial: cypress_m8: enable Simply Automated UPB PIM (git-fixes). - HID: quirks: Ignore Simply Automated UPB PIM (git-fixes). - HID: magicmouse: do not set up autorepeat (git-fixes). - HID: quirks: Always poll Obins Anne Pro 2 keyboard (git-fixes). - drm/amdgpu/sdma5: fix wptr overwritten in ->get_wptr() (git-fixes). - intel_th: pci: Add Emmitsburg PCH support (git-fixes). - intel_th: pci: Add Tiger Lake PCH-H support (git-fixes). - intel_th: pci: Add Jasper Lake CPU support (git-fixes). - mei: bus: don't clean driver pointer (git-fixes). - thermal: int3403_thermal: Downgrade error message (git-fixes). - Input: elan_i2c - add more hardware ID for Lenovo laptops (git-fixes). - Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list (git-fixes). - i2c: eg20t: Load module automatically if ID matches (git-fixes). - drm/exynos: fix ref count leak in mic_pre_enable (git-fixes). - drm/exynos: Properly propagate return value in drm_iommu_attach_device() (git-fixes). - drm/msm/dpu: allow initialization of encoder locks during encoder init (git-fixes). - drm/msm: fix potential memleak in error branch (git-fixes). - tpm_tis: extra chip->ops check on error path in tpm_tis_core_init (git-fixes). - thermal/drivers: imx: Fix missing of_node_put() at probe time (git-fixes). - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S (git-fixes). - spi: spidev: fix a potential use-after-free in spidev_release() (git-fixes). - spi: spidev: fix a race between spidev_release and spidev_remove (git-fixes). - Input: mms114 - add extra compatible for mms345l (git-fixes). - ACPI: video: Use native backlight on Acer TravelMate 5735Z (git-fixes). - Input: goodix - fix touch coordinates on Cube I15-TC (git-fixes). - ACPI: video: Use native backlight on Acer Aspire 5783z (git-fixes). - drm/sun4i: tcon: Separate quirks for tcon0 and tcon1 on A20 (git-fixes). - HID: quirks: Remove ITE 8595 entry from hid_have_special_driver (git-fixes). - mmc: sdhci: do not enable card detect interrupt for gpio cd type (git-fixes). - commit d00f168 ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#130 - Throw less warnings about fstab - 0.930 ++++ transactional-update: - Remove unused attr requires - Change bc to file requires ------------------------------------------------------------------ ------------------ 2020-7-22 - Jul 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blk-mq: consider non-idle request as "inflight" in blk_mq_rq_inflight() (bsc#1165933). - dm: do not use waitqueue for request-based DM (bsc#1165933). - commit 07e428e - series.conf: refresh - update upstream reference and resort: patches.suse/brcmfmac-Transform-compatible-string-for-FW-loading.patch - commit 75a973a - net/mlx5e: Fix CPU mapping after function reload to avoid aRFS RX crash (jsc#SLE-8464). - net/mlx5e: Fix VXLAN configuration restore after function reload (jsc#SLE-8464). - ionic: centralize queue reset code (bsc#1167773). - net: hns3: check reset pending after FLR prepare (bsc#1154353). - net: ipv4: Fix wrong type conversion from hint to rt in ip_route_use_hint() (bsc#1154353). - ionic: update the queue count on open (bsc#1167773). - commit 7491bf6 ------------------------------------------------------------------ ------------------ 2020-7-21 - Jul 21 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - pci: Revive pci_dev __aer_firmware_first* fields for kABI (bsc#1174356). - commit 4d2fe32 - PCI/AER: Remove HEST/FIRMWARE_FIRST parsing for AER ownership (bsc#1174356). - PCI/AER: Use only _OSC to determine AER ownership (bsc#1174356). - commit 6e69c19 - Refresh patches.suse/clk-qoriq-add-cpufreq-platform-device.patch. - commit 5dec1a6 - Refresh patches.suse/cpufreq-qoriq-convert-to-a-platform-driver.patch. - commit cf18c2c - Refresh patches.suse/gpio-tegra186-export-MODULE_DEVICE_TABLE.patch. - commit 3a8c8f1 - Refresh patches.suse/soc-tegra-pmc-Enable-PMIC-wake-event-on-Tegra186.patch. - commit d3492b2 - Refresh patches.suse/cpufreq-tegra186-add-CPUFREQ_NEED_INITIAL_FREQ_CHECK.patch. - commit 8dcc9fc - sched: Fix race against ptrace_freeze_trace() (bsc#1174345). - commit 2138587 - net/mlx5e: Fix repeated XSK usage on one channel (networking-stable-20_06_16). - net/mlx5: Fix fatal error handling during device load (networking-stable-20_06_16). - net/mlx5: drain health workqueue in case of driver load error (networking-stable-20_06_16). - selftests/net: in rxtimestamp getopt_long needs terminating null entry (networking-stable-20_06_16). - dccp: Fix possible memleak in dccp_init and dccp_fini (networking-stable-20_06_16). - mlxsw: core: Use different get_trend() callbacks for different thermal zones (networking-stable-20_06_10). - net_failover: fixed rollback in net_failover_open() (networking-stable-20_06_10). - vxlan: Avoid infinite loop when suppressing NS messages with invalid options (networking-stable-20_06_10). - bridge: Avoid infinite loop when suppressing NS messages with invalid options (networking-stable-20_06_10). - l2tp: add sk_family checks to l2tp_validate_socket (networking-stable-20_06_07). - l2tp: do not use inet_hash()/inet_unhash() (networking-stable-20_06_07). - kABI: reintroduce inet_hashtables.h include to l2tp_ip (kabi). - devinet: fix memleak in inetdev_init() (networking-stable-20_06_07). - net: be more gentle about silly gso requests coming from user (networking-stable-20_06_07). - vsock: fix timeout in vsock_accept() (networking-stable-20_06_07). - nfp: flower: fix used time of merge flow statistics (networking-stable-20_06_07). - net: usb: qmi_wwan: add Telit LE910C1-EUX composition (networking-stable-20_06_07). - net: check untrusted gso_size at kernel entry (networking-stable-20_06_07). - net: stmmac: enable timestamp snapshot for required PTP packets in dwmac v5.10a (networking-stable-20_06_07). - commit 9e80866 - USB: serial: iuu_phoenix: fix memory corruption (git-fixes). - usb: gadget: function: fix missing spinlock in f_uac1_legacy (git-fixes). - usb: gadget: udc: atmel: fix uninitialized read in debug printk (git-fixes). - usb: gadget: udc: atmel: remove outdated comment in usba_ep_disable() (git-fixes). - usb: dwc2: Fix shutdown callback in platform (git-fixes). - USB: c67x00: fix use after free in c67x00_giveback_urb (git-fixes). - usb: chipidea: core: add wakeup support for extcon (git-fixes). - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute (git-fixes). - intel_th: Fix a NULL dereference when hub driver is not loaded (git-fixes). - virt: vbox: Fix guest capabilities mask check (git-fixes). - virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream (git-fixes). - iio: adc: ad7780: Fix a resource handling path in 'ad7780_probe()' (git-fixes). - iio:pressure:ms5611 Fix buffer element alignment (git-fixes). - iio:humidity:hts221 Fix alignment and data leak issues (git-fixes). - iio:humidity:hdc100x Fix alignment and data leak issues (git-fixes). - iio:magnetometer:ak8974: Fix alignment and data leak issues (git-fixes). - iio: pressure: zpa2326: handle pm_runtime_get_sync failure (git-fixes). - iio: core: add missing IIO_MOD_H2/ETHANOL string identifiers (git-fixes). - iio: magnetometer: ak8974: Fix runtime PM imbalance on error (git-fixes). - iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() (git-fixes). - iio:health:afe4404 Fix timestamp alignment and prevent data leak (git-fixes). - dmaengine: dmatest: stop completed threads when running without set channel (git-fixes). - dmaengine: fsl-edma-common: correct DSIZE_32BYTE (git-fixes). - dmaengine: dw: Initialize channel before each transfer (git-fixes). - dmaengine: mcf-edma: Fix NULL pointer exception in mcf_edma_tx_handler (git-fixes). - dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler (git-fixes). - dmaengine: sh: usb-dmac: set tx_result parameters (git-fixes). - dmaengine: imx-sdma: Fix: Remove 'always true' comparison (git-fixes). - keys: asymmetric: fix error return code in software_key_query() (git-fixes). - mmc: meson-gx: limit segments to 1 when dram-access-quirk is needed (git-fixes). - usbnet: smsc95xx: Fix use-after-free after removal (git-fixes). - hwrng: ks-sa - Fix runtime PM imbalance on error (git-fixes). - drm/amd/display: Use kfree() to free rgb_user in calculate_user_regamma_ramp() (git-fixes). - usb: gadget: Fix issue with config_ep_by_speed function (git-fixes). - ACPICA: Dispatcher: add status checks (git-fixes). - ACPI/IORT: Fix PMCG node single ID mapping handling (git-fixes). - commit b0f8c80 ++++ read-only-root-fs: - Use file requires, add sed ++++ sysconfig: - version 0.85.5 - spec: Fix Requires, use file requires (https://github.com/openSUSE/sysconfig/pull/25) - ntp: call chrony helper in background (bsc#1173391) ------------------------------------------------------------------ ------------------ 2020-7-20 - Jul 20 2020 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.4.1: * news: add notes for 2.4.1 * ci: also run testiso * engine: fix provider config precedence * news: fix typo * files: don't relabel homedir symlinks themselves * stages/files: set LUKS keyfile directory to 0700 * util/user_group_lookup: handle more error codes - Update to version 2.4.0: * news: add notes for 2.4.0 * doc: add Azure Stack to platform list * doc: drop production-users * doc: update link for systemd drop-ins * doc: update supported platform links * fetch-offline: signal networking for Tang-pinned LUKS devices * doc: add LUKS fields to configuration document * internal: add LUKS support * config: add LUKS to schema * units: empty dropins should be written to disk * internal/resource/http: clear CA compression on rewrite * internal/exec/engine: write empty cache config when not provided * AzureStack: add new target platform * CONTRIBUTING: drop mailing list and IRC references * MAINTAINERS: drop file * Azure: allow for either udf or iso9660 config volume * files: don't run `setfiles` with `-i` * files: relabel the systemd preset directory * exec/util: factor function for resolving symlinks * passwd: don't auto-prefix user homedir * internal/util/url: don't require networking for empty schemes * docs: Add gs scheme * config/types: Add validation for gcs urls * internal/resource: Support gcs urls in Ignition config * vendor: Add GCS module and its dependencies * ci: change --blacklist-test to --denylist-test * ci: also run gofmt and unit tests * fetch-offline: new stage for conditional networking * ci: move comment about kernel closer to `curl` * tests: add test for creating a deeper hard link to the file * stages/files: fix hard links to files that are deeper than the hard link * doc/configuration-*: clarify references to `source` * stages/disks: run wipefs before creating filesystem * stages/disks: warn if libblkid finds multiple filesystem signatures * exec/util: merge filesystem lookup functions * tests: add positive test for reusing ambivalent filesystem * tests: specify type when mounting filesystem * tests: add canned ZFS image * tests: only mount partitions if we need to * ci: test with latest ignition-dracut * providers/aws: change metadata version from 2009-04-04 to 2019-10-01 * Add CA bundle reference in the docs * Moving tls public/private keys into a separate package * Update AWS for IMDSv2 * Add cabundle tests * config/*: drop warning on unset file/dir mode * Add support for CA bundles for fetching the ignition config Fixes https://github.com/coreos/ignition/issues/931 * ci: Freeze kernel at 5.6.7 due to loop regression breaking blackbox test ++++ kernel-default: - percpu: Separate decrypted varaibles anytime encryption can be enabled (bsc#1174332). - selinux: fall back to ref-walk if audit is required (bsc#1174333). - selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" (bsc#1174333). - lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() (bsc#1174331). - commit 444a65c - powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey (bsc#1065729). - commit c00b49a ++++ python3-core: - Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch. ++++ python3: - Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch. ------------------------------------------------------------------ ------------------ 2020-7-18 - Jul 18 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix bdev inode reference count disbalance regression (bsc#1174244) Update patches.suse/bdev-add-open_finish.patch to adapt to changes introduced by patches.suse/block-Fix-use-after-free-in-blkdev_get.patch (backport of mainline commit 2d3a8e2dedde). - commit 7efbe7b - bus: ti-sysc: Do not disable on suspend for no-idle (git-fixes). - spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate (git-fixes). - regmap: debugfs: Don't sleep while atomic for fast_io regmaps (git-fixes). - HID: logitech-hidpp: avoid repeated "multiplier = " log messages (git-fixes). - drm/i915/gt: Ignore irq enabling on the virtual engines (git-fixes). - virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial (git-fixes). - soundwire: intel: fix memory leak with devm_kasprintf (git-fixes). - staging: comedi: verify array index is correct before using it (git-fixes). - Revert "thermal: mediatek: fix register index error" (git-fixes). - gpio: pca953x: Fix GPIO resource leak on Intel Galileo Gen 2 (git-fixes). - gpio: pca953x: disable regmap locking for automatic address incrementing (git-fixes). - gpio: pca953x: Override IRQ for one of the expanders on Galileo Gen 2 (git-fixes). - drm/amdgpu: don't do soft recovery if gpu_recovery=0 (git-fixes). - drm/radeon: fix double free (git-fixes). - drm/mediatek: Check plane visibility in atomic_update (git-fixes). - drm/amdgpu: use %u rather than %d for sclk/mclk (git-fixes). - drm/amdgpu/atomfirmware: fix vram_info fetching for renoir (git-fixes). - usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work (git-fixes). - drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 (git-fixes). - drm: panel-orientation-quirks: Add quirk for Asus T101HA panel (git-fixes). - drm: mcde: Fix display initialization problem (git-fixes). - gpu: host1x: Detach driver on unregister (git-fixes). - drm/tegra: hub: Do not enable orphaned window group (git-fixes). - regmap: Fix memory leak from regmap_register_patch (git-fixes). - regmap: fix alignment issue (git-fixes). - commit c917659 - ALSA: hda/realtek - fixup for yet another Intel reference board (git-fixes). - ALSA: hda/realtek - Enable Speaker for ASUS UX563 (git-fixes). - ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 (git-fixes). - ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with ALC256 (git-fixes). - ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401) series with ALC289 (git-fixes). - ALSA: hda/realtek - change to suitable link model for ASUS platform (git-fixes). - ALSA: usb-audio: Fix race against the error recovery URB submission (git-fixes). - ALSA: line6: Sync the pending work cancel at disconnection (git-fixes). - ALSA: line6: Perform sanity check for each URB creation (git-fixes). - commit 9ce2855 ------------------------------------------------------------------ ------------------ 2020-7-17 - Jul 17 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Adjust README after removal of combustion-generator - Switch to GPL-2.0-only ++++ kernel-default: - scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action (git-fixes). - s390/qeth: fix error handling for isolation mode cmds (git-fixes). - s390: fix syscall_get_error for compat processes (git-fixes). - s390/qdio: put thinint indicator after early error (git-fixes). - s390/qdio: tear down thinint indicator after early error (git-fixes). - s390/qdio: consistently restore the IRQ handler (git-fixes). - s390/kaslr: add support for R_390_JMP_SLOT relocation type (git-fixes). - s390/pci: Fix s390_mmio_read/write with MIO (git-fixes). - s390/ism: fix error return code in ism_probe() (git-fixes). - commit 06ae989 - blacklist.conf: Add superfluous stable commit IDs - commit 89408b6 - netfilter: ip6tables: Add a .pre_exit hook in all ip6table_foo.c (bsc#1171857). - netfilter: ip6tables: Split ip6t_unregister_table() into pre_exit and exit helpers (bsc#1171857). - netfilter: iptables: Add a .pre_exit hook in all iptable_foo.c (bsc#1171857). - netfilter: iptables: Split ipt_unregister_table() into pre_exit and exit helpers (bsc#1171857). - commit cb31b4c - bpf: Do not allow btf_ctx_access with __int128 types (bsc#1155518). - commit 60b474b ++++ python3-core: - Make library names internally consistent - Disable profile optimalizations as they deadlock in test_faulthandler - Disable lto as it causes mess and works with 3.7 onwards only - Sync the test disablements from the python3 in sle15 - Update to 3.6.11: - bpo-39073: Disallow CR or LF in email.headerregistry. Address arguments to guard against header injection attacks. - bpo-38576 (bsc#1155094): Disallow control characters in hostnames in http.client, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service. Fix the regex to prevent the catastrophic backtracking. Vulnerability reported by Ben Caller and Matt Schwager. - bpo-39401: Avoid unsafe load of api-ms-win-core-path-l1-1-0.dll at startup on Windows 7. - Remove merged patch CVE-2020-8492-urllib-ReDoS.patch ++++ policycoreutils: - Proper default permissions for newrole (4755) ++++ python3: - Make library names internally consistent - Disable profile optimalizations as they deadlock in test_faulthandler - Disable lto as it causes mess and works with 3.7 onwards only - Sync the test disablements from the python3 in sle15 - Update to 3.6.11: - bpo-39073: Disallow CR or LF in email.headerregistry. Address arguments to guard against header injection attacks. - bpo-38576 (bsc#1155094): Disallow control characters in hostnames in http.client, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service. Fix the regex to prevent the catastrophic backtracking. Vulnerability reported by Ben Caller and Matt Schwager. - bpo-39401: Avoid unsafe load of api-ms-win-core-path-l1-1-0.dll at startup on Windows 7. - Remove merged patch CVE-2020-8492-urllib-ReDoS.patch ++++ selinux-policy: - Update to version 20200717. Refreshed * fix_fwupd.patch * fix_hadoop.patch * fix_init.patch * fix_irqbalance.patch * fix_logrotate.patch * fix_nagios.patch * fix_networkmanager.patch * fix_postfix.patch * fix_sysnetwork.patch * fix_systemd.patch * fix_thunderbird.patch * fix_unconfined.patch * fix_unprivuser.patch * selinux-policy.spec - Added update.sh to make updating easier ------------------------------------------------------------------ ------------------ 2020-7-16 - Jul 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/fadump: fix race between pstore write and fadump crash trigger (bsc#1168959 ltc#185010). - commit 2b958e4 - powerpc/xmon: Reset RCU and soft lockup watchdogs (bsc#1065729). - commit 6d8c5ea - series.conf: cleanup - move unsortable patch out of sorted section patches.suse/revert-zram-convert-remaining-class_attr-to-class_attr_ro - commit 2caa587 - platform/x86: ISST: Increase timeout (bsc#1174185). - commit 1a0cfdb - Update patch reference tag for ACPI configfs security fix (CVE-2020-15780, bsc#1173573). - commit 4d52b6d ++++ libzypp: - Fix bsc#1174011 auth=basic ignored in some cases (bsc#1174011) Proactively send credentials if the URL specifes '?auth=basic' and a username. - ZYPP_MEDIA_CURL_DEBUG: Strip credentials in header log (bsc#1174011) - version 17.24.1 (22) ++++ salt: - Fix for TypeError in Tornado importer (bsc#1174165) - Added: * fix-type-error-in-tornadoimporter.patch ------------------------------------------------------------------ ------------------ 2020-7-15 - Jul 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mfd: intel-lpss: Add Intel Jasper Lake PCI IDs (jsc#SLE-12602). - commit f068576 - bridge: mcast: Fix MLD2 Report IPv6 payload length check (git-fixes). - tcp: md5: allow changing MD5 keys in all socket states (git-fixes). - nbd: Fix memory leak in nbd_add_socket (git-fixes). - SMB3: Honor lease disabling for multiuser mounts (git-fixes). - net: macb: call pm_runtime_put_sync on failure path (git-fixes). - net: dsa: bcm_sf2: Fix node reference count (git-fixes). - scsi: ufs-bsg: Fix runtime PM imbalance on error (git-fixes). - tty: hvc_console, fix crashes on parallel open/close (git-fixes). - workqueue: Remove unnecessary kfree() call in rcu_free_wq() (git-fixes). - powerpc/kasan: Fix issues by lowering KASAN_SHADOW_END (git-fixes). - KVM: nVMX: always update CR3 in VMCS (git-fixes). - net/tls: free record only on encryption error (git-fixes). - net/tls: fix encryption error checking (git-fixes). - commit ed61f4d - brcmfmac: Transform compatible string for FW loading (bsc#1169771). - commit 6bdc85b ++++ python3-core: - Fix minor issues found in the staging. - Do not set ourselves as a primary interpreter ++++ libsemanage: - Remove libsemanage-update-map-file.patch to prevent checkers from declining the submission. Keeping the snippet in the spec file in case we try to enable LTO again ++++ python3: - Fix minor issues found in the staging. - Do not set ourselves as a primary interpreter ------------------------------------------------------------------ ------------------ 2020-7-14 - Jul 14 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - exfat: move setting VOL_DIRTY over exfat_remove_entries() (git-fixes). - exfat: add missing brelse() calls on error paths (git-fixes). - fuse: copy_file_range should truncate cache (git-fixes). - fuse: fix copy_file_range cache issues (git-fixes). - exfat: fix incorrect update of stream entry in __exfat_truncate() (git-fixes). - exfat: fix memory leak in exfat_parse_param() (git-fixes). - apparmor: Fix memory leak of profile proxy (git-fixes). - apparmor: fix introspection of of task mode for unconfined tasks (git-fixes). - apparmor: ensure that dfa state tables have entries (git-fixes). - apparmor: remove useless aafs_create_symlink (git-fixes). - apparmor: Fix use-after-free in aa_audit_rule_init (git-fixes). - commit 094ca51 - blacklist.conf: Add 9486727f5981 iommu/vt-d: Make Intel SVM code 64-bit only - commit 6287dc6 - vfio/pci: Fix SR-IOV VF handling with MMIO blocking (bsc#1174129). - iommu/vt-d: Update scalable mode paging structure coherency (bsc#1174128). - iommu/vt-d: Enable PCI ACS for platform opt in hint (bsc#1174127). - iommu/arm-smmu-v3: Don't reserve implementation defined register space (bsc#1174126). - commit 4b65886 - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" (bsc#1173074 CVE-2020-10781). - commit d59a129 - padata: kABI fixup for struct padata_instance splitting nodes (git-fixes). - commit 03321ff - padata: add separate cpuhp node for CPUHP_PADATA_DEAD (git-fixes). - commit 3966f99 ++++ libselinux: - Update to version 3.1: * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were removed. All userspace object managers should have been updated to use the dynamic class/perm mapping support. Use string_to_security_class(3) and string_to_av_perm(3) to map the class and permission names to their policy values, or selinux_set_mapping(3) to create a mapping from class and permission index values used by the application to the policy values. * Removed restrictions in libsepol and checkpolicy that required all declared initial SIDs to be assigned a context. * Support for new policy capability genfs_seclabel_symlinks * selinuxfs is mounted with noexec and nosuid * `security_compute_user()` was deprecated ++++ libsemanage: - Update to version 3.1 * Improved manpage * fsync final files before rename ++++ libsepol: - Update to version 3.1 * Add support for new polcap genfs_seclabel_symlinks * Initialize the multiple_decls field of the cil db * Return error when identifier declared as both type and attribute * Write CIL default MLS rules on separate lines * Sort portcon rules consistently * Remove leftovers of cil_mem_error_handler * Drop remove_cil_mem_error_handler.patch, is included ++++ libzypp: - Completey rework the purge-kernels algorithm (fix bsc#1173106) The new code is closer to the original perl script, grouping the packages by name before applying the keep spec. - Set ZYPP_RPM_DEBUG=1 to capture verbose rpm command output (implements #228) - version 17.24.0 (22) ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#128 - Do not warn about missing SECURE_BOOT sysconfig - 0.929 ++++ policycoreutils: - Update to version 3.1 * New `setfiles -E` option - treat conflicting specifications as errors, such as where two hardlinks for the same inode have different contexts. * `setsebool -V` reports errors from commit phase * matchpathcon related interfaces are deprecated * New `restorecon -x` option which prevents it from crossing file system * boundaries. * `sepolgen-ifgen` parses a gen_tunable statement as bool * Removed Requires for python3-ipy as the ipaddress module is used. No requires for python-ipaddress as it's assumed this is used only on recent systems * Drop chcat_join.patch, is upstream ++++ selinux-policy: - Updated fix_unconfineduser.patch to allow unconfined_dbusd_t access to accountsd dbus - New patch: * fix_nis.patch - Updated patches: * fix_postfix.patch: Transition is done in distribution specific script ------------------------------------------------------------------ ------------------ 2020-7-13 - Jul 13 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update kabi files. - update to first maintenance update submission (commit eabfb0896fac) - commit 9da6523 - watchdog: iTCO: Add support for Cannon Lake PCH iTCO (jsc#SLE-13202). - commit e9c44ca - ALSA: hda: Intel: add missing PCI IDs for ICL-H, TGL-H and EKL (jsc#SLE-13261). - commit 137c3b6 - serial: 8250_tegra: Create Tegra specific 8250 driver (bsc#1173941). - Update config files. - commit 3b0dd22 - net: stmmac: don't attach interface until resume finishes (bsc#1174072). - net: stmmac: dwc-qos: avoid clk and reset for acpi device (bsc#1174072). - net: stmmac: dwc-qos: use generic device api (bsc#1174072). - net: stmmac: platform: fix probe for ACPI devices (bsc#1174072). - commit 05074b1 - fix patch metadata - fix Patch-mainline tag: patches.suse/net-smc-tolerate-future-smcd-versions - commit 83f40de - Fix patches.suse/media-mtk-vpu-avoid-unaligned-access-to-DTCM-buffer.patch (fix build without the kabi fix) - Refresh patches.kabi/kABI-fixup-mtk-vpu-avoid-unaligned-access-to-DTCM-buffer.patch This commit has no effect on expanded tree but it fixes build without patches.kabi/* (so that it will be needed for SLE15-SP3). - commit 62b468e - net/smc: tolerate future SMCD versions (bsc#1172543 LTC#186069). - commit fd05166 - hv_netvsc: Fix netvsc_start_xmit's return type (git-fixes). - commit 5b7bc98 - dm writecache: reject asynchronous pmem devices (bsc#1156395). - commit 26f82f2 ------------------------------------------------------------------ ------------------ 2020-7-10 - Jul 10 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fork: prevent accidental access to clone3 features (bsc#1174018). - commit 8b81b50 - signal: Avoid corrupting si_pid and si_uid in do_notify_parent (bsc#1171529). - commit eb37c8d - series.conf: cleanup - update upstream reference and resort: patches.suse/ALSA-usb-audio-Fix-packet-size-calculation.patch - commit f5de6d1 - fix patches metadata - fix Patch-mainline: patches.suse/NFSv4-fix-CLOSE-not-waiting-for-direct-IO-compeletio.patch patches.suse/SUNRPC-Properly-set-the-subbuf-parameter-of-xdr_buf_.patch patches.suse/libceph-don-t-omit-recovery_deletes-in-target_copy.patch patches.suse/nfsd-apply-umask-on-fs-without-ACL-support.patch patches.suse/nfsd-fix-nfsdfs-inode-reference-count-leak.patch patches.suse/nfsd4-fix-nfsdfs-reference-count-loop.patch patches.suse/pNFS-flexfiles-Fix-list-corruption-if-the-mirror-cou.patch patches.suse/sunrpc-fixed-rollback-in-rpc_gssd_dummy_populate.patch patches.suse/xprtrdma-Fix-handling-of-RDMA_ERROR-replies.patch - commit ad850c9 - net: core: device_rename: Use rwsem instead of a seqcount (bsc#1162702). - commit 7a01d9d - kabi: hv: prevent struct device_node to become defined (bsc#1172871). - PCI: hv: Retry PCI bus D0 entry on invalid device state (bsc#1172871). - PCI: hv: Fix the PCI HyperV probe failure path to release resource properly (bsc#1172871). - PCI: hv: Introduce hv_msi_entry (bsc#1172871). - PCI: hv: Move retarget related structures into tlfs header (bsc#1172871). - PCI: hv: Move hypercall related definitions into tlfs header (bsc#1172871). - PCI: hv: Decouple the func definition in hv_dr_state from VSP message (bsc#1172871). - PCI: hv: Change pci_protocol_version to per-hbus (bsc#1172871). - PCI: hv: Reorganize the code in preparation of hibernation (bsc#1172871). - commit 35a7d93 - Drivers: hv: Change flag to write log level in panic msg to false (bsc#1170617). - commit bcd509e ++++ libeconf: - Update to version 0.3.8+git20200710.5126fff: * Add CMake build scripts, remove autotools support * Move C++ ABI compatibility section ++++ opus: - Add opus-fix-celt-decoder-assertion.patch: When using OPUS_CUSTOM, CELTDecoder->end can be larger than 21. This causes builds with CUSTOM_MODES and either ENABLE_HARDENING or ENABLE_ASSERTIONS to crash. This patch fixes it. (bsc#1172526) ++++ sysfsutils: - Fix cdev name comparison (bsc#1155305), adding patches: * sysfsutils-Fix-issue-with-sysfs-name-comparisons.patch * sysfsutils-Limit-cdev-name-length-comparsion-to-strlen-1.patch ------------------------------------------------------------------ ------------------ 2020-7-9 - Jul 9 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Also force mounting of /tmp - Fix getting the script's return value ++++ dracut: - Update to version 049.1+suse.152.g8506e86f: * 01fips: modprobe failures during manual module loading is not fatal (bsc#bsc#1169997) * 91zipl: parse-zipl.sh: honor SYSTEMD_READY (bsc#1165828) * 95iscsi: fix ipv6 target discovery (bsc#1172807) * 35network-legacy: correct conditional for creating did-setup file (bsc#1172807) ++++ kernel-default: - Fix boot crash with MD (bsc#1173860) Refresh patches.suse/mdraid-fix-read-write-bytes-accounting.patch - commit 119f164 - scsi: lpfc: Fix less-than-zero comparison of unsigned value (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix interrupt assignments when multiple vectors are supported on same CPU (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix inconsistent indenting (bsc#1172687 bsc#1171530). - scsi: lpfc: Update lpfc version to 12.8.0.2 (bsc#1172687 bsc#1171530). - scsi: lpfc: Add an internal trace log buffer (bsc#1172687 bsc#1171530). - scsi: lpfc: Add blk_io_poll support for latency improvment (bsc#1172687 bsc#1171530). - scsi: lpfc: Add support to display if adapter dumps are available (bsc#1172687 bsc#1171530). - scsi: lpfc: Allow applications to issue Common Set Features mailbox command (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix language in 0373 message to reflect non-error message (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix kdump hang on PPC (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix shost refcount mismatch when deleting vport (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix stack trace seen while setting rrq active (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix oops due to overrun when reading SLI3 data (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix NVMe rport deregister and registration during ADISC (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix missing MDS functionality (bsc#1172687 bsc#1171530). - scsi: lpfc: Fix unused assignment in lpfc_sli4_bsg_link_diag_test (bsc#1172687 bsc#1171530). - commit fa0f156 - Refresh metadata of patches.suse/ALSA-usb-audio-Fix-packet-size-calculation.patch - commit 964e72b - series.conf: cleanup (sort) - patches.suse/sched-core-Check-cpus_mask-not-cpus_ptr-in-__set_cpus_allowed_ptr-to-fix-mask-corruption.patch - commit 451a6ea - sched: Fix loadavg accounting race (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 38a840e - drm: sun4i: hdmi: Remove extra HPD polling (bsc#1152489) - commit 9f8314c - drm/i915/gvt: Fix two CFL MMIO handling caused by regression. (bsc#1152489) - commit 5522961 - drm/msm/dpu: fix error return code in dpu_encoder_init (bsc#1152489) - commit c65f050 - ALSA: usb-audio: Add implicit feedback quirk for RTX6001 (git-fixes). - ALSA: usb-audio: add quirk for MacroSilicon MS2109 (git-fixes). - ALSA: hda/realtek: Enable headset mic of Acer Veriton N4660G with ALC269VC (git-fixes). - ALSA: hda/realtek: Enable headset mic of Acer C20-820 with ALC269VC (git-fixes). - ALSA: hda/realtek - Enable audio jacks of Acer vCopperbox with ALC269VC (git-fixes). - ALSA: hda/realtek - Fix Lenovo Thinkpad X1 Carbon 7th quirk subdevice id (git-fixes). - ALSA: hda/hdmi: improve debug traces for stream lookups (git-fixes). - ALSA: hda/hdmi: fix failures at PCM open on Intel ICL and later (git-fixes). - ALSA: opl3: fix infoleak in opl3 (git-fixes). - ALSA: usb-audio: Replace s/frame/packet/ where appropriate (git-fixes). - ALSA: hda - let hs_mic be picked ahead of hp_mic (git-fixes). - commit 6ae71bb - Refresh and move an upstreamed sound fix patch - commit 7719bb1 ++++ slirp4netns: - Update to 0.4.7 (bsc#1172380) * libslirp: update to v4.3.1 (Fix CVE-2020-10756) * Fix config_from_options() to correctly enable ipv6 ------------------------------------------------------------------ ------------------ 2020-7-8 - Jul 8 2020 ------------------- ------------------------------------------------------------------ ++++ gettext-runtime: - Fix boo941629-unnessary-rpath-on-standard-path.patch (boo#941629) ++++ kernel-default: - regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 (git-fixes). - remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use (git-fixes). - slimbus: ngd: get drvdata from correct device (git-fixes). - watchdog: da9062: No need to ping manually before setting timeout (git-fixes). - commit 086dd89 - drm/amd/display: Only revalidate bandwidth on medium and fast updates (git-fixes). - drm/amdgpu: drop redundant cg/pg ungate on runpm enter (git-fixes). - drm/amdgpu: move kfd suspend after ip_suspend_phase1 (git-fixes). - commit 8b89f9a - drm/amdgpu: fix the hw hang during perform system reboot and reset (git-fixes). - commit edc269e - pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case (git-fixes). - PCI: Don't disable decoding when mmio_always_on is set (git-fixes). - PCI: Add Loongson vendor ID (git-fixes). - PCI: vmd: Add device id for VMD device 8086:9A0B (git-fixes). - commit c92f65d - media: dvbdev: Fix tuner->demod media controller link (git-fixes). - media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling (git-fixes). - media: staging: imgu: do not hold spinlock during freeing mmu page table (git-fixes). - media: ov5640: fix use of destroyed mutex (git-fixes). - media: staging/intel-ipu3: Implement lock for stream on/off operations (git-fixes). - commit 615fb19 - Revert "i2c: tegra: Fix suspending in active runtime PM state" (git-fixes). - gpio: pca953x: fix handling of automatic address incrementing (git-fixes). - ipmi: use vzalloc instead of kmalloc for user creation (git-fixes). - HID: Add quirks for Trust Panora Graphic Tablet (git-fixes). - iwlwifi: mvm: fix aux station leak (git-fixes). - commit 667aa89 - drm: sun4i: hdmi: Remove extra HPD polling (git-fixes). - drm/i915/gvt: Fix two CFL MMIO handling caused by regression (git-fixes). - drm/msm/dpu: fix error return code in dpu_encoder_init (git-fixes). - bus: ti-sysc: Ignore clockactivity unless specified as a quirk (git-fixes). - drm/amd: fix potential memleak in err branch (git-fixes). - drm/amdgpu: add fw release for sdma v5_0 (git-fixes). - drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation (git-fixes). - drm/amd/display: Revalidate bandwidth before commiting DC updates (git-fixes). - drm/nouveau/disp/gm200-: fix NV_PDISP_SOR_HDMI2_CTRL(n) selection (git-fixes). - batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" (git-fixes). - ath10k: fix kernel null pointer dereference (git-fixes). - ath10k: Fix the race condition in firmware dump work queue (git-fixes). - drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and raven (git-fixes). - drm/amdgpu: Init data to avoid oops while reading pp_num_states (git-fixes). - cpufreq: Fix up cpufreq_boost_set_sw() (git-fixes). - cpuidle: Fix three reference count leaks (git-fixes). - cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once (git-fixes). - drm/amdgpu: fix gfx hang during suspend with video playback (v2) (git-fixes). - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn (git-fixes). - commit 8cd5c7d - bnxt_en: fix firmware message length endianness (bsc#1173894). - bnxt_en: Fix return code to "flash_device" (bsc#1173894). - commit 69ae6c0 - Revert commit e918e570415c ("tpm_tis: Remove the HID IFX0102") (git-fixes). - commit 8dc0431 - ixgbe: don't check firmware errors (bsc#1170284). - commit 37dfeb2 - usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect (CVE-2020-15393 bsc#1173514). - commit 0265130 - Update patch reference tag for ACPI lockdown fix (bsc#1173573) - commit 9a83bf0 - media: dvbsky: add support for eyeTV Geniatech T2 lite (bsc#1173776). - media: dvbsky: add support for Mygica T230C v2 (bsc#1173776). - media: si2168: add support for Mygica T230C v2 (bsc#1173776). - commit d3b7a06 - media: vicodec: Fix error codes in probe function (git-fixes). - commit b82f6d2 - nfsd: fix nfsdfs inode reference count leak (git-fixes). - nfsd4: fix nfsdfs reference count loop (git-fixes). - nfsd: apply umask on fs without ACL support (git-fixes). - SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() (git-fixes). - NFSv4 fix CLOSE not waiting for direct IO compeletion (git-fixes). - pNFS/flexfiles: Fix list corruption if the mirror count changes (git-fixes). - sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes). - xprtrdma: Fix handling of RDMA_ERROR replies (git-fixes). - libceph: don't omit recovery_deletes in target_copy() (git-fixes). - commit 04a6d04 ++++ podman: - Update to podman v2.0.2 * fix race condition in `libpod.GetEvents(...)` * Fix bug where `podman mount` didn't error as rootless * remove podman system connection * Fix imports to ensure v2 is used with libpod * Update release notes for v2.0.2 * specgen: fix order for setting rlimits * Ensure umask is set appropriately for 'system service' * generate systemd: improve pod-flags filter * Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil * Fixes --remote flag issues * Pids-limit should only be set if the user set it * Set console mode for windows * Allow empty host port in --publish flag * Add a note on the APIs supported by `system service` * fix: Don't override entrypoint if it's `nil` * Set TMPDIR to /var/tmp by default if not set * test: add tests for --user and volumes * container: move volume chown after spec generation * libpod: volume copyup honors namespace mappings * Fix `system service` panic from early hangup in events * stop podman service in e2e tests * Print errors from individual containers in pods * auto-update: clarify systemd-unit requirements * podman ps truncate the command * move go module to v2 * Vendor containers/common v0.14.4 * Bump to imagebuilder v1.1.6 on v2 branch * Account for non-default port number in image name - Changes since v2.0.1 * Update release notes with further v2.0.1 changes * Fix inspect to display multiple label: changes * Set syslog for exit commands on log-level=debug * Friendly amendment for pr 6751 * podman run/create: support all transports * systemd generate: allow manual restart of container units in pods * Revert sending --remote flag to containers * Print port mappings in `ps` for ctrs sharing network * vendor github.com/containers/common@v0.14.3 * Update release notes for v2.0.1 * utils: drop default mapping when running uid!=0 * Set stop signal to 15 when not explicitly set * podman untag: error if tag doesn't exist * Reformat inspect network settings * APIv2: Return `StatusCreated` from volume creation * APIv2:fix: Remove `/json` from compat network EPs * Fix ssh-agent support * libpod: specify mappings to the storage * APIv2:doc: Fix swagger doc to refer to volumes * Add podman network to bash command completions * Fix typo in manpage for `podman auto update`. * Add JSON output field for ps * V2 podman system connection * image load: no args required * Re-add PODMAN_USERNS environment variable * Fix conflicts between privileged and other flags * Bump required go version to 1.13 * Add explicit command to alpine container in test case. * Use POLL_DURATION for timer * Stop following logs using timers * "pod" was being truncated to "po" in the names of the generated systemd unit files. * rootless_linux: improve error message * Fix podman build handling of --http-proxy flag * correct the absolute path of `rm` executable * Makefile: allow customizable GO_BUILD * Cirrus: Change DEST_BRANCH to v2.0 ------------------------------------------------------------------ ------------------ 2020-7-7 - Jul 7 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - jbd2: Preserve kABI when adding j_abort_mutex (bsc#1173833). - commit 60b0b9e - blacklist.conf: Blacklist 3c597282887f - commit 4979dd4 - Drop ath9k backport patch that leads to a broken WiFi (bko#208251) Deleted and blacklisted: patches.suse/ath9k-Fix-general-protection-fault-in-ath9k_hif_usb_.patch - commit 3c2d65b - input: i8042 - Remove special PowerPC handling (git-fixes). - commit 6f410a4 - usb: renesas_usbhs: getting residue from callback_result (git-fixes). - xhci: Poll for U0 after disabling USB2 LPM (git-fixes). - xhci: Return if xHCI doesn't support LPM (git-fixes). - usb: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes). - xhci: Fix enumeration issue when setting max packet size for FS devices (git-fixes). - xhci: Fix incorrect EP_STATE_MASK (git-fixes). - USB: ohci-sm501: Add missed iounmap() in remove (git-fixes). - USB: ehci: reopen solution for Synopsys HC bug (git-fixes). - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 (git-fixes). - usb: host: ehci-exynos: Fix error check in exynos_ehci_probe() (git-fixes). - usb/ehci-platform: Set PM runtime as active on resume (git-fixes). - usb/xhci-plat: Set PM runtime as active on resume (git-fixes). - usb/ohci-platform: Fix a warning when hibernating (git-fixes). - usblp: poison URBs upon disconnect (git-fixes). - usb: host: ehci-platform: add a quirk to avoid stuck (git-fixes). - commit 89437cf - ALSA: usb-audio: Fix packet size calculation (bsc#1173847). - commit 72eb911 - ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet (git-fixes). - Refresh patches.suse/ASoC-Intel-bytcr_rt5640-Add-quirk-for-Toshiba-Encore.patch. - commit 9af3c7c - spi: dw: Return any value retrieved from the dma_transfer callback (git-fixes). - Refresh patches.suse/spi-dw-Add-SPI-Rx-done-wait-method-to-DMA-based-tran.patch. - Refresh patches.suse/spi-dw-Add-SPI-Tx-done-wait-method-to-DMA-based-tran.patch. - commit 62c15de - blacklist.conf: Blacklist 32302085a8d9 - commit 856ff38 - i2c: mlxcpld: check correct size of maximum RECV_LEN packet (git-fixes). - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 (git-fixes). - hwmon: (pmbus) fix a typo in Kconfig SENSORS_IR35221 option (git-fixes). - hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() (git-fixes). - hwmon: (max6697) Make sure the OVERT mask is set correctly (git-fixes). - tpm_tis: Remove the HID IFX0102 (git-fixes). - tpm: Fix TIS locality timeout problems (git-fixes). - thermal/drivers/rcar_gen3: Fix undefined temperature if negative (git-fixes). - thermal/drivers/mediatek: Fix bank number settings on mt8183 (git-fixes). - i2c: core: check returned size of emulated smbus block read (git-fixes). - i2c: fsi: Fix the port number field in status register (git-fixes). - Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate() (git-fixes). - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip (git-fixes). - clk: sifive: allocate sufficient memory for struct __prci_data (git-fixes). - ACPI: sysfs: Fix pm_profile_attr type (git-fixes). - ACPI: configfs: Disallow loading ACPI tables when locked down (git-fixes). - geneve: allow changing DF behavior after creation (git-fixes). - ALSA: usb-audio: Fix OOB access of mixer element list (git-fixes). - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) (git-fixes). - ASoC: rockchip: Fix a reference count leak (git-fixes). - ASoC: fsl_ssi: Fix bclk calculation for mono channel (git-fixes). - ASoc: q6afe: add support to get port direction (git-fixes). - ASoC: q6asm: handle EOS correctly (git-fixes). - ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems (git-fixes). - ALSA: usb-audio: Fix potential use-after-free of streams (git-fixes). - ALSA: hda/realtek - Add quirk for MSI GE63 laptop (git-fixes). - ALSA: usb-audio: add quirk for Denon DCD-1500RE (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for SSL2+ (git-fixes). - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table (git-fixes). - spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH (git-fixes). - pinctrl: tegra: Use noirq suspend/resume callbacks (git-fixes). - ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function (git-fixes). - sata_rcar: handle pm_runtime_get_sync failure cases (git-fixes). - i2c: pxa: clear all master action bits in i2c_pxa_stop_message() (git-fixes). - i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output (git-fixes). - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets (git-fixes). - hwmon: (k10temp) Add AMD family 17h model 60h PCI match (git-fixes). - x86/amd_nb: Add AMD family 17h model 60h PCI IDs (git-fixes). - thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR (git-fixes). - amdgpu: a NULL ->mm does not mean a thread is a kthread (git-fixes). - ASoC: SOF: nocodec: conditionally set dpcm_capture/dpcm_playback flags (git-fixes). - ASoC: core: only convert non DPCM link to DPCM link (git-fixes). - crypto: omap-sham - add proper load balancing support for multicore (git-fixes). - clk: qcom: msm8916: Fix the address location of pll->config_reg (git-fixes). - clk: ti: composite: fix memory leak (git-fixes). - clk: zynqmp: fix memory leak in zynqmp_register_clocks (git-fixes). - clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1 (git-fixes). - geneve: change from tx_error to tx_dropped on missing metadata (git-fixes). - pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map (git-fixes). - drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish (git-fixes). - iio: bmp280: fix compensation of humidity (git-fixes). - PCI: pci-bridge-emul: Fix PCIe bit conflicts (git-fixes). - PCI: dwc: Fix inner MSI IRQ domain registration (git-fixes). - PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register (git-fixes). - PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints (git-fixes). - PCI: Avoid FLR for AMD Starship USB 3.0 (git-fixes). - PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 (git-fixes). - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges (git-fixes). - ASoC: qcom: q6asm-dai: kCFI fix (git-fixes). - ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed (git-fixes). - ASoC: SOF: Do nothing when DSP PM callbacks are not set (git-fixes). - ASoC: ti: omap-mcbsp: Fix an error handling path in 'asoc_mcbsp_probe()' (git-fixes). - ASoC: tegra: tegra_wm8903: Support nvidia, headset property (git-fixes). - ASoC: max98373: reorder max98373_reset() in resume (git-fixes). - ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type (git-fixes). - ALSA: isa/wavefront: prevent out of bounds write in ioctl (git-fixes). - backlight: lp855x: Ensure regulators are disabled on probe failure (git-fixes). - mfd: wm8994: Fix driver operation if loaded as modules (git-fixes). - media: si2157: Better check for running tuner in init (git-fixes). - Bluetooth: Add SCO fallback for invalid LMP parameters error (git-fixes). - b43_legacy: Fix connection problem with WPA3 (git-fixes). - b43: Fix connection problem with WPA3 (git-fixes). - e1000e: Relax condition to trigger reset for ME workaround (git-fixes). - Bluetooth: btbcm: Add 2 missing models to subver tables (git-fixes). - carl9170: remove P2P_GO support (git-fixes). - Crypto/chcr: fix for ccm(aes) failed test (git-fixes). - e1000: Distribute switch variables for initialization (git-fixes). - clocksource: dw_apb_timer: Make CPU-affiliation being optional (git-fixes). - drm: bridge: adv7511: Extend list of audio sample rates (git-fixes). - platform/x86: asus_wmi: Reserve more space for struct bias_args (git-fixes). - platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015) (git-fixes). - platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32() (git-fixes). - mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core (git-fixes). - mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk (git-fixes). - spi: dw: Fix Rx-only DMA transfers (git-fixes). - spi: dw: Enable interrupts in accordance with DMA xfer mode (git-fixes). - spi: pxa2xx: Apply CS clk quirk to BXT (git-fixes). - commit 303666a - jbd2: avoid leaking transaction credits when unreserving handle (bsc#1173845). - commit 1c291c0 - mm: fix NUMA node file count error in replace_page_cache() (bsc#1173844). - commit e3f2d50 - ext4: avoid utf8_strncasecmp() with unstable name (bsc#1173843). - commit 92563f1 - ext4: stop overwrite the errcode in ext4_setup_super (bsc#1173841). - commit aaa2254 - ext4: fix partial cluster initialization when splitting extent (bsc#1173839). - commit 563be96 - ext4: fix race between ext4_sync_parent() and rename() (bsc#1173838). - commit 722d064 - ext4: fix error pointer dereference (bsc#1173837). - commit 70157c5 - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max (bsc#1173836). - commit a460d9c - block: Fix use-after-free in blkdev_get() (bsc#1173834). - commit 2225310 - ext4, jbd2: ensure panic by fix a race between jbd2 abort and ext4 error handlers (bsc#1173833). - commit 13dac57 - io_uring: use kvfree() in io_sqe_buffer_register() (bsc#1173832). - commit 307ffb6 - fat: don't allow to mount if the FAT length == 0 (bsc#1173831). - commit b0aa8d0 - proc: Use new_inode not new_inode_pseudo (bsc#1173830). - commit 3016fa7 - aio: fix async fsync creds (bsc#1173828). - commit 61a9adb - ubifs: fix wrong use of crypto_shash_descsize() (bsc#1173827). - commit bbe5f1d - ubifs: remove broken lazytime support (bsc#1173826). - commit e41be50 - fix multiplication overflow in copy_fdtable() (bsc#1173825). - commit 8426c92 - namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1173824). - commit ff263dd - gfs2: fix glock reference problem in gfs2_trans_remove_revoke (bsc#1173823). - commit cfd9533 - gfs2: Multi-block allocations in gfs2_page_mkwrite (bsc#1173822). - commit 403212e - loop: replace kill_bdev with invalidate_bdev (bsc#1173820). - commit 7ce51fe - block: nr_sects_write(): Disable preemption on seqcount write (bsc#1173818). - commit fe385e8 - block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed (bsc#1173817). - commit 181e153 ++++ gcc10: - Update to gcc-10 branch head (12e1a54b06777db74ce375496), git355. * Includes fix for non-reproducible builds with LTO [bsc#1172846]. ++++ yast2: - Command line interface: Do not start an UI while evaluating current language settings (bsc#1173133). - 4.2.86 ------------------------------------------------------------------ ------------------ 2020-7-6 - Jul 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - debugfs: Check module state before warning in {full/open}_proxy_open() (bsc#1173746). - commit 8445625 - kABI fixup mtk-vpu: avoid unaligned access to DTCM buffer (git-fixes). - media: mtk-vpu: avoid unaligned access to DTCM buffer (git-fixes). - commit 347e1e1 - bcache: fix potential deadlock problem in btree_gc_coalesce (bsc#1171732, CVE-2020-12771). - commit 34f5bd2 ------------------------------------------------------------------ ------------------ 2020-7-3 - Jul 3 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix for CVE-2020-10713 (bsc#1168994) * 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) * 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch * 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch * 0004-calloc-Use-calloc-at-most-places.patch * 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch * 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch * 0007-font-Do-not-load-more-than-one-NAME-section.patch - Fix CVE-2020-15706 (bsc#1174463) * 0008-script-Remove-unused-fields-from-grub_script_functio.patch * 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - Fix CVE-2020-15707 (bsc#1174570) * 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur * 0001-add-support-for-UEFI-network-protocols.patch * 0003-bootp-New-net_bootp6-command.patch * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * grub2-btrfs-09-get-default-subvolume.patch * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch * grub2-grubenv-in-btrfs-header.patch ++++ kernel-default: - bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier (bsc#1172344). - commit df79955 ++++ gcc10: - Enable nvptx support for aarch64 ------------------------------------------------------------------ ------------------ 2020-7-2 - Jul 2 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - IB/rdmavt: Free kernel completion queue when done (bsc#1173625). - commit d6f112e - Fix patches.suse/0001-video-vt8500lcdfb-fix-fallthrough-warning.patch. Fix openSUSE-15.2 build breakage by using a fall through comment instead of the "fallthrough" macro which is not defined in SLE15-SP2 and openSUSE-15.2. - commit 668daf6 - ionic: add pcie_print_link_status (bsc#1167773). - wil6210: use after free in wil_netif_rx_any() (bsc#1154353). - commit 23910ad - wil6210: account for napi_gro_receive never returning GRO_DROP (bsc#1154353). - socionext: account for napi_gro_receive never returning GRO_DROP (bsc#1154353). - ionic: tame the watchdog timer on reconfig (bsc#1167773). - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes (bsc#1173284). - ionic: export features for vlans to use (bsc#1167773). - ionic: no link check while resetting queues (bsc#1167773). - devmap: Use bpf_map_area_alloc() for allocating hash buckets (bsc#1154353). - RDMA/core: Check that type_attrs is not NULL prior access (jsc#SLE-8449). - mvpp2: remove module bugfix (bsc#1154353). - bnxt_en: Return from timer if interface is not in open state (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix AER reset logic on 57500 chips (bsc#1171150). - bnxt_en: Re-enable SRIOV during resume (jsc#SLE-8371 bsc#1153274). - bnxt_en: Simplify bnxt_resume() (jsc#SLE-8371 bsc#1153274). - bpf: Fix an error code in check_btf_func() (bsc#1154353). - net/mlx5: Disable reload while removing the device (jsc#SLE-8464). - net/mlx5: DR, Fix freeing in dr_create_rc_qp() (jsc#SLE-8464). - ionic: remove support for mgmt device (bsc#1167773). - ionic: wait on queue start until after IFF_UP (bsc#1167773). - wil6210: add wil_netif_rx() helper function (bsc#1154353). - commit fe9e2ce - scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request (bsc#1158983). - commit 3de702e - bpf: Document optval > PAGE_SIZE behavior for sockopt hooks (bsc#1155518). - selftests/bpf: Make sure optvals > PAGE_SIZE are bypassed (bsc#1155518). - bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE (bsc#1155518). - bpf, xdp, samples: Fix null pointer dereference in *_user code (bsc#1155518). - commit 525d7c1 ++++ NetworkManager: - Rebase nm-add-CAP_SYS_ADMIN-permission.patch. ------------------------------------------------------------------ ------------------ 2020-7-1 - Jul 1 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Set the timeout for the config device explicitly, like ignition-dracut ++++ diffutils: - Add ppc64_disable_failing_test to disable a sporadically failing test for ppc64 and ppc64le builds (boo#1156913) ++++ dracut: - Update to version 049.1+suse.148.gc4a6c2dd: * 95fcoe: load 'libfcoe' module as a fallback (bsc#1173560) * 99base: enable the initqueue in both 'dracut --add-device' and 'dracut --mount' cases. (bsc#bsc#1161573) ++++ kernel-default: - rpm/kernel-binary.spec.in: do not run klp-symbols for configs with no modules Starting with 5.8-rc1, s390x/zfcpdump builds fail because rpm/klp-symbols script does not find .tmp_versions directory. This is missing because s390x/zfcpdump is built without modules (CONFIG_MODULES disabled). As livepatching cannot work without modules, the cleanest solution is setting %klp_symbols to 0 if CONFIG_MODULES is disabled. (We cannot simply add another condition to the place where %klp_symbols is set as it can be already set to 1 from prjconf.) - commit a048c4b - rpm/config.sh: Update OBS build project. - commit c470a01 - drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1152472) - commit f188884 - drm: rcar-du: Fix build error (bsc#1152472) - commit 6214328 - drm/amdgpu: Replace invalid device ID with a valid device ID (bsc#1152472) - commit 8b94e6d - drm/i915/icl+: Fix hotplug interrupt disabling after storm detection (bsc#1152489) - commit c7ec144 - drm/connector: notify userspace on hotplug after register complete (bsc#1152489) * context changes - commit ab4aef3 - drm/msm: Check for powered down HW in the devfreq callbacks (bsc#1152489) - commit 8647289 - drm/i915/gt: Do not schedule normal requests immediately along (bsc#1152489) - commit 9c3d561 - blacklist.conf: Append 'drm/i915/gt: Stage the transfer of the virtual breadcrumb' - commit d2de202 - drm: amd/display: fix Kconfig help text (bsc#1152489) * context changes - commit 6439719 - drm/qxl: Use correct notify port address when creating cursor ring (bsc#1152472) - commit 600c22c - video: vt8500lcdfb: fix fallthrough warning (bsc#1152489) - commit 476a73c - mm/memory_hotplug: refrain from adding memory into an impossible node (bsc#1173552). - commit 65546dc ++++ multipath-tools: - Update to version 0.8.2+23.4b86d66: - Fix handling of incompletely initialized udev devices (bsc#1172157) - Remove ineffective patch for bsc#1172157 * Del patch: 11-dm-mpath.rules-Fix-udev-rule-processing-during-co.patch ++++ rebootmgr: - Update to version 1.3 - Fix documentation of is-active return value [bsc#1173484] - Fix crash if rebootmgrd is already running - Fix systemctl restart ------------------------------------------------------------------ ------------------ 2020-6-30 - Jun 30 2020 ------------------- ------------------------------------------------------------------ ++++ glibc: - nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100) ++++ kernel-default: - crypto: algif_skcipher - Cap recv SG list at ctx->used (git-fixes). - commit 63acd01 - crypto - Avoid free() namespace collision (git-fixes). - commit 08a9f27 - dpaa_eth: fix usage as DSA master, try 3 (networking-stable-20_05_27). - net/tls: fix race condition causing kernel panic (networking-stable-20_05_27). - net/mlx5: Fix error flow in case of function_setup failure (networking-stable-20_05_27). - net/mlx5e: Update netdev txq on completions during closure (networking-stable-20_05_27). - net/mlx5: Fix memory leak in mlx5_events_init (networking-stable-20_05_27). - net/mlx5e: Fix inner tirs handling (networking-stable-20_05_27). - net/mlx5e: kTLS, Destroy key object after destroying the TIS (networking-stable-20_05_27). - net/mlx5: Add command entry handling completion (networking-stable-20_05_27). - kABI: protect struct mlx5_cmd_work_ent (kabi). - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend (networking-stable-20_05_27). - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed (networking-stable-20_05_27). - tipc: block BH before using dst_cache (networking-stable-20_05_27). - net: mvpp2: fix RX hashing for non-10G ports (networking-stable-20_05_27). - net: don't return invalid table id error when we fall back to PF_UNSPEC (networking-stable-20_05_27). - kABI: protect struct fib_dump_filter (kabi). - net: ipip: fix wrong address family in init error path (networking-stable-20_05_27). - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() (networking-stable-20_05_27). - net: nlmsg_cancel() if put fails for nhmsg (networking-stable-20_05_27). - sctp: Don't add the shutdown timer if its already been added (networking-stable-20_05_27). - __netif_receive_skb_core: pass skb by reference (networking-stable-20_05_27). - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* (networking-stable-20_05_27). - net sched: fix reporting the first-time use timestamp (networking-stable-20_05_27). - nexthop: Fix attribute checking for groups (networking-stable-20_05_27). - net: dsa: mt7530: fix roaming from DSA user ports (networking-stable-20_05_27). - commit 8e6293e - dpaa2-eth: properly handle buffer size restrictions (networking-stable-20_05_16). - tcp: fix error recovery in tcp_zerocopy_receive() (networking-stable-20_05_16). - pppoe: only process PADT targeted at local interfaces (networking-stable-20_05_16). - net: stmmac: fix num_por initialization (networking-stable-20_05_16). - net: phy: fix aneg restart in phy_ethtool_set_eee (networking-stable-20_05_16). - tcp: fix SO_RCVLOWAT hangs with fat skbs (networking-stable-20_05_16). - hinic: fix a bug of ndo_stop (networking-stable-20_05_16). - net: dsa: loop: Add module soft dependency (networking-stable-20_05_16). - netprio_cgroup: Fix unlimited memory leak of v2 cgroups (networking-stable-20_05_16). - dpaa2-eth: prevent array underflow in update_cls_rule() (networking-stable-20_05_16). - nfp: abm: fix error return code in nfp_abm_vnic_alloc() (networking-stable-20_05_16). - net: tcp: fix rx timestamp behavior for tcp_recvmsg (networking-stable-20_05_16). - net: fix a potential recursive NETDEV_FEAT_CHANGE (networking-stable-20_05_16). - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" (networking-stable-20_05_16). - virtio_net: fix lockdep warning on 32 bit (networking-stable-20_05_16). - hinic: fix wrong para of wait_for_completion_timeout (networking-stable-20_05_16). - commit 8a9049d - net: dsa: Do not leave DSA master with NULL netdev_ops (networking-stable-20_05_12). - net: stricter validation of untrusted gso packets (networking-stable-20_05_12). - net: mvpp2: cls: Prevent buffer overflow in mvpp2_ethtool_cls_rule_del() (networking-stable-20_05_12). - net: mvpp2: prevent buffer overflow in mvpp22_rss_ctx() (networking-stable-20_05_12). - neigh: send protocol value in neighbor create notification (networking-stable-20_05_12). - nfp: abm: fix a memory leak bug (networking-stable-20_05_12). - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() (networking-stable-20_05_12). - tipc: fix partial topology connection closure (networking-stable-20_05_12). - net: macb: fix an issue about leak related system resources (networking-stable-20_05_12). - net: usb: qmi_wwan: add support for DW5816e (networking-stable-20_05_12). - net_sched: sch_skbprio: add message validation to skbprio_change() (networking-stable-20_05_12). - devlink: fix return value after hitting end in region read (networking-stable-20_05_12). - mlxsw: spectrum_acl_tcam: Position vchunk in a vregion list properly (networking-stable-20_05_12). - tunnel: Propagate ECT(1) when decapsulating as recommended by RFC6040 (networking-stable-20_05_12). - net: macsec: preserve ingress frame ordering (networking-stable-20_05_12). - net/mlx5: Fix command entry leak in Internal Error State (networking-stable-20_05_12). - net/mlx5: Fix forced completion access non initialized command entry (networking-stable-20_05_12). - net: tc35815: Fix phydev supported/advertising mask (networking-stable-20_05_12). - sch_sfq: validate silly quantum values (networking-stable-20_05_12). - sch_choke: avoid potential panic in choke_reset() (networking-stable-20_05_12). - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks (networking-stable-20_05_12). - net/tls: Fix sk_psock refcnt leak when in tls_data_ready() (networking-stable-20_05_12). - net/tls: Fix sk_psock refcnt leak in bpf_exec_tx_verdict() (networking-stable-20_05_12). - commit 01407a0 ++++ vim: - stop owning /etc/vimrc so the old, distro provided config actually gets removed. Leaving it around leads to a duplicated autocmd for * .spec, leading to spec file template inserted twice. - own some dirs in vim-data-common so installation of vim-small doesn't leave not owned directories (boo#1173256) - Add vi as slave to update-alternatives so that every package has a matching "vi" symlink (bsc#1174564, boo#1176549). ------------------------------------------------------------------ ------------------ 2020-6-29 - Jun 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - usb: gadget: udc: Potential Oops in error handling code (git-fixes). - commit e68d3a3 - Delete patches.suse/fs-Do-not-check-if-there-is-a-fsnotify-watcher-on-pseudo-inodes.patch. This patch (mainline commit e9c15badbb7b) breaks chromium browser: http://lkml.kernel.org/r/7b4aa1e985007c6d582fffe5e8435f8153e28e0f.camel@redhat.com - commit e23a2e5 - usb: typec: tcpci_rt1711h: avoid screaming irq causing boot hangs (git-fixes). - commit 9bf110f - USB: serial: ch341: add basis for quirk detection (git-fixes). - commit 5fcb9a5 - efi/tpm: Verify event log header before parsing (bsc#1173461). - commit 855e4d4 - blacklist.conf: aadf9dcef9d4 ("rxrpc: Fix trace string") Cosmetic change only. - commit 3492fbc - brcmfmac: expose RPi firmware config files through modinfo (bsc#1169094). - commit ceefe76 - tracing: Fix event trigger to accept redundant spaces (git-fixes). - commit b441336 - ring-buffer: Zero out time extend if it is nested and not absolute (git-fixes). - commit 4f656dc - sched/core: Fix PI boosting between RT and DEADLINE tasks (git fixes (sched)). - commit 55e2b0c - sched/deadline: Initialize ->dl_boosted (git fixes (sched)). - commit d7f40dc - Refresh patches.suse/sched-cfs-change-initial-value-of-runnable_avg.patch. - Refresh patches.suse/sched-core-Check-cpus_mask-not-cpus_ptr-in-__set_cpus_allowed_ptr-to-fix-mask-corruption.patch. - Refresh patches.suse/sched-core-Fix-ttwu-race.patch. - Refresh patches.suse/sched-core-s-WF_ON_RQ-WQ_ON_CPU.patch. - commit 302ff9b - s390/pci: Log new handle in clp_disable_fh() (git-fixes). - commit 0747f74 - sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1172823). - sched/deadline: Initialize ->dl_boosted (bsc#1172823). - commit b64bd29 - series.conf: cleanup - update upstream reference and resort: patches.suse/ibmvnic-continue-to-init-in-CRQ-reset-returns-H_CLOS.patch - commit 8848a5a - EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable (bsc#1152489). - commit ba796e7 ++++ mozilla-nss: - Expand nss-fips-fix-missing-nspr.patch to avoid spurious initialization attempt of global RNG (bsc#1168669). ++++ yast2: - Avoid failure when downloading release notes from an inoperative proxy (bsc#1173447). - 4.2.85 ------------------------------------------------------------------ ------------------ 2020-6-28 - Jun 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls (bsc#1173438). - commit f9be02d - selftests/timens: handle a case when alarm clocks are not supported (bsc#1164648,jsc#SLE-11493). - eventpoll: fix missing wakeup for ovflist in ep_poll_callback (bsc#1159867). - random: fix data races at timer_rand_state (bsc#1173438). - timer: Use hlist_unhashed_lockless() in timer_pending() (bsc#1173438). - jbd2: fix data races at struct journal_head (bsc#1173438). - list: Add hlist_unhashed_lockless() (bsc#1173438). - rcu: Fix data-race due to atomic_t copy-by-value (bsc#1171828). - tick/sched: Annotate lockless access to last_jiffies_update (bsc#1173438). - commit ea6eb59 ------------------------------------------------------------------ ------------------ 2020-6-26 - Jun 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh metadata of patches.suse/ibmvnic-continue-to-init-in-CRQ-reset-returns-H_CLOS.patch. - commit 9767e8e - ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397). - commit 79145c1 - EDAC/ghes: Setup DIMM label from DMI and use it in error reports (bsc#1168779). - commit a469a1d - wireguard: receive: account for napi_gro_receive never returning GRO_DROP (git-fixes). - wireguard: device: avoid circular netns references (git-fixes). - wireguard: noise: do not assign initiation time in if condition (git-fixes). - wireguard: send/receive: use explicit unlikely branch instead of implicit coalescing (git-fixes). Update context: patches.suse/wireguard-noise-separate-receive-counter-from-send-c.patch - wireguard: selftests: initalize ipv6 members to NULL to squelch clang warning (git-fixes). - commit 4d2639d ++++ libzypp: - Fix core dump with corrupted history file (bsc#1170801) - version 17.23.8 (22) ++++ qemu: - Update to v4.2.1, a stable, bug-fix-only release * Patches dropped (subsumed by stable update): arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch ati-vga-check-mm_index-before-recursive-.patch ati-vga-Fix-checks-in-ati_2d_blt-to-avoi.patch audio-oss-fix-buffer-pos-calculation.patch backup-top-Begin-drain-earlier.patch blkdebug-Allow-taking-unsharing-permissi.patch block-Activate-recursively-even-for-alre.patch block-Add-bdrv_qapi_perm_to_blk_perm.patch block-Avoid-memleak-on-qcow2-image-info-.patch block-backup-fix-memory-leak-in-bdrv_bac.patch block-backup-top-fix-failure-path.patch block-bdrv_set_backing_bs-fix-use-after-.patch block-block-copy-fix-progress-calculatio.patch block-Call-attention-to-truncation-of-lo.patch block-fix-crash-on-zero-length-unaligned.patch block-fix-memleaks-in-bdrv_refresh_filen.patch block-Fix-VM-size-field-width-in-snapsho.patch block-io-fix-bdrv_co_do_copy_on_readv.patch block-nbd-extract-the-common-cleanup-cod.patch block-nbd-fix-memory-leak-in-nbd_open.patch block-qcow2-threads-fix-qcow2_decompress.patch compat-disable-edid-on-correct-virtio-gp.patch display-bochs-display-fix-memory-leak.patch es1370-check-total-frame-count-against-c.patch Fix-double-free-issue-in-qemu_set_log_fi.patch Fix-use-afte-free-in-ip_reass-CVE-2020-1.patch hmp-vnc-Fix-info-vnc-list-leak.patch hw-arm-cubieboard-use-ARM-Cortex-A8-as-t.patch hw-arm-smmuv3-Align-stream-table-base-ad.patch hw-arm-smmuv3-Apply-address-mask-to-line.patch hw-arm-smmuv3-Check-stream-IDs-against-a.patch hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch hw-arm-smmuv3-Use-correct-bit-positions-.patch hw-i386-pc-fix-regression-in-parsing-vga.patch hw-intc-arm_gicv3_kvm-Stop-wrongly-progr.patch i386-Resolve-CPU-models-to-v1-by-default.patch intel_iommu-a-fix-to-vtd_find_as_from_bu.patch iotests-add-test-for-backup-top-failure-.patch iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch iotests-Fix-nonportable-use-of-od-endian.patch iscsi-Cap-block-count-from-GET-LBA-STATU.patch job-refactor-progress-to-separate-object.patch m68k-Fix-regression-causing-Single-Step-.patch migration-colo-fix-use-after-free-of-loc.patch migration-ram-fix-use-after-free-of-loca.patch migration-Rate-limit-inside-host-pages.patch migration-test-ppc64-fix-FORTH-test-prog.patch nbd-server-Avoid-long-error-message-asse.patch net-tulip-check-frame-size-and-r-w-data-.patch numa-properly-check-if-numa-is-supported.patch pc-bios-s390x-Save-iplb-location-in-lowc.patch ppc-ppc405_boards-Remove-unnecessary-NUL.patch qcow2-bitmaps-fix-qcow2_can_store_new_di.patch qcow2-List-autoclear-bit-names-in-header.patch Revert-qemu-options.hx-Update-for-reboot.patch Revert-vnc-allow-fall-back-to-RAW-encodi.patch runstate-ignore-finishmigrate-prelaunch-.patch s390-sclp-improve-special-wait-psw-logic.patch s390x-adapter-routes-error-handling.patch scsi-qemu-pr-helper-Fix-out-of-bounds-ac.patch sheepdog-Consistently-set-bdrv_has_zero_.patch slirp-use-correct-size-while-emulating-c.patch slirp-use-correct-size-while-emulating-I.patch spapr-Fix-failure-path-for-attempting-to.patch target-arm-Correct-definition-of-PMCRDP.patch target-arm-Fix-PAuth-sbox-functions.patch target-arm-fix-TCG-leak-for-fcvt-half-do.patch target-arm-monitor-query-cpu-model-expan.patch target-arm-Return-correct-IL-bit-in-merg.patch target-arm-Set-ISSIs16Bit-in-make_issinf.patch target-i386-do-not-set-unsupported-VMX-s.patch target-i386-kvm-initialize-feature-MSRs-.patch target-ppc-Fix-rlwinm-on-ppc64.patch target-xtensa-fix-pasto-in-pfwait.r-opco.patch tcg-i386-Fix-INDEX_op_dup2_vec.patch tcg-mips-mips-sync-encode-error.patch tcp_emu-Fix-oob-access.patch tcp_emu-fix-unsafe-snprintf-usages.patch tpm-ppi-page-align-PPI-RAM.patch util-add-slirp_fmt-helpers.patch vhost-user-blk-delete-virtioqueues-in-un.patch vhost-user-gpu-Drop-trailing-json-comma.patch vhost-user-gpu-Release-memory-returned-b.patch virtio-add-ability-to-delete-vq-through-.patch virtio-blk-fix-out-of-bounds-access-to-b.patch virtio-crypto-do-delete-ctrl_vq-in-virti.patch virtio-mmio-update-queue-size-on-guest-w.patch virtio-net-delete-also-control-queue-whe.patch virtio-pmem-do-delete-rq_vq-in-virtio_pm.patch virtio-update-queue-size-on-guest-write.patch vpc-Don-t-round-up-already-aligned-BAT-s.patch xen-block-Fix-double-qlist-remove-and-re.patch ------------------------------------------------------------------ ------------------ 2020-6-25 - Jun 25 2020 ------------------- ------------------------------------------------------------------ ++++ mozilla-nss: - Add nss-fips-fix-missing-nspr.patch (bsc#1168669). ++++ gcc10: - Update to gcc-10 branch head (c91e43e9363bd119a695d6450), git290. * Includes fix for PR95719, fixing LibreOffice. ++++ python3-core: - Add CVE-2020-14422-ipaddress-hash-collision.patch fixing CVE-2020-14422 (bsc#1173274, bpo#41004), where hash collisions in IPv4Interface and IPv6Interface could lead to DOS. ++++ python3: - Add CVE-2020-14422-ipaddress-hash-collision.patch fixing CVE-2020-14422 (bsc#1173274, bpo#41004), where hash collisions in IPv4Interface and IPv6Interface could lead to DOS. ++++ qemu: - Fix DoS possibility in Network Block Device (nbd) support infrastructure (CVE-2020-10761 bsc#1172710) block-Call-attention-to-truncation-of-lo.patch nbd-server-Avoid-long-error-message-asse.patch - Fix DoS possibility in ati-vga emulation (CVE-2020-13800 bsc#1172495) ati-vga-check-mm_index-before-recursive-.patch - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) exec-set-map-length-to-zero-when-returni.patch - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) megasas-use-unsigned-type-for-reply_queu.patch - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) es1370-check-total-frame-count-against-c.patch - Fix vgabios issue for cirrus graphivs emulation, which effectively downgraded it to standard VGA behavior vga-fix-cirrus-bios.patch - Remove problematic SMBus ACPI entry - causes problems for Windows 10 since it wants a (non-existent) driver for it i386-acpi-Remove-_HID-from-the-SMBus-ACP.patch ------------------------------------------------------------------ ------------------ 2020-6-24 - Jun 24 2020 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - Update to v1.1.0 - use openat2(2) when available. - accept "ro" as mount option. - fix set mtime for a symlink. - fix some issues reported by static analysis. - fix potential infinite loop on a short read. - fix creating a directory if the destination already exists in the upper layer. ++++ kernel-default: - sched/cfs: change initial value of runnable_avg (bsc#1158765). - commit daa01a4 - spi: dw-pci: Fix Chip Select amount on Intel Elkhart Lake PSE SPI (jsc#SLE-12735). - spi: dw-pci: Add runtime power management support (jsc#SLE-12735). - SPI: designware: pci: Switch over to MSI interrupts (jsc#SLE-12735). - spi: dw-pci: Add MODULE_DEVICE_TABLE (jsc#SLE-12735). - spi: dw-pci: Add support for Intel Elkhart Lake PSE SPI (jsc#SLE-12735). - commit fb43301 - thermal: intel: intel_pch_thermal: Add Comet Lake (CML) platform support (jsc#SLE-12668). - commit fd37b6c - ntb: intel: fix static declaration (jsc#SLE-12710). - ntb: intel: add hw workaround for NTB BAR alignment (jsc#SLE-12710). - commit 2f0e6e8 - mm: adjust vm_committed_as_batch according to vm overcommit policy (bnc#1173271). - mm/util.c: make vm_memory_committed() more accurate (bnc#1173271). - proc/meminfo: avoid open coded reading of vm_committed_as (bnc#1173271). - commit aef113d - series.conf: refresh No effect on expanded tree. - commit c2d8ecc - fix patch metadata - fix Patch-mainline tag: patches.suse/net-revert-net-get-rid-of-an-signed-integer-overflow-in-ip_idents_reserve.patch - commit b3deae9 - fix patch metadata - fix Patch-mainline tag: patches.suse/nvme-fc-avoid-gcc-10-zero-length-bounds-warning.patch patches.suse/scsi-sd_zbc-Fix-sd_zbc_complete.patch - fix bugzilla reference (bsc1173206 -> bsc#1173206): patches.suse/iocost-don-t-let-vrate-run-wild-while-there-s-no-sat.patch - commit 7891a6f - sched/core: s/WF_ON_RQ/WQ_ON_CPU/ (bnc#1155798 (CPU scheduler functional and performance backports)). - commit dfd878b - sched/core: Fix ttwu() race (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 2e88482 - sched/core: Check cpus_mask, not cpus_ptr in __set_cpus_allowed_ptr(), to fix mask corruption (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 1ad19c5 - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" (bnc#1158748 (network regression)). - commit 1b123ac ++++ systemd: - migrate-sysconfig-i18n.sh: fix marker handling (bsc#1173229) The marker is used to make sure the script is run only once. Instead of storing it in /usr, use /var which is more appropriate for such file. Also make it owned by systemd package. ------------------------------------------------------------------ ------------------ 2020-6-23 - Jun 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369). - commit 39f977e - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (CVE-2020-12888 bsc#1171868). - vfio-pci: Fault mmaps to enable vma tracking (CVE-2020-12888 bsc#1171868). - vfio/type1: Support faulting PFNMAP vmas (CVE-2020-12888 bsc#1171868). - commit d737eb2 - Fix a regression of AF_ALG crypto interface hang with aes_s390 (bsc#1167651) The upstream fix backported via git-fixes seems causing a trouble with s390 aes crypto module. The problem is generic and should be addressed in the upstream, but now we drop the patch as a quick resolution. The commit ID is added in blacklist, too. Deleted: patches.suse/0001-crypto-algif_skcipher-Use-chunksize-instead-of-block.patch - commit 59211f8 - i2c: designware-pci: Fix BUG_ON during device removal (jsc#SLE-12734). - commit 7d1f12c - i2c: designware-pci: Add support for Elkhart Lake PSE I2C (jsc#SLE-12734). - i2c: designware-pci: Switch over to MSI interrupts (jsc#SLE-12734). - commit 7f79de2 - ntb: intel: Add Icelake (gen4) support for Intel NTB (jsc#SLE-12710). - commit 37883e6 ++++ libsolv: - Enable zstd compression support for sle15 ++++ systemd: - Fix inconsistent file modes for some ghost files (bsc#1173227) Ghost files are assumed by rpm to have mode 000 by default which is not consistent with file permissions set at runtime. Also /var/lib/systemd/random-seed was tracked wrongly as a directory. Also don't track (ghost) /etc/systemd/system/runlevel*.target aliases since we're not supposed to track units or aliases user might define/override. ++++ libzypp: - Enable zchunk metadata download if libsolv supports it. - version 17.23.7 (22) ++++ transactional-update: - Version 2.22 - Use pkgconf to determine installation paths - Enable SSL connections in update shell [boo#1149131] & [boo#1133891] ------------------------------------------------------------------ ------------------ 2020-6-22 - Jun 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "pinctrl: freescale: imx: Use 'devm_of_iomap()' to avoid a resource leak in case of error in 'imx_pinctrl_probe()'" (git-fixes). - crypto: algboss - don't wait during notifier callback (git-fixes). - drm: encoder_slave: fix refcouting error for modules (git-fixes). - drm/i915: work around false-positive maybe-uninitialized warning (git-fixes). - commit 18a77fa - lpfc: Synchronize NVME transport and lpfc driver devloss_tmo (bcs#1173060). - commit 124f086 - r8169: Revive default chip version for r8168 (bsc#1173085). - commit c0956cb - scsi: megaraid_sas: Replace undefined MFI_BIG_ENDIAN macro with __BIG_ENDIAN_BITFIELD macro (bsc#1173206). - nvme-fc: avoid gcc-10 zero-length-bounds warning (bsc#1173206). - iocost: don't let vrate run wild while there's no saturation signal (bsc1173206). - blk-iocost: Fix error on iocost_ioc_vrate_adj (bsc#1173206). - blk-iocost: fix incorrect vtime comparison in iocg_is_idle() (bsc#1173206). - iocost: over-budget forced IOs should schedule async delay (bsc#1173206). - scsi: smartpqi: Update attribute name to `driver_version` (bsc#1173206). - iocost: check active_list of all the ancestors in iocg_activate() (bsc#1173206). - scsi: sd_zbc: Fix sd_zbc_complete() (bsc#1173206). - commit 7abe8d4 - blacklist.conf: Add commit for git-fixes (bsc#1173206) - commit 4a864a5 - irqchip/al-fic: Add support for irq retrigger (jsc#SLE-10505). - commit 8ec37c7 - sched/fair: Optimize dequeue_task_fair() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 3b10cba ++++ mdadm: - OnCalendar format fix of mdcheck_start.timer (bsc#1173137) 1002-OnCalendar-format-fix-of-mdcheck_start-timer.patch - Detail: adding sync status for cluster device (bsc#1163727) 0072-Detail-adding-sync-status-for-cluster-device.patch - Monitor: improve check_one_sharer() for checking duplicated process (bsc#1168953) 0071-Monitor-improve-check_one_sharer-for-checking-duplic.patch ++++ podman: - Update to podman v2.0.0 * The `podman generate systemd` command now supports the `--new` flag when used with pods, allowing portable services for pods to be created. * The `podman play kube` command now supports running Kubernetes Deployment YAML. * The `podman exec` command now supports the `--detach` flag to run commands in the container in the background. * The `-p` flag to `podman run` and `podman create` now supports forwarding ports to IPv6 addresses. * The `podman run`, `podman create` and `podman pod create` command now support a `--replace` flag to remove and replace any existing container (or, for `pod create`, pod) with the same name * The `--restart-policy` flag to `podman run` and `podman create` now supports the `unless-stopped` restart policy. * The `--log-driver` flag to `podman run` and `podman create` now supports the `none` driver, which does not log the container's output. * The `--mount` flag to `podman run` and `podman create` now accepts `readonly` option as an alias to `ro`. * The `podman generate systemd` command now supports the `--container-prefix`, `--pod-prefix`, and `--separator` arguments to control the name of generated unit files. * The `podman network ls` command now supports the `--filter` flag to filter results. * The `podman auto-update` command now supports specifying an authfile to use when pulling new images on a per-container basis using the `io.containers.autoupdate.authfile` label. * Fixed a bug where the `podman exec` command would log to journald when run in containers loggined to journald ([#6555](https://github.com/containers/libpod/issues/6555)). * Fixed a bug where the `podman auto-update` command would not preserve the OS and architecture of the original image when pulling a replacement ([#6613](https://github.com/containers/libpod/issues/6613)). * Fixed a bug where the `podman cp` command could create an extra `merged` directory when copying into an existing directory ([#6596](https://github.com/containers/libpod/issues/6596)). * Fixed a bug where the `podman pod stats` command would crash on pods run with `--network=host` ([#5652](https://github.com/containers/libpod/issues/5652)). * Fixed a bug where containers logs written to journald did not include the name of the container. * Fixed a bug where the `podman network inspect` and `podman network rm` commands did not properly handle non-default CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)). * Fixed a bug where Podman did not properly remove containers when using the Kata containers OCI runtime. * Fixed a bug where `podman inspect` would sometimes incorrectly report the network mode of containers started with `--net=none`. * Podman is now better able to deal with cases where `conmon` is killed before the container it is monitoring. - Requires go 1.13 now ------------------------------------------------------------------ ------------------ 2020-6-19 - Jun 19 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Drop dependency on ignition ++++ kernel-default: - Update patch reference for intel_th patch (jsc#SLE-12705) - commit 2f7215f ++++ libcontainers-common: - Remove remaining difference between SLE and openSUSE package and ship the some mounts.conf default configuration on both platforms. As the sources for the mount point do not exist on openSUSE by default this config will basically have no effect on openSUSE. (jsc#SLE-12122, bsc#1175821) ++++ systemd: - Include in the package version the stable minor (if any). Also update the version shown by various command such as 'systemctl - -version' to show the stable number. ------------------------------------------------------------------ ------------------ 2020-6-18 - Jun 18 2020 ------------------- ------------------------------------------------------------------ ++++ combustion: - Initial commit ++++ kernel-default: - s390/bpf: Maintain 8-byte stack alignment (bsc#1169194, LTC#185911). - commit 58beb12 - Update patch reference for s390 security fix (CVE-2020-10773 bsc#1172999) - commit 7370304 - firmware: imx-scu: Support one TX and one RX (git-fixes). - Refresh patches.suse/firmware-imx-scu-Fix-corruption-of-header.patch. - commit 0e40d23 - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling (git-fixes). - commit 510ece6 - lib/lzo: fix ambiguous encoding bug in lzo-rle (git-fixes). - x86/reboot/quirks: Add MacBook6,1 reboot quirk (git-fixes). - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes). - ASoC: max9867: fix volume controls (git-fixes). - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (git-fixes). - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb (git-fixes). - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg (git-fixes). - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx (git-fixes). - ath9k: Fix use-after-free Read in htc_connect_service (git-fixes). - drm/vkms: Hold gem object while still in-use (git-fixes). - ACPI: GED: add support for _Exx / _Lxx handler methods (git-fixes). - mmc: tmio: Further fixup runtime PM management at remove (git-fixes). - mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card() (git-fixes). - efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes). - spi: bcm-qspi: Handle clock probe deferral (git-fixes). - Input: synaptics - add a second working PNP_ID for Lenovo T470s (git-fixes). - Input: mms114 - fix handling of mms345l (git-fixes). - firmware: imx: warn on unexpected RX (git-fixes). - commit c722a2d - pinctrl: tigerlake: Tiger Lake uses _HID enumeration (jsc#SLE-12737). - commit 6831e2b - pinctrl: intel: Add Intel Tiger Lake pin controller support (jsc#SLE-12737). - Update config files: Add CONFIG_PINCTRL_TIGERLAKE=m - supported.conf: Add pinctrl-tigerlake as supported - commit 2966fcc - mfd: intel-lpss: Add Intel Tiger Lake PCI IDs (jsc#SLE-12737). - mtd: spi-nor: intel-spi: Add support for Intel Tiger Lake SPI serial flash (jsc#SLE-12737). - commit c6209c3 - Update the patch reference for ish-hid fix (jsc#SLE-12683) - commit 4a77970 - Update patch reference for can driver security fix (CVE-2020-14416 bsc#1162002) - commit f86a41b ++++ salt: - Require python3-distro only for TW (bsc#1173072) ------------------------------------------------------------------ ------------------ 2020-6-17 - Jun 17 2020 ------------------- ------------------------------------------------------------------ ++++ cni-plugins: - Update to version 0.8.6 (bsc#1172410 CVE-2020-10749) * New features * Support device id in host device plugin (#471). * win-bridge: add support for portMappings capability (#475). * Make host-device to work with virtio net device (#453). * Small improvements * ptp, bridge: disable accept_ra on the host-side interface (#484). * modify the error url of windowscontainer (#460). * portmap: Apply the DNAT hairpin to the whole subnet (#469). The DNAT hairpin rule only allow the * container itself to access the ports it is exposing thru the host IP. Other containers in the same subnet might also want to access this service via the host IP, so apply this rule to the whole subnet instead of just for the container. * Unlock OS thread after netns is restored (#455). * Bugfixes * plugins/meta/sbr: Adjusted ipv6 address mask to /128 (#479). A /64 mask was used which routed an entire cidr based on source, not only the bound address. * check bridge's port state (#468). fix #463 * Reset the route flag before moving the rule (#472). * replace juju/errors because of CNCF license scan (#458). ref to #457 * loopback: Fix ipv6 address checks (#442). Fixes a minor bug in loopback plugin. The IPv6 address check loops over IPv4 addresses. - from version 0.8.5 * Bugfixes * bridge: Fix for the case where kernel doesn't have CONFIG_BRIDGE_VLAN_FILTERING (#434) fixes #370. * vlan: Fix vlan plugin returning error when device is already removed (#438). * Improvements * sysctl: Improve support of sysctl name separators (#437). ++++ curl: - Security fix: [bsc#1173027, CVE-2020-8177] * curl can be tricked my a malicious server to overwrite a local file when using '-J' ('--remote-header-name') and '-i' ('--head') in the same command line. - Add curl-CVE-2020-8177.patch - Security fix: [bsc#1173026, CVE-2020-8169] * Partial password leak over DNS on HTTP redirect - Add curl-CVE-2020-8169.patch ++++ dracut: - Update to version 049.1+suse.146.g6f5195cf: * 35network-legacy: Fix dual stack setups (bsc#1172807) ++++ e2fsprogs: - po-remove-unnecessary-buggy-positional-parameter-spe.patch: po: remove unnecessary/buggy positional parameter specifiers (bsc#1170964) ++++ kernel-default: - rcutorture: Make kvm-find-errors.sh abort on bad directory (bsc#1173068). - rcutorture: Summarize summary of build and run results (bsc#1173068). - rcutorture: Add 100-CPU configuration (bsc#1173068). - torture: Make results-directory date format completion-friendly (bsc#1173068). - locktorture: Allow CPU-hotplug to be disabled via --bootargs (bsc#1173068). - torture: Hoist calls to lscpu to higher-level kvm.sh script (bsc#1173068). - torture: Allow "CFLIST" to specify default list of scenarios (bsc#1173068). - rcutorture: Add worst-case call_rcu() forward-progress results (bsc#1173068). - torture: Handle systems lacking the mpstat command (bsc#1173068). - torture: Handle jitter for CPUs that cannot be offlined (bsc#1173068). - rcutorture: Dispense with Dracut for initrd creation (bsc#1173068). - torture: Use gawk instead of awk for systime() function (bsc#1173068). - rcutorture: Remove CONFIG_HOTPLUG_CPU=n from scenarios (bsc#1173068). - rcutorture: Test TREE03 with the threadirqs kernel boot parameter (bsc#1173068). - torture: Expand last_ts variable in kvm-test-1-run.sh (bsc#1173068). - commit 937076b - ibmvnic: Harden device login requests (bsc#1170011 ltc#183538). - commit f073312 - rpm/modules.fips: * add aes-ce-ccm and des3_ede-x86_64 (boo#173030) * add aes_ti and aes_neon_bs (boo#1172956) - commit 9492a4d - objtool: Allow no-op CFI ops in alternatives (bsc#1169514). - commit b40dd12 - firmware: imx: scu: Fix corruption of header (git-fixes). - commit bd25a67 - e1000e: Do not wake up the system via WOL if device wakeup is disabled (git-fixes). - commit 8a4bb5a - fix patch metadata - fix Patch-mainline: patches.suse/NFS-Fix-fscache-super_cookie-index_key-from-changing.patch patches.suse/NFSv4-Fix-fscache-cookie-aux_data-to-ensure-change_a.patch patches.suse/NFSv4.1-fix-rpc_call_done-assignment-for-BIND_CONN_T.patch patches.suse/SUNRPC-Signalled-ASYNC-tasks-need-to-exit.patch patches.suse/nfs-fscache-use-timespec64-in-inode-auxdata.patch patches.suse/nfs-set-invalid-blocks-after-NFSv4-writes.patch patches.suse/nfsd4-make-drc_slab-global-not-per-net.patch patches.suse/svcrdma-Fix-leak-of-svc_rdma_recv_ctxt-objects.patch - commit 91ef650 - objtool: Fix ORC vs alternatives (bsc#1169514). - commit 0222f6e - objtool: Uniquely identify alternative instruction groups (bsc#1169514). - commit 862a5a6 - objtool: Remove check preventing branches within alternative (bsc#1169514). - commit c794e66 ++++ mozilla-nss: - update to NSS 3.53.1 * CVE-2020-12402 - Use constant-time GCD and modular inversion in MPI (bmo#1631597, bsc#1173032) ++++ systemd: - Don't restart udevd sockets during package update Otherwise we might miss kernel events as the daemon need to be stopped as well. - Import commit b12cd8b89b4bccfcf972b47153a2b01cd7775932 (include merge of v245.6) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/a6d31d1a02c2718a064bbbc40d003668acf72769...b12cd8b89b4bccfcf972b47153a2b01cd7775932 ------------------------------------------------------------------ ------------------ 2020-6-16 - Jun 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - objtool: Fix !CFI insn_state propagation (bsc#1169514). - commit 52c95b4 - objtool: Rename struct cfi_state (bsc#1169514). - commit faa0120 - ceph: skip checking caps when session reconnecting and releasing reqs (bsc#1172990). - ceph: make sure mdsc->mutex is nested in s->s_mutex to fix dead lock (bsc#1172989). - ceph: don't return -ESTALE if there's still an open file (bsc#1171915). - ceph: allow rename operation under different quota realms (bsc#1172988). - ceph: normalize 'delta' parameter usage in check_quota_exceeded (bsc#1172987). - ceph: ceph_kick_flushing_caps needs the s_mutex (bsc#1172986). - ceph: request expedited service on session's last cap flush (bsc#1172985 bsc#1167104). - ceph: convert mdsc->cap_dirty to a per-session list (bsc#1172984 bsc#1167104). - ceph: reset i_requested_max_size if file write is not wanted (bsc#1172983). - ceph: throw a warning if we destroy session with mutex still locked (bsc#1172940). - ceph: fix potential race in ceph_check_caps (bsc#1172940). - ceph: document what protects i_dirty_item and i_flushing_item (bsc#1172940). - ceph: don't take i_ceph_lock in handle_cap_import (bsc#1172940). - ceph: don't release i_ceph_lock in handle_cap_trunc (bsc#1172940). - ceph: add comments for handle_cap_flush_ack logic (bsc#1172940). - ceph: split up __finish_cap_flush (bsc#1172940). - ceph: reorganize __send_cap for less spinlock abuse (bsc#1172940). - ceph: flush release queue when handling caps for unknown inode (bsc#1172939). - libceph: ignore pool overlay and cache logic on redirects (bsc#1172938). - commit 14735c0 - media: cedrus: Program output format during each run (git-fixes). - clk: renesas: cpg-mssr: Fix STBCR suspend/resume handling (git-fixes). - serial: 8250: Fix max baud limit in generic 8250 port (git-fixes). - drivers: phy: sr-usb: do not use internal fsm for USB2 phy init (git-fixes). - HID: multitouch: enable multi-input as a quirk for some devices (git-fixes). - tun: correct header offsets in napi frags mode (git-fixes). - r8152: support additional Microsoft Surface Ethernet Adapter variant (git-fixes). - staging: kpc2000: fix error return code in kp2000_pcie_probe() (git-fixes). - irqchip/ti-sci-inta: Fix processing of masked irqs (git-fixes). - irqchip/versatile-fpga: Apply clear-mask earlier (git-fixes). - irqchip/versatile-fpga: Handle chained IRQs properly (git-fixes). - ktest: Add timeout for ssh sync testing (git-fixes). - commit ac894fa - fs: Do not check if there is a fsnotify watcher on pseudo inodes (bsc#1158765). - commit 7b8d90d - bpf, sockhash: Synchronize_rcu before free'ing map (git-fixes). - bpf, sockmap: Check update requirements after locking (git-fixes). - rxrpc: Fix call RCU cleanup using non-bh-safe locks (git-fixes). - netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy (git-fixes). - netfilter: nft_tproxy: Fix port selector on Big Endian (git-fixes). - netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no actions (git-fixes). - netfilter: nf_queue: enqueue skbs with NULL dst (git-fixes). - af_unix: add compat_ioctl support (git-fixes). - ipvs: Improve robustness to the ipvs sysctl (git-fixes). - commit 988684c - bpf: Undo internal BPF_PROBE_MEM in BPF insns dump (bsc#1155518). - commit 3b9919e - blacklist.conf: mark commit with incorrect Fixes line - commit 0804266 - nfs: set invalid blocks after NFSv4 writes (git-fixes). - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION (git-fixes). - nfsd4: make drc_slab global, not per-net (git-fixes). - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included (git-fixes). - NFS: Fix fscache super_cookie index_key from changing after umount (git-fixes). - SUNRPC: Signalled ASYNC tasks need to exit (git-fixes). - svcrdma: Fix leak of svc_rdma_recv_ctxt objects (git-fixes). - nfs: fscache: use timespec64 in inode auxdata (git-fixes). - commit a77a576 - blacklist.conf: add uninteresting commit - commit 3cb617b ++++ libsemanage: - Disabled LTO again. This breaks e.g. shadow and also other packages in security:SELinux ------------------------------------------------------------------ ------------------ 2020-6-15 - Jun 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - genetlink: clean up family attributes allocations (git-fixes). - commit f616c3b - panic: do not print uninitialized taint_flags (bsc#1172814). - commit 045c8db - ibmvnic: Flush existing work items before device removal (bsc#1065729). - commit 3f9ece1 - powerpc/fadump: Account for memory_limit while reserving memory (jsc#SLE-9099 git-fixes). - commit 3bdf3b7 - powerpc/fadump: consider reserved ranges while reserving memory (jsc#SLE-9099 git-fixes). - powerpc/fadump: use static allocation for reserved memory ranges (jsc#SLE-9099 git-fixes). - commit 5e676b4 - powerpc/powernv: Fix a warning message (bsc#1156395). - commit c1f8cea - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init (bsc#1065729). - powerpc/64s: Don't let DT CPU features set FSCR_DSCR (bsc#1065729). - commit 054bf6b - powerpc/64s/exception: Fix machine check no-loss idle wakeup (bsc#1156395). - commit 81b4c8f - asm-gemeric/tlb: remove stray function declarations (bsc#1156395). - commit 72eefc6 - include/asm-generic/topology.h: guard cpumask_of_node() macro argument (bsc#1148868). - commit 8cdd828 - powerpc/xive: Clear the page tables for the ESB IO mapping (fate#322438 bsc#1085030). - commit e1d4bd5 - nvme-fc: don't call nvme_cleanup_cmd() for AENs (bsc#1171688). - commit abf08ba - x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1152489). - commit f243f91 - blacklist.conf: 5214028dd89e x86/boot: Correct relocation destination on old linkers - commit 741883d - series.conf: cleanup - update upstream references and resort: patches.suse/scsi-ibmvscsi-Don-t-send-host-info-in-adapter-info-M.patch patches.suse/sunrpc-clean-up-properly-in-gss_mech_unregister.patch patches.suse/sunrpc-svcauth_gss_register_pseudoflavor-must-reject.patch - commit 1bb600f - fix patch metadata - fix Patch-mainline: patches.suse/sched-fair-Fix-enqueue_task_fair-warning-some-more.patch - commit f581127 - work around mvfs bug (bsc#1162063). - commit 5a1f922 - rpm: drop execute permissions on source files Sometimes a source file with execute permission appears in upstream repository and makes it into our kernel-source packages. This is caught by OBS build checks and may even result in build failures. Sanitize the source tree by removing execute permissions from all C source and header files. - commit 771e293 ++++ zypper: - Print switch abbrev warning to stderr (bsc#1172925) - Fix typo in man page (bsc#1169947) - version 1.14.37 ------------------------------------------------------------------ ------------------ 2020-6-12 - Jun 12 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - problem with LVM cache (data loss) (bsc#1172566) + bug-1172566_cachevol-use-cachepool-code-for-metadata-size.patch ++++ kernel-default: - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches (bsc#1172783 CVE-2020-10768). - commit 1ce088f - drm/i915: Limit audio CDCLK>=2*BCLK constraint back to GLK only (git-fixes). - drm/i915: extend audio CDCLK>=2*BCLK constraint to more platforms (git-fixes). - commit 9b79e3a - sched/cpuacct: Fix charge cpuacct.usage_sys (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/pelt: Sync util/runnable_sum with PELT window when propagating (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Optimize enqueue_task_fair() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Make newidle_balance() static again (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: find_idlest_group(): Remove unused sd_flag parameter (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Simplify the code of should_we_balance() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix enqueue_task_fair() warning some more (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 6d2135e - x86/speculation: Prevent rogue cross-process SSBD shutdown (bsc#1172781 CVE-2020-10766). - commit 9163040 - RDMA/nl: Do not permit empty devices names during RDMA_NLDEV_CMD_NEWLINK/SET (bsc#1172841). - commit 543b194 - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (git-fixes). - e1000e: Disable TSO for buffer overrun workaround (git-fixes). - commit 1f86986 - vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484). - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() (bsc#1172484). - vmxnet3: use correct hdr reference when packet is encapsulated (bsc#1172484). - vmxnet3: update to version 4 (bsc#1172484). - vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484). - vmxnet3: add support to get/set rx flow hash (bsc#1172484). - vmxnet3: prepare for version 4 changes (bsc#1172484). - commit f2fe4cd - net: ena: xdp: update napi budget for DROP and ABORTED (bsc#1154492). - net: ena: xdp: XDP_TX: fix memory leak (bsc#1154492). - genetlink: fix memory leaks in genl_family_rcv_msg_dumpit() (bsc#1154353). - RDMA/core: Move and rename trace_cm_id_create() (jsc#SLE-8449). - RDMA/srpt: Fix disabling device management (jsc#SLE-8449). - RDMA/bnxt_re: Remove dead code from rcfw (bsc#1170774). - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (jsc#SLE-8449). - ipv6: fix IPV6_ADDRFORM operation logic (bsc#1171662). - ice: Fix inability to set channels when down (jsc#SLE-7926). - bnxt_en: Improve TQM ring context memory sizing formulas (jsc#SLE-8371 bsc#1153274). - ice: Fix error return code in ice_add_prof() (jsc#SLE-7926). - net/mlx5e: replace EINVAL in mlx5e_flower_parse_meta() (jsc#SLE-8464). - net/mlx5e: Fix stats update for matchall classifier (jsc#SLE-8464). - net/mlx5: Fix crash upon suspend/resume (bsc#1172365). - net: dsa: declare lockless TX feature for slave ports (bsc#1154353). - RDMA/mlx5: Fix NULL pointer dereference in destroy_prefetch_work (jsc#SLE-8446). - net/mlx5: Fix cleaning unmanaged flow tables (jsc#SLE-8464). - net: phy: propagate an error back to the callers of phy_sfp_probe (bsc#1154353). - commit 2741342 - mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in zynqmp_ipi_mbox_probe() (git-fixes). - drm/sun4i: hdmi ddc clk: Fix size of m divider (git-fixes). - ACPI: PM: Avoid using power resources if there are none for D0 (git-fixes). - Input: edt-ft5x06 - fix get_default register write access (git-fixes). - mtd: rawnand: brcmnand: fix CS0 layout (git-fixes). - mtd: rawnand: xway: Fix the probe error path (git-fixes). - mtd: rawnand: tmio: Fix the probe error path (git-fixes). - mtd: rawnand: sunxi: Fix the probe error path (git-fixes). - mtd: rawnand: socrates: Fix the probe error path (git-fixes). - mtd: rawnand: sharpsl: Fix the probe error path (git-fixes). - mtd: rawnand: plat_nand: Fix the probe error path (git-fixes). - mtd: rawnand: pasemi: Fix the probe error path (git-fixes). - mtd: rawnand: oxnas: Release all devices in the _remove() path (git-fixes). - mtd: rawnand: oxnas: Keep track of registered devices (git-fixes). - mtd: rawnand: orion: Fix the probe error path (git-fixes). - mtd: rawnand: mtk: Fix the probe error path (git-fixes). - mtd: rawnand: ingenic: Fix the probe error path (git-fixes). - mtd: rawnand: diskonchip: Fix the probe error path (git-fixes). - mtd: rawnand: Fix nand_gpio_waitrdy() (git-fixes). - mtd: rawnand: brcmnand: correctly verify erased pages (git-fixes). - mtd: rawnand: brcmnand: fix hamming oob layout (git-fixes). - mtd: rawnand: onfi: Fix redundancy detection check (git-fixes). - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings (git-fixes). - mtd: rawnand: marvell: Fix probe error path (git-fixes). - mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered (git-fixes). - mtd: rawnand: marvell: Fix the condition on a return code (git-fixes). - clk: mediatek: assign the initial value to clk_init_data of mtk_mux (git-fixes). - clk: qcom: Add missing msm8998 ufs_unipro_core_clk_src (git-fixes). - clk: clk-flexgen: fix clock-critical handling (git-fixes). - clk: bcm2835: Remove casting to bcm2835_clk_register (git-fixes). - clk: bcm2835: Fix return type of bcm2835_register_gate (git-fixes). - clk: sprd: return correct type of value for _sprd_pll_recalc_rate (git-fixes). - clk: sunxi: Fix incorrect usage of round_down() (git-fixes). - clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical (git-fixes). - clk: meson: meson8b: Don't rely on u-boot to init all GP_PLL registers (git-fixes). - clk: meson: meson8b: Fix the vclk_div{1, 2, 4, 6, 12}_en gate bits (git-fixes). - clk: meson: meson8b: Fix the polarity of the RESET_N lines (git-fixes). - power: supply: smb347-charger: IRQSTAT_D is volatile (git-fixes). - power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()' (git-fixes). - power: supply: core: fix memory leak in HWMON error path (git-fixes). - power: supply: core: fix HWMON temperature labels (git-fixes). - power: reset: qcom-pon: reg write mask depends on pon generation (git-fixes). - power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select (git-fixes). - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK (git-fixes). - USB: serial: option: add Telit LE910C1-EUX compositions (git-fixes). - USB: serial: qcserial: add DW5816e QDL support (git-fixes). - mmc: fix compilation of user API (git-fixes). - spi: dt-bindings: spi-controller: Fix #address-cells for slave mode (git-fixes). - spi: dw: use "smp_mb()" to avoid sending spi data error (git-fixes). - commit f18fb8c - ASoC: rt5645: Add platform-data for Asus T101HA (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet (git-fixes). - ASoC: meson: add missing free_irq() in error path (git-fixes). - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines (git-fixes). - ALSA: emu10k1: delete an unnecessary condition (git-fixes). - commit 509b163 - ALSA: pcm: disallow linking stream to itself (git-fixes). - ALSA: usb-audio: Manage auto-pm of all bundled interfaces (git-fixes). - ALSA: pcm: fix snd_pcm_link() lockdep splat (git-fixes). - ALSA: usb-audio: Use the new macro for HP Dock rename quirks (git-fixes). - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock (git-fixes). - ALSA: usb-audio: Fix inconsistent card PM state after resume (git-fixes). - ALSA: usb-audio: Add Pioneer DJ DJM-900NXS2 support (git-fixes). - pcm_native: result of put_user() needs to be checked (git-fixes). - commit ef14fbe ++++ alsa: - Add UCM profile for ASUS Chromebook C300 (bsc#1171246): a downstream UCMv1 profile. The upstream took already UCMv2 one instead. ++++ lvm2: - problem with LVM cache (data loss) (bsc#1172566) + bug-1172566_cachevol-use-cachepool-code-for-metadata-size.patch ++++ libsemanage: - Fix build with LTO: [bsc#1133102] * Enable LTO (Link Time Optimization) and build with -ffat-lto-objects * Update map file to include new symbols and remove wildcards - Add libsemanage-update-map-file.patch ------------------------------------------------------------------ ------------------ 2020-6-11 - Jun 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS (bsc#1172782 CVE-2020-10767). - commit 6c80e35 - Refresh patches.suse/sched-Offload-wakee-task-activation-if-it-the-wakee-is-descheduling.patch. - Refresh patches.suse/sched-Optimize-ttwu-spinning-on-p-on_cpu.patch. - Refresh patches.suse/sched-cpuacct-Use-__this_cpu_add-instead-of-this_cpu_ptr.patch. - Refresh patches.suse/sched-fair-Fix-negative-imbalance-in-imbalance-calculation.patch. - Refresh patches.suse/sched-fair-Use-__this_cpu_read-in-wake_wide.patch. - commit 34c599d - livepatch: Make klp_apply_object_relocs static (bsc#1071995). - commit 293cfbf - livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols (bsc#1071995). - Refresh patches.suse/livepatch-create-and-include-UAPI-headers.patch. - commit 9ab151a - livepatch: Remove .klp.arch (bsc#1071995). - commit 0d36b79 - bfq: Fix check detecting whether waker queue should be selected (bsc#1168838). - commit 570a2f2 - livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995). - Refresh patches.suse/livepatch-create-and-include-UAPI-headers.patch. - commit 28cfe0c - Refresh patches.suse/cpufreq-intel_pstate-Allow-unspecified-FADT-profile-to-probe-PPC.patch. - Refresh patches.suse/pcc-cpufreq-Re-introduce-deadband-effect-to-reduce-number-of-frequency-changes.patch. - Refresh patches.suse/readahead-request-tunables.patch. - commit e092759 ++++ gcc10: - Enable c++ for arm-none-eabi ++++ openldap2: - bsc#1172704 - Change DB_CONFIG to root:ldap permissions. - bsc#1172698 (CVE-2020-8023) - local priv esc via start script chown -R on olcdbdirectory path. Remove chown -R on start to resolve. ++++ salt: - Various virt backports from 3000.2 - Added: * opensuse-3000.2-virt-backports-236.patch ------------------------------------------------------------------ ------------------ 2020-6-10 - Jun 10 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+suse.145.g8ae82192: * 95iscsi: fix missing space when compiling cmdline args (bsc#1172816) ++++ kernel-default: - scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM (bsc#1172759 ltc#184814). - commit 2cb7730 - livepatch: Disallow vmlinux.ko (bsc#1071995). - commit a7813fd - ASoC: intel: cht_bsw_max98090_ti: Add all Chromebooks that need pmc_plt_clk_0 quirk (bsc#1171246). - commit 912573f - blacklist.conf: add Add 78f57ef9d50a75326da73d352d7c27828495229a - commit 828a354 - config: arm64: enable CONFIG_IOMMU_DEFAULT_PASSTHROUGH References: bsc#1172739 - commit 3b77faf - fsnotify: Rearrange fast path to minimise overhead when there is no watcher (bsc#1158765). - sched/fair: fix nohz next idle balance (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 1b0cbfe - vt: keyboard: avoid signed integer overflow in k_ascii (CVE-2020-13974 bsc#1172775). - commit 9b0650e - remoteproc: Fix and restore the parenting hierarchy for vdev (git-fixes). - remoteproc: Fall back to using parent memory pool if no dedicated available (git-fixes). - remoteproc: Add missing '\n' in log messages (git-fixes). - remoteproc: Fix IDR initialisation in rproc_alloc() (git-fixes). - drm/i915: Whitelist context-local timestamp in the gen9 cmdparser (git-fixes). - drm/i915/gem: Avoid iterating an empty list (git-fixes). - Revert "drm/amd/display: disable dcn20 abm feature for bring up" (git-fixes). - commit 8d68d47 - fix patch metadata - fix Patch-mainline: patches.suse/fanotify-fix-ignore-mask-logic-for-events-on-child-a.patch - commit bceb814 - Revert "fs/seq_file.c: seq_read(): add info message about buggy .next functions" (bsc#1172751) The message floods dmesg and its benefit is marginal in default kernel. Delete patches.suse/fs-seq_file.c-seq_read-add-info-message-about-buggy-.patch. - commit 00aa3d5 - fanotify: fix ignore mask logic for events on child and on dir (bsc#1172719). - commit ce60cdb ------------------------------------------------------------------ ------------------ 2020-6-9 - Jun 9 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: Add c4e0f3b24004 iommu/msm: Make msm_iommu_lock static - commit fd75b72 - KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated (bsc#1171904). - KVM: x86: only do L1TF workaround on affected processors (bsc#1171904). - commit d33828d - blacklist: 55e8c8eb2c7b ("posix-cpu-timers: Store a reference to a pid not a task") This fixes a historical/theoretical bug which is not worth back porting. It depends on tglx's massive posix-cpu-timers refactoring. The risk to introduce subtle bugs do not outweigh the gain of fixing the bug. - commit fc0a1e1 - netfilter: not mark a spinlock as __read_mostly (git-fixes). - netfilter: connlabels: prefer static lock initialiser (git-fixes). - commit 2cf2f11 - CDC-ACM: heed quirk also in error handling (git-fixes). - commit a90fe00 ++++ parted: - fix support of pmemXs devices (bnc#1164260) - remove: libparted-fix-NVDIMM-partition-naming.patch - remove: libparted-linux-pmem-path.patch ++++ perl: - Fix various security issues in the study_chunk function [bnc#1171863] [CVE-2020-10543] [bnc#1171864] [CVE-2020-10878] [bnc#1171866] [CVE-2020-12723] new patch: perl-study.diff - Comment out bad warning in features.ph file [bnc#1172348] ------------------------------------------------------------------ ------------------ 2020-6-8 - Jun 8 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Merged in latest upstream. Summary: * Let initiator name be created by iscsi-init.service. * iscsi: fix fd leak * iscsi: Add break to while loop * Fix compiler complaint about string copy in iscsiuio * Fix a compiler complaint about writing one byte * Fix issue with zero-length arrays at end of struct * Add iscsi-init.service * Proper disconnect of TCP connection * Fix SIGPIPE loop in signal handler * Update iscsi-iname.c * log:modify iSCSI shared memory permissions for logs * Ignore iface.example in iface match checks * More changes for musl. * Fix type mismatch under musl. * Change include of to * iscsi-iname: fix iscsi-iname -p access NULL pointer without given IQN prefix Note that the "Add iscsi-init.service" change adds a new systemd service called "iscsi-init", that creates the iSCSI initiator name file /etc/iscsi/initiatorname.iscsi, if and only if it does not exist. This obviates the need to do this from the SPEC file, now updated. Since this was not a version-number update, in addition to modifying the SPEC file, also updates: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1152472) * context changes - commit 07b82ee - blacklist.conf: Append 'drm/amdgpu: force fbdev into vram' - commit 0516e8a - xfs: fix duplicate verification from xfs_qm_dqflush() (git-fixes). - commit 51ce4f9 - xfs: clean up the error handling in xfs_swap_extents (git-fixes). - commit 7e54c91 - PCI: brcmstb: Fix window register offset from 4 to 8 (git-fixes). - PCI: brcmstb: Assert fundamental reset on initialization (git-fixes). - commit 70db1f0 - blacklist.conf: Blacklist 3ac395a5b3f3 - commit f86499e - ima: Remove __init annotation from ima_pcrread() (git-fixes). - commit 438f005 - ima: Directly free *entry in ima_alloc_init_template() if digests is NULL (bsc#1172223). - commit 3741933 - ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init() (bsc#1172223). - commit 25930ca - Move upstreamed IMA patches into sorted section - commit 7e9708e - ima: Directly assign the ima_default_policy pointer to ima_rules (bsc#1172223) Delete obsoleted downstream fix, too: patches.suse/ima-Fix-Oops-at-boot-with-ima_template_fmt-d-boot-op.patch - commit f1f48b1 - evm: Fix a small race in init_desc() (git-fixes). - commit 391f180 - pinctrl: sprd: Fix the incorrect pull-up definition (git-fixes). - pinctrl: freescale: imx: Use 'devm_of_iomap()' to avoid a resource leak in case of error in 'imx_pinctrl_probe()' (git-fixes). - pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' (git-fixes). - pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()' (git-fixes). - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs (git-fixes). - pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210 (git-fixes). - pinctrl: ocelot: Fix GPIO interrupt decoding on Jaguar2 (git-fixes). - pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries (git-fixes). - pinctrl: stmfx: stmfx_pinconf_set doesn't require to get direction anymore (git-fixes). - rtc: rv3028: Add missed check for devm_regmap_init_i2c() (git-fixes). - rtc: mc13xxx: fix a double-unlock issue (git-fixes). - extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' (git-fixes). - w1: omap-hdq: cleanup to add missing newline for some dev_dbg (git-fixes). - fpga: dfl: afu: Corrected error handling levels (git-fixes). - habanalabs: Align protection bits configuration of all TPCs (git-fixes). - misc: fastrpc: fix potential fastrpc_invoke_ctx leak (git-fixes). - slimbus: core: Fix mismatch in of_node_get/put (git-fixes). - firmware: xilinx: Fix an error handling path in 'zynqmp_firmware_probe()' (git-fixes). - iio:chemical:pms7003: Fix timestamp alignment and prevent data leak (git-fixes). - iio:chemical:sps30: Fix timestamp alignment (git-fixes). - iio: vcnl4000: Fix i2c swapped word reading (git-fixes). - staging: sm750fb: add missing case while setting FB_VISUAL (git-fixes). - iio: pressure: bmp280: Tolerate IRQ before registering (git-fixes). - iio: buffer: Don't allow buffers without any channels enabled to be activated (git-fixes). - tty: n_gsm: Fix bogus i++ in gsm_data_kick (git-fixes). - tty: n_gsm: Fix waking up upper tty layer when room available (git-fixes). - tty: n_gsm: Fix SOF skipping (git-fixes). - USB: serial: usb_wwan: do not resubmit rx urb on fatal errors (git-fixes). - CDC-ACM: heed quirk also in error handling (git-fixes). - usb: musb: Fix runtime PM imbalance on error (git-fixes). - usb: musb: start session in resume for host port (git-fixes). - usb: gadget: fix potential double-free in m66592_probe (git-fixes). - usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check (git-fixes). - USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke (git-fixes). - usb: dwc2: gadget: move gadget resume after the core is in L0 state (git-fixes). - usb: dwc3: gadget: Properly handle failed kick_transfer (git-fixes). - usb: dwc3: gadget: Properly handle ClearFeature(halt) (git-fixes). - USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() (git-fixes). - USB: ohci-sm501: fix error return code in ohci_hcd_sm501_drv_probe() (git-fixes). - PCI: vmd: Filter resource type bits from shadow register (git-fixes). - PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths (git-fixes). - PCI: rcar: Fix incorrect programming of OB windows (git-fixes). - PCI: amlogic: meson: Don't use FAST_LINK_MODE to set up link (git-fixes). - PCI: brcmstb: Fix window register offset from 4 to 8 (git-fixes). - PCI: brcmstb: Assert fundamental reset on initialization (git-fixes). - PCI: Allow pci_resize_resource() for devices on root bus (git-fixes). - PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay (git-fixes). - PCI/PM: Call .bridge_d3() hook only if non-NULL (git-fixes). - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port (git-fixes). - PCI: Program MPS for RCiEP devices (git-fixes). - PCI: Fix pci_register_host_bridge() device_register() error handling (git-fixes). - evm: Fix possible memory leak in evm_calc_hmac_or_hash() (git-fixes). - gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration (git-fixes). - gpiolib: Document that GPIO line names are not globally unique (git-fixes). - gpio: dwapb: Append MODULE_ALIAS for platform driver (git-fixes). - vfio/mdev: Fix reference count leak in add_mdev_supported_type (git-fixes). - vfio/pci: fix memory leaks in alloc_perm_bits() (git-fixes). - HID: i2c-hid: add Schneider SCL142ALM to descriptor override (git-fixes). - mt76: mt76x02u: Add support for newer versions of the XBox One wifi adapter (git-fixes). - p54usb: add AirVasT USB stick device-id (git-fixes). - drm/edid: Add Oculus Rift S to non-desktop list (git-fixes). - i2c: altera: Fix race between xfer_msg and isr thread (git-fixes). - evm: Fix RCU list related warnings (git-fixes). - evm: Check also if *tfm is an error pointer in init_desc() (git-fixes). - drm/i915: fix port checks for MST support on gen >= 11 (git-fixes). - ASoC: intel - fix the card names (git-fixes). - commit 993a2a7 - raid5: remove gfp flags from scribble_alloc() (bsc#1166985). - commit d35a2bb - Add cherry-picked ID to the already applied pinctrl patch - commit b7b9bd6 ++++ multipath-tools: - Remove 0%{?is_opensuse} from spec file (jsc#SLE-11854) - Fix udev rule processing during coldplug (bsc#1172157) * Add patch: 11-dm-mpath.rules-Fix-udev-rule-processing-during-co.patch ++++ krb5: - Update logrotate script, call systemd to reload the services instead of init-scripts. (boo#1169357) ++++ libjpeg-turbo: - security update - added patches fix CVE-2020-13790 [bsc#1172491], heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file + libjpeg-turbo-CVE-2020-13790.patch ++++ salt: - Avoid traceback on debug logging for swarm module (bsc#1172075) - Add publish_batch to ClearFuncs exposed methods - zypperpkg: filter patterns that start with dot (bsc#1171906) - Batch mode now also correctly provides return value (bsc#1168340) - Add docker.logout to docker execution module (bsc#1165572) - Testsuite fix - Add option to enable/disable force refresh for zypper - Python3.8 compatibility changes - Prevent sporious "salt-api" stuck processes when managing SSH minions because of logging deadlock (bsc#1159284) - Avoid segfault from "salt-api" under certain conditions of heavy load managing SSH minions (bsc#1169604) - Revert broken changes to slspath made on Salt 3000 (saltstack/salt#56341) (bsc#1170104) - Returns a the list of IPs filtered by the optional network list - Added: * option-to-en-disable-force-refresh-in-zypper-215.patch * zypperpkg-filter-patterns-that-start-with-dot-243.patch * prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch * revert-changes-to-slspath-saltstack-salt-56341.patch * fix-for-return-value-ret-vs-return-in-batch-mode.patch * add-docker-logout-237.patch * add-ip-filtering-by-network.patch * make-lazyloader.__init__-call-to-_refresh_file_mappi.patch * add-publish_batch-to-clearfuncs-exposed-methods.patch * python3.8-compatibility-pr-s-235.patch * fix-a-test-and-some-variable-names-229.patch * avoid-has_docker-true-if-import-messes-with-salt.uti.patch ++++ rebootmgr: - Update to version 1.2 - depend on dbus and not network as we disabled etcd support [bsc#1172518] ------------------------------------------------------------------ ------------------ 2020-6-7 - Jun 7 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - series.conf: cleanup - update upstream references and resort: patches.suse/scsi-lpfc-Change-default-queue-allocation-for-reduce.patch patches.suse/scsi-lpfc-Fix-MDS-Diagnostic-Enablement-definition.patch patches.suse/scsi-lpfc-Fix-lpfc_nodelist-leak-when-processing-uns.patch patches.suse/scsi-lpfc-Fix-negation-of-else-clause-in-lpfc_prep_n.patch patches.suse/scsi-lpfc-Fix-noderef-and-address-space-warnings.patch patches.suse/scsi-lpfc-Maintain-atomic-consistency-of-queue_claim.patch patches.suse/scsi-lpfc-Remove-re-binding-of-nvme-rport-during-reg.patch patches.suse/scsi-lpfc-Remove-redundant-initialization-to-variabl.patch patches.suse/scsi-lpfc-Remove-unnecessary-lockdep_assert_held-cal.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.1.patch patches.suse/scsi-lpfc-remove-duplicate-unloading-checks.patch patches.suse/scsi-zfcp-Fence-adapter-status-propagation-for-commo.patch patches.suse/scsi-zfcp-Fence-early-sysfs-interfaces-for-accesses-.patch patches.suse/scsi-zfcp-Fence-fc_host-updates-during-link-down-han.patch patches.suse/scsi-zfcp-Move-allocation-of-the-shost-object-to-aft.patch patches.suse/scsi-zfcp-Move-fc_host-updates-during-xport-data-han.patch patches.suse/scsi-zfcp-Move-p-t-p-port-allocation-to-after-xport-.patch patches.suse/scsi-zfcp-Move-shost-modification-after-QDIO-re-open.patch patches.suse/scsi-zfcp-Move-shost-updates-during-xconfig-data-han.patch - commit 9ccb987 - fix patches metadata - fix Patch-mainline and drop Git-repo: patches.suse/bpf-Fix-map-permissions-check.patch patches.suse/libbpf-Fix-perf_buffer__free-API-for-sparse-allocs.patch patches.suse/selftests-bpf-CONFIG_IPV6_SEG6_BPF-required-for-test.patch patches.suse/selftests-bpf-CONFIG_LIRC-required-for-test_lirc_mod.patch patches.suse/selftests-bpf-Fix-invalid-memory-reads-in-core_relo-.patch patches.suse/selftests-bpf-Fix-memory-leak-in-extract_build_id.patch patches.suse/selftests-bpf-flow_dissector-Close-TAP-device-FD-aft.patch - commit fb39453 - xfrm: fix error in comment (git fixes (block drivers)). - virtio-blk: handle block_device_operations callbacks after hot unplug (git fixes (block drivers)). - dm verity fec: fix hash block number in verity_fec_decode (git fixes (block drivers)). - dm writecache: fix data corruption when reloading the target (git fixes (block drivers)). - commit b4c0830 ------------------------------------------------------------------ ------------------ 2020-6-6 - Jun 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: force writes to delalloc regions to unwritten (bsc#1158242). - commit 0735a16 - xfs: measure all contiguous previous extents for prealloc size (bsc#1158242). - commit 0724b42 - xfs: don't fail unwritten extent conversion on writeback due to edquot (bsc#1158242). - commit 8be9c37 ------------------------------------------------------------------ ------------------ 2020-6-5 - Jun 5 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mdraid: fix read/write bytes accounting (bsc#1172537). - commit 52b03e4 - lpfc: Fix return value in __lpfc_nvme_ls_abort (bsc#1171530). - lpfc: fix axchg pointer reference after free and double frees (bsc#1171530). - lpfc: Fix pointer checks and comments in LS receive refactoring (bsc#1171530). - commit d3a7d02 - series: update meta data The nmve/nvme-5.8 branch has been merged into mainline, that means no more rebases of these patches. Hence move them back to the sorted section. - commit 4a0d7a9 - firmware: imx: scu: Fix possible memory leak in imx_scu_probe() (git-fixes). - firmware: qcom_scm: fix bogous abuse of dma-direct internals (git-fixes). - i2c: fix missing pm_runtime_put_sync in i2c_device_probe (git-fixes). - i2c: acpi: put device when verifying client fails (git-fixes). - commit d4c4283 - blacklist.conf: 88743470668e x86/dma: Fix max PFN arithmetic overflow on 32 bit systems - commit efee432 - lpfc_debugfs: get rid of pointless access_ok() (bsc#1171530). - scsi: lpfc: Copyright updates for 12.6.0.4 patches (bsc#1171530). - scsi: lpfc: Make lpfc_defer_acc_rsp static (bsc#1171530). - scsi: lpfc: Fix incomplete NVME discovery when target (bsc#1171530). - scsi: lpfc: fix spelling mistakes of asynchronous (bsc#1171530). - scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1171530). - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func (bsc#1171530). - commit 07d03b5 - nvme: provide num dword helper (bsc#1159058). - nvme: fix possible hang when ns scanning fails during error (bsc#1159058). - nvme: prevent double free in nvme_alloc_ns() error handling (bsc#1159058). - nvme-tcp: fix possible crash in write_zeroes processing (bsc#1159058). - nvme: cleanup namespace identifier reporting in (bsc#1159058). - nvme: rename __nvme_find_ns_head to nvme_find_ns_head (bsc#1159058). - nvme: refactor nvme_identify_ns_descs error handling (bsc#1159058). - nvme-tcp: Add warning on state change failure at (bsc#1159058). - nvme-rdma: Add warning on state change failure at (bsc#1159058). - nvme: Fix controller creation races with teardown flow (bsc#1159058). - nvme: Make nvme_uninit_ctrl symmetric to nvme_init_ctrl (bsc#1159058). - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1159058). - nvme-pci: Re-order nvme_pci_free_ctrl (bsc#1159058). - nvme: Remove unused return code from nvme_delete_ctrl_sync (bsc#1159058). - nvme: release ida resources (bsc#1159058). - nvme: expose hostid via sysfs for fabrics controllers (bsc#1159058). - nvme: expose hostnqn via sysfs for fabrics controllers (bsc#1159058). - commit 377781c - soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner (git-fixes). - commit 9e8f57f - drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static (git-fixes). - soc/tegra: pmc: Select GENERIC_PINCONF (git-fixes). - soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request (git-fixes). - soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS (git-fixes). - soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data (git-fixes). - soc: qcom: rpmh: Update dirty flag only when data changes (git-fixes). - HID: intel-ish-hid: avoid bogus uninitialized-variable warning (git-fixes). - HID: sony: Fix for broken buttons on DS3 USB dongles (git-fixes). - ASoC: fix incomplete error-handling in img_i2s_in_probe (git-fixes). - ASoC: ux500: mop500: Fix some refcounted resources issues (git-fixes). - ASoC: SOF: core: fix error return code in sof_probe_continue() (git-fixes). - watchdog: imx_sc_wdt: Fix reboot on crash (git-fixes). - mfd: stmfx: Fix stmfx_irq_init error path (git-fixes). - mfd: stmfx: Reset chip on resume as supply was disabled (git-fixes). - commit cdc4c92 - Refresh and move the upstreamed relay security fix to sorted section - commit b8d4113 - kABI workaround for struct hdac_bus changes (git-fixes). - commit d370486 - Refresh patches.suse/block-floppy-fix-contended-case-in-floppy_queue_rq.patch: update upstream reference. - commit ec891fb - ALSA: es1688: Add the missed snd_card_free() (git-fixes). - ALSA: hda: add sienna_cichlid audio asic id for sienna_cichlid up (git-fixes). - ALSA: hda: Add ElkhartLake HDMI codec vid (git-fixes). - ALSA: usb-audio: Fixing usage of plain int instead of NULL (git-fixes). - ALSA: usb-audio: Clean up quirk entries with macros (git-fixes). - ALSA: hda: Fix potential race in unsol event handler (git-fixes). - ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback (git-fixes). - ALSA: usb-audio: fixing upper volume limit for RME Babyface Pro routing crosspoints (git-fixes). - ALSA: fireface: fix configuration error for nominal sampling transfer frequency (git-fixes). - ALSA: firewire-lib: fix invalid assignment to union data for directional parameter (git-fixes). - ALSA: hda/tegra: workaround playback failure on Tegra194 (git-fixes). - ALSA: hda: add member to store ratio for stripe control (git-fixes). - ALSA: hda/tegra: correct number of SDO lines for Tegra194 (git-fixes). - ALSA: hda/realtek - Fix unused variable warning w/o CONFIG_LEDS_TRIGGER_AUDIO (git-fixes). - ALSA: hda/realtek - Add LED class support for micmute LED (git-fixes). - ALSA: hda/realtek - Enable micmute LED on and HP system (git-fixes). - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO (git-fixes). - ALSA: usb-audio: Fix racy list management in output queue (git-fixes). - ALSA: usb-audio: Remove async workaround for Scarlett 2nd gen (git-fixes). - ALSA: usb-audio: Improve frames size computation (git-fixes). - ALSA: usb-audio: Fix a limit check in proc_dump_substream_formats() (git-fixes). - ALSA: usb-audio: Print more information in stream proc files (git-fixes). - ALSA: usb-audio: RME Babyface Pro mixer patch (git-fixes). - commit 4609c7f - fix patch metadata - fix Patch-mainline tag: patches.suse/nfs-add-minor-version-to-nfs_server_key-for-fscache.patch - commit 5fe8ee1 - Update upstream reference: patches.suse/mm-fix-mremap-not-considering-huge-pmd-devmap.patch - commit a7fb6a0 - selftests/bpf: CONFIG_LIRC required for test_lirc_mode2.sh (bsc#1155518). - selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o (bsc#1155518). - selftests/bpf: Fix invalid memory reads in core_relo selftest (bsc#1155518). - commit 433235c - selftests/bpf, flow_dissector: Close TAP device FD after the test (bsc#1155518). - bpf: Fix map permissions check (bsc#1155518). - libbpf: Fix perf_buffer__free() API for sparse allocs (bsc#1155518). - selftests/bpf: Fix memory leak in extract_build_id() (bsc#1155518). - commit 1e6959e - Refresh patches.suse/selftests-bpf-Validate-frozen-map-contents-stays-fro.patch. - commit a23c87d ++++ libeconf: - Update to version 0.3.7+git20200605.c67ef9a: * Fix build on i586 ++++ microos-tools: - Update to version 2.1 - Provide support to use tmpfs for /tmp ++++ suse-module-tools: - Reverted back to tar_scm source service to fix Ring0 build in Leap ++++ yast2: - Improve actions to stop and start a system service. - Related to bsc#1162514. - 4.2.84 ------------------------------------------------------------------ ------------------ 2020-6-4 - Jun 4 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+suse.144.ge0eaf296: * Add wicked specific config files (bsc#1089333) ++++ kernel-default: - xfs: preserve default grace interval during quotacheck (bsc#1172170). - commit 6ac0d79 - xfs: don't commit sunit/swidth updates to disk if that would cause repair failures (bsc#1172169). - commit 428ff5a - xfs: split the sunit parameter update into two parts (bsc#1172169). - commit ae3fe8d - xfs: refactor agfl length computation function (bsc#1172169). - commit 59f4128 - bfq: Use only idle IO periods for think time calculations (bsc#1171513). - bfq: Use 'ttime' local variable (bsc#1171513). - commit e237c2f - x86: Fix early boot crash on gcc-10, third try (bsc#1152489). - commit 4156a32 - media: go7007: fix a miss of snd_card_free (CVE-2019-20810 bsc#1172458). - commit af15264 - EDAC/amd64: Add PCI device IDs for family 17h, model 70h (bsc#1165975). - Refresh patches.suse/edac-amd64-add-family-ops-for-family-19h-models-00h-0fh.patch. - commit 7847579 - bfq: Avoid false bfq queue merging (bsc#1171513). - commit 5742c15 - nvme-fc: print proper nvme-fc devloss_tmo value (bsc#1172391). - commit 3186404 - media: staging: ipu3-imgu: Move alignment attribute to field (git-fixes). - media: Revert "staging: imgu: Address a compiler warning on alignment" (git-fixes). - media: staging: ipu3: Fix stale list entries on parameter queue failure (git-fixes). - media: platform: fcp: Set appropriate DMA parameters (git-fixes). - media: dvb: return -EREMOTEIO on i2c transfer failure (git-fixes). - Bluetooth: btmtkuart: Improve exception handling in btmtuart_probe() (git-fixes). - ath10k: Remove ath10k_qmi_register_service_notifier() declaration (git-fixes). - wcn36xx: Fix error handling path in 'wcn36xx_probe()' (git-fixes). - ath10k: Skip handling del_server during driver exit (git-fixes). - mwifiex: Fix memory corruption in dump_station (git-fixes). - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() (git-fixes). - iwlwifi: avoid debug max amsdu config overwriting itself (git-fixes). - ath9k_htc: Silence undersized packet warnings (git-fixes). - ath10k: remove the max_sched_scan_reqs value (git-fixes). - libertas_tf: avoid a null dereference in pointer priv (git-fixes). - mwifiex: avoid -Wstringop-overflow warning (git-fixes). - rtw88: fix an issue about leak system resources (git-fixes). - b43legacy: Fix case where channel status is corrupted (git-fixes). - brcmfmac: fix wrong location to get firmware feature (git-fixes). - Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes). - clocksource: dw_apb_timer_of: Fix missing clockevent timers (git-fixes). - spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode (git-fixes). - commit 4b38228 ++++ libeconf: - Update to version 0.3.6+git20200529.276359f: * Package meson files with autotools * Use newer version of actions/checkout * Add actions for meson * Create meson.yml * Use meson source root for tests configuration files * Add additional compiler warnings * First useable meson build support including unit tests * Add global options, build with pie and GNU_SOURCE * Fix name of library, add example binary * add support for meson * Add C++ compatibility * Add test case for crash with empty value keys ++++ gnutls: - GNUTLS-SA-2020-06-03 (Fixed insecure session ticket key construction) The TLS server would not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777) * add patches: + gnutls-CVE-2020-13777.patch - Fixed handling of certificate chain with cross-signed intermediate CA certificates (#1008). (bsc#1172461) * add patches: + 0001-_gnutls_verify_crt_status-apply-algorithm-checks-to-.patch + 0002-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch + 0003-x509-trigger-fallback-verification-path-when-cert-is.patch + 0004-tests-add-test-case-for-certificate-chain-supersedin.patch ++++ libsemanage: - Drop suse_path.patch: replace it with a grep/sed logic replacing /usr/libexec in all files with the correct value for all distros (taking into account that openSUSE is in progress of migrating from /usr/lib to /usr/libexec). ++++ systemd: - no longer explicitly package setgid directory /var/log/journal (bsc#1172550). The bit will be set during %post by way of the systemd-tmpfiles invocation. This avoids a conflict with the permissions package and an rpmlint error popping up. ++++ libzypp: - Revert "Enable zchunk on SLE-15-SP2". - version 17.23.6 (22) ++++ makedumpfile: - makedumpfile-sadump-Fix-failure-of-reading.patch: sadump: Fix failure of reading __per_cpu_load memory (bsc#1168798). ++++ policycoreutils: - Pass the right value for LIBEXECDIR to make / make install instead of trying to move the file around post install. This caters for the planned change of libexecdir to change from /usr/lib to /usr/libexec by injecting the right value no matter what. ------------------------------------------------------------------ ------------------ 2020-6-3 - Jun 3 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+suse.143.g368f585a: * modules.d: fix udev rules detection of multipath devices (bsc#1171370) - Update to version 049.1+suse.142.gf8776da4: * Run format_spec_file ++++ kernel-default: - nfs: add minor version to nfs_server_key for fscache (bsc#1172467). - commit b589a40 - Update patch reference of a net security fix (CVE-2019-20812 bsc#1172453) - commit c181788 - objtool: Ignore empty alternatives (bsc#1169514). - commit 117af93 - objtool: Clean instruction state before each function validation (bsc#1169514). - commit 7737495 - mm: Fix mremap not considering huge pmd devmap (bsc#1172317, CVE-2020-10757). - commit 43819f6 - Delete patches.suse/seltests-powerpc-Add-a-selftest-for-memcpy_mcsafe.patch (bsc#1171699). This patch adds a symlink which cannot be handled by quilt. - commit 6407cc2 - relay: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462 bsc#1158265). - commit 47f5251 - Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) Upstream changed the partition usage counter check back and forth and ended up reverting all changes. Let's drop our the partial backport. (cherry picked from commit 70ad1b2fa5955d91e1a09a8027daf210e28fee30) - Drop a couple of block layer git-fixes Upstream changed the partition usage counter check back and forth and ended up reverting all changes. Let's drop our the partial backport. - commit e674b5a - series: Update meta data lfpc commits have been merged into the jejb tree. - commit 557015d - platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type (git-fixes). - commit 19f981c - drm/mcde: dsi: Fix return value check in mcde_dsi_bind() (git-fixes). - video: fbdev: w100fb: Fix a potential double free (git-fixes). - drm/dp_mst: Reformat drm_dp_check_act_status() a bit (git-fixes). - agp/intel: Reinforce the barrier after GTT updates (git-fixes). - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() (git-fixes). - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() (git-fixes). - PM: runtime: clk: Fix clk_pm_runtime_get() error path (git-fixes). - platform/x86: dell-laptop: don't register micmute LED if there is no token (git-fixes). - platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types (git-fixes). - platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there (git-fixes). - platform/x86: intel-vbtn: Split keymap into buttons and switches parts (git-fixes). - platform/x86: intel-vbtn: Use acpi_evaluate_integer() (git-fixes). - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning (git-fixes). - mmc: sdhci-esdhc-imx: fix the mask for tuning start point (git-fixes). - mmc: mmci_sdmmc: fix DMA API warning overlapping mappings (git-fixes). - mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe() (git-fixes). - mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error (git-fixes). - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() (git-fixes). - mmc: core: Use DEFINE_DEBUGFS_ATTRIBUTE instead of DEFINE_SIMPLE_ATTRIBUTE (git-fixes). - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe() (git-fixes). - Input: i8042 - add ThinkPad S230u to i8042 reset list (git-fixes). - Input: xpad - add custom init packet for Xbox One S controllers (git-fixes). - Input: evdev - call input_flush_device() on release(), not flush() (git-fixes). - Input: usbtouchscreen - add support for BonXeon TP (git-fixes). - clk: ti: am33xx: fix RTC clock parent (git-fixes). - usb: gadget: legacy: fix redundant initialization warnings (git-fixes). - usb: dwc3: pci: Enable extcon driver for Intel Merrifield (git-fixes). - drm/amd/powerplay: perform PG ungate prior to CG ungate (git-fixes). - gpio: tegra: mask GPIO IRQs during IRQ shutdown (git-fixes). - commit 28d8ae3 - fdt: Update CRC check for rng-seed (jsc#SLE-12424). - commit 4204d16 - btrfs: reloc: clear DEAD_RELOC_TREE bit for orphan roots to prevent runaway balance (bsc#1171417 bsc#1160947 bsc#1172366). - commit af6e7de - btrfs: reloc: fix reloc root leak and NULL pointer dereference (bsc#1171417 bsc#1160947 bsc#1172366). - commit 96f60c2 - nfsd: always check return value of find_any_file (bsc#1172208). - commit 2c210bd ++++ libcontainers-common: - Update to image 5.4.4 - Remove registries.conf VERSION 2 references from man page - Intial authfile man page - Add $HOME/.config/containers/certs.d to perHostCertDirPath - Add $HOME/.config/containers/registries.conf to config path - registries.conf.d: add stances for the registries.conf - update to libpod 1.9.3 - userns: support --userns=auto - Switch to using --time as opposed to --timeout to better match Docker - Add support for specifying CNI networks in podman play kube - man pages: fix inconsistencies - Update to storage 1.19.1 - userns: add support for auto - store: change the default user to containers - config: honor XDG_CONFIG_HOME - Remove the /var/lib/ca-certificates/pem/SUSE.pem workaround again. It never ended up in SLES and a different way to fix the underlying problem is being worked on. ++++ libvirt: - libxl: Normalize MAC address in device conf on netdev hotplug ec07aad8-libxl-normalize-mac-addr.patch bsc#1172052 ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#127 - use correct target name on aarch64 (bsc#1172293) - 0.928 ------------------------------------------------------------------ ------------------ 2020-6-2 - Jun 2 2020 ------------------- ------------------------------------------------------------------ ++++ cracklib: - Update to version 2.9.7: + fix a buffer overflow processing long words. - Drop 0003-overflow-processing-gecos.patch and 0004-overflow-processing-long-words.patch: fixed upstream. - Update source URI. - Remove use of translation-update-upstream. It cannot be added to ring 0 on leap, and 2.9.7 has some translation fixes (bsc#1172396). ++++ dracut: - Update to version 049.1+suse.141.g7563c620: * network-legacy/net-genrules.sh: use $name instead of $env{INTERFACE} (bsc#1161438) * 35network-legacy: call initqueue/online for DHCP, too (boo#1161438) * 90nvdimm: include nvdimm keys in initrd (bsc#1161343) ++++ kernel-default: - fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732 bsc#1171220). - commit b52f45b - iwlwifi: pcie: handle QuZ configs with killer NICs as well (bsc#1172374). - commit 21f33d7 - crypto: stm32/crc32 - fix multi-instance (git-fixes). - crypto: stm32/crc32 - fix run-time self test issue (git-fixes). - crypto: stm32/crc32 - fix ext4 chksum BUG_ON() (git-fixes). - crypto: drbg - fix error return code in drbg_alloc_state() (git-fixes). - crypto: ccp -- don't "select" CONFIG_DMADEVICES (git-fixes). - crypto: algapi - Avoid spurious modprobe on LOADED (git-fixes). - spi: dw: Add SPI Rx-done wait method to DMA-based transfer (git-fixes). - spi: dw: Add SPI Tx-done wait method to DMA-based transfer (git-fixes). - spi: dw: Fix native CS being unset (git-fixes). - spi: dw: Zero DMA Tx and Rx configurations on stack (git-fixes). - spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices (git-fixes). - spi: pxa2xx: Fix runtime PM ref imbalance on probe error (git-fixes). - spi: pxa2xx: Fix controller unregister order (git-fixes). - spi: dw: Fix controller unregister order (git-fixes). - spi: bcm2835aux: Fix controller unregister order (git-fixes). - spi: bcm2835: Fix controller unregister order (git-fixes). - spi: Fix controller unregister order (git-fixes). - spi: bcm-qspi: when tx/rx buffer is NULL set to 0 (git-fixes). - spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource (git-fixes). - NFC: st21nfca: add missed kfree_skb() in an error path (git-fixes). - crypto: chelsio/chtls: properly set tp->lsndtime (git-fixes). - ieee80211: Fix incorrect mask for default PE duration (git-fixes). - mac80211: mesh: fix discovery timer re-arming issue / crash (git-fixes). - gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe() (git-fixes). - gpio: pxa: Fix return value of pxa_gpio_probe() (git-fixes). - gpio: exar: Fix bad handling for ida_simple_get error path (git-fixes). - commit c5d8ee8 - spi: spi-fsl-dspi: Replace interruptible wait queue with a simple completion (git-fixes). - commit eb6dfdf - kabi: ppc64le: prevent struct dma_map_ops to become defined (jsc#SLE-12424). - commit ca74359 - iommu: Fix reference count leak in iommu_group_alloc (bsc#1172394). - iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system (bsc#1172393). - commit 7cd78b9 - net: bcmgenet: correct per TX/RX ring statistics (networking-stable-20_04_27). - net/x25: Fix x25_neigh refcnt leak when receiving frame (networking-stable-20_04_27). - cxgb4: fix adapter crash due to wrong MC size (networking-stable-20_04_27). - vxlan: use the correct nlattr array in NL_SET_ERR_MSG_ATTR (networking-stable-20_04_27). - mlxsw: Fix some IS_ERR() vs NULL bugs (networking-stable-20_04_27). - ipv4: Update fib_select_default to handle nexthop objects (networking-stable-20_04_27). - vrf: Fix IPv6 with qdisc and xfrm (networking-stable-20_04_27). - sched: etf: do not assume all sockets are full blown (networking-stable-20_04_27). - net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL (networking-stable-20_04_27). - net: dsa: b53: Rework ARL bin logic (networking-stable-20_04_27). - net: dsa: b53: Fix ARL register definitions (networking-stable-20_04_27). - net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled (networking-stable-20_04_27). - vrf: Check skb for XFRM_TRANSFORMED flag (networking-stable-20_04_27). - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish (networking-stable-20_04_27). - team: fix hang in team_mode_get() (networking-stable-20_04_27). - cxgb4: fix large delays in PTP synchronization (networking-stable-20_04_27). - net: openvswitch: ovs_ct_exit to be done under ovs_lock (networking-stable-20_04_27). - tcp: cache line align MAX_TCP_HEADER (networking-stable-20_04_27). - net/mlx4_en: avoid indirect call in TX completion (networking-stable-20_04_27). - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node (networking-stable-20_04_27). - commit 5938694 - spi: fsl: use platform_get_irq() instead of of_irq_to_resource() (git-fixes). - commit bd042e3 - amd-xgbe: Use __napi_schedule() in BH context (networking-stable-20_04_17). - net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode (networking-stable-20_04_17). - net: tun: record RX queue in skb before do_xdp_generic() (networking-stable-20_04_17). - net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin (networking-stable-20_04_17). - net: qrtr: send msgs from local of same id as broadcast (networking-stable-20_04_17). - net/mlx5e: Fix pfnum in devlink port attribute (networking-stable-20_04_17). - net/mlx5e: Add missing release firmware call (networking-stable-20_04_17). - net/mlx5: Fix frequent ioread PCI access during recovery (networking-stable-20_04_17). - l2tp: Allow management of tunnels and session in user namespace (networking-stable-20_04_17). - hsr: check protocol version in hsr_newlink() (networking-stable-20_04_17). - net: revert default NAPI poll timeout to 2 jiffies (networking-stable-20_04_17). - net: ipv6: do not consider routes via gateways for anycast address check (networking-stable-20_04_17). - commit 1727243 - supported.conf: Mark two hwtracing helper modules as externally supported (bsc#1170879) - commit 504def2 - net: mvpp2: Enable autoneg bypass for 1000BaseX/2500BaseX ports (bsc#1162209). - commit 7789c1f - kabi fix for sunrpc-clean-up-properly-in-gss_mech_unregister (bsc#1171219, CVE-2020-12656). - sunrpc: clean up properly in gss_mech_unregister() (bsc#1171219, CVE-2020-12656). - sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations (bsc#1171219, CVE-2020-12656). - commit 6de429c ++++ util-linux: - blockdev: Do not fail --report on kpartx-style partitions on multipath (bsc#1168235, util-linux-blockdev-report-dm.patch). ++++ mozilla-nss: - update to NSS 3.53 Notable changes: * When using the Makefiles, NSS can be built in parallel, speeding up those builds to more similar performance as the build.sh/ninja/gyp system. (bmo#290526) * SEED is now moved into a new freebl directory freebl/deprecated (Bug 1636389). SEED will be disabled by default in a future release of NSS. At that time, users will need to set the compile-time flag (bmo#1622033) to disable that deprecation in order to use the algorithm. Algorithms marked as deprecated will ultimately be removed. * Several root certificates in the Mozilla program now set the CKA_NSS_SERVER_DISTRUST_AFTER attribute, which NSS consumers can query to further refine trust decisions. (bmo#1618404, bmo#1621159) If a builtin certificate has a CKA_NSS_SERVER_DISTRUST_AFTER timestamp before the SCT or NotBefore date of a certificate that builtin issued, then clients can elect not to trust it. This attribute provides a more graceful phase-out for certificate authorities than complete removal from the root certificate builtin store. Bugs fixed * Initialize PBE params (ASAN fix) (bmo#1640260) * Set CKA_NSS_SERVER_DISTRUST_AFTER for Symantec root certs (bmo#1618404) * Set CKA_NSS_SERVER_DISTRUST_AFTER for Consorci AOC, GRCA, and SK ID root certs (bmo#1621159) * PPC64: Correct compilation error between VMX vs. VSX vector instructions (bmo#1629414) * Fix various compile warnings in NSS (bmo#1639033) * Fix a null pointer in security/nss/lib/ssl/sslencode.c:67 (bmo#1640041) * Fix a null pointer in security/nss/lib/ssl/sslsock.c:4460 (bmo#1640042) * Avoid multiple definitions of SHA{256,384,512}_* symbols when linking libfreeblpriv3.so in Firefox on ppc64le (bmo#1638289) * Relocate deprecated SEED algorithm (bmo#1636389) * lib/ckfw: No such file or directory. Stop. (bmo#1637083) * Additional modular inverse test (bmo#1561331) * Rework and cleanup gmake builds (bmo#1629553) * Remove mkdepend and "depend" make target (bmo#1438431) * Support parallel building of NSS when using the Makefiles (bmo#290526) * HACL* update after changes in libintvector.h (bmo#1636206) * Fix building NSS on Debian s390x, mips64el, and riscv64 (bmo#1636058) * Add option to build without SEED (bmo#1622033) - Remove upstreamed patches nss-kremlin-ppc64le.patch and nss-unit-test-fixes.patch ++++ permissions: - Update to version 20181224: * profiles: add entries for enlightenment (bsc#1171686) ++++ selinux-policy: - Added module for wicked - New patches: * fix_authlogin.patch * fix_screen.patch * fix_unprivuser.patch * fix_rpm.patch * fix_apache.patch ++++ u-boot-rpiarm64: - Fix RAM discovery for 8GB devices (bsc#1172283) Patch queue updated from git://github.com/openSUSE/u-boot.git sle15-sp2 * Patches added: 0033-configs-rpi-set-NR_DRAM_BANKS-to-fo.patch ++++ util-linux-systemd: - blockdev: Do not fail --report on kpartx-style partitions on multipath (bsc#1168235, util-linux-blockdev-report-dm.patch). ------------------------------------------------------------------ ------------------ 2020-6-1 - Jun 1 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751 bsc#1171189). - commit 7f84ce6 - spi: spi-fsl-dspi: Don't access reserved fields in SPI_MCR (git-fixes). - pwm: sun4i: Move pwm_calculate() out of spin_lock() (git-fixes). - spi: fsl: don't map irq during probe (git-fixes). - spi: spi-fsl-dspi: Change usage pattern of SPI_MCR_* and SPI_CTAR_* macros (git-fixes). - commit b10c30b - blacklist.conf: Blacklist 671ffde1752f - commit 5cf09f7 - netlabel: cope with NULL catmap (CVE-2020-10711 bsc#1171191). - commit 5e0d442 - fix patch metadata - fix Patch-mainline tag: patches.suse/btrfs-fix-log-context-list-corruption-after-rename-w.patch - commit e2decaa - blacklist.conf: Blacklist 37b410018064 - commit e4b5a91 - blacklist.conf: Blacklist 34719de919af - commit b0e5046 - btrfs: fix partial loss of prealloc extent past i_size after fsync (bsc#1172343). - commit 54a1118 - btrfs: fix log context list corruption after rename whiteout error (bsc#1172342). - commit 4fb9cbe - drivers/net/ibmvnic: Update VNIC protocol version reporting (bsc#1065729). - commit 141c495 - powerpc/bpf: Enable bpf_probe_read{, str}() on powerpc again (bsc#1172344). - Update config files. - commit 4d25196 - bpf: Restrict bpf_probe_read{, str}() only to archs where they work (bsc#1172344). - Update config files. - commit e0c0f64 ------------------------------------------------------------------ ------------------ 2020-5-31 - May 31 2020 ------------------- ------------------------------------------------------------------ ++++ icu: - Add the provides for libicu to Make .Net core can install successfully. (bsc#1167603, bsc#1161007) ------------------------------------------------------------------ ------------------ 2020-5-30 - May 30 2020 ------------------- ------------------------------------------------------------------ ++++ fontconfig: - fontconfig-devel-32bit needs to require fontconfig-32bit, needed for Wine development (bsc#1172301) ++++ kernel-default: - soc: mediatek: cmdq: return send msg error code (git-fixes). - mmc: block: Fix use-after-free issue for rpmb (git-fixes). - gpu/drm: Ingenic: Fix opaque pointer casted to wrong type (git-fixes). - drm/amd/display: drop cursor position check in atomic test (git-fixes). - commit a495b53 - Move an upstreamed sound patch into sorted section - commit 423c7d0 - ALSA: hda/realtek - Add new codec supported for ALC287 (git-fixes). - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio (git-fixes). - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC (git-fixes). - ALSA: hwdep: fix a left shifting 1 by 31 UB bug (git-fixes). - commit eb6c2db ------------------------------------------------------------------ ------------------ 2020-5-29 - May 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/mm/cpa: Flush direct map alias during cpa (bsc#1152489). - commit 9b8006c - blacklist.conf: Add arch/x86/um to the blacklist - commit afdd481 - ima: Fix Oops at boot with ima_template_fmt=d boot option (bsc#1172223). - commit f5ff35f - Input: synaptics-rmi4 - really fix attn_data use-after-free (git-fixes). - Input: dlink-dir685-touchkeys - fix a typo in driver name (git-fixes). - commit 80c7b8b ++++ libsemanage: - Apply suse_path.patch only for older distributions. Newer use libexec ++++ systemd: - Fix build when resolved is disabled While at it sort the build conditionals. ++++ policycoreutils: - Move pp binary to libexec directory instead of lib ++++ vim: - Add restrict-shell-commands.patch to disable using interfaces in restricted mode, fixes bsc#1172225 CVE-2019-20807 ------------------------------------------------------------------ ------------------ 2020-5-28 - May 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - misc: rtsx: Add short delay after exit from ASPM (git-fixes). - mei: release me_cl object reference (git-fixes). - iio: adc: stm32-dfsdm: fix device used to request dma (git-fixes). - iio: adc: stm32-adc: fix device used to request dma (git-fixes). - drm/etnaviv: fix perfmon domain interation (git-fixes). - component: Silence bind error on -EPROBE_DEFER (git-fixes). - USB: core: Fix misleading driver bug report (git-fixes). - drm/amd/display: Prevent dpcd reads with passive dongles (git-fixes). - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA (git-fixes). - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock (git-fixes). - HID: i2c-hid: reset Synaptics SYNA2393 on resume (git-fixes). - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead (git-fixes). - HID: alps: Add AUI1657 device ID (git-fixes). - HID: multitouch: add eGalaxTouch P80H84 support (git-fixes). - i2c: dev: Fix the race between the release of i2c_dev and cdev (git-fixes). - iio: adc: stm32-adc: Use dma_request_chan() instead dma_request_slave_channel() (git-fixes). - iio: adc: stm32-dfsdm: Use dma_request_chan() instead dma_request_slave_channel() (git-fixes). - commit 44aca06 ++++ libsolv: - Enable zstd compression support for sle15-sp2 ++++ systemd: - Import commit a6d31d1a02c2718a064bbbc40d003668acf72769 bb6e2f7906 pid1: update manager settings on reload too (bsc#1163109) e9e8907b06 watchdog: reduce watchdog pings in timeout interval 385a8f9846 udev: rename the persistent link for ATA devices (bsc#1164538) 66018a12ae tmpfiles: remove unnecessary assert (bsc#1171145) ++++ permissions: - whitelist texlive public binary (bsc#1171686) ++++ python-M2Crypto: - Add python3-M2crypto to LTSS channels, to allow using salt even when the Server Applications Module is not used (bsc#1172226) ++++ suse-module-tools: - Update to version 15.2.11: * spec: remove SLE/openSUSE difference in allow_unsupported_modules (jsc#SLE-12255) * spec: use same fs_blacklist on SLE and openSUSE (jsc#SLE-12255, jsc#SLE-3926) * spec: use br_netfilter softdep only for SLE12 (jsc#SLE-12255, bsc#1166531, boo#1158817, bsc#937216) ------------------------------------------------------------------ ------------------ 2020-5-27 - May 27 2020 ------------------- ------------------------------------------------------------------ ++++ chrony: - Use iburst in the default pool statements to speed up initial synchronisation (bsc#1172113). ++++ conmon: - Update to v2.0.17 - Add option to delay execution of exit command ++++ lvm2-device-mapper: - removing LVM cache with cache volume does not remove the cache volume (bsc#1171907) + bug-1171907-lvremove-remove-attached-cachevol-with-removed-LV.patch ++++ kernel-default: - x86/speculation: Add SRBDS vulnerability and mitigation documentation (bsc#1154824 CVE-2020-0543). - commit 6bcc04c - Refresh patches.suse/cpufreq-tegra186-add-CPUFREQ_NEED_INITIAL_FREQ_CHECK.patch. - commit 819998f - x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (bsc#1154824 CVE-2020-0543). - commit a4ac28e - PCI: mobiveil: ls_pcie_g4: fix SError when accessing config space (bsc#1161495). - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011451 (bsc#1161495). - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011577 (bsc#1161495). - PCI: mobiveil: Fix unmet dependency warning for PCIE_MOBIVEIL_PLAT (bsc#1161495). - PCI: mobiveil: Fix sparse different address space warnings (bsc#1161495). - PCI: mobiveil: Add PCIe Gen4 RC driver for Layerscape SoCs (bsc#1161495). - PCI: mobiveil: Add Header Type field check (bsc#1161495). - PCI: mobiveil: Add 8-bit and 16-bit CSR register accessors (bsc#1161495). - PCI: mobiveil: Allow mobiveil_host_init() to be used to re-init host (bsc#1161495). - PCI: mobiveil: Add callback function for link up check (bsc#1161495). - PCI: mobiveil: Add callback function for interrupt initialization (bsc#1161495). - PCI: mobiveil: Modularize the Mobiveil PCIe Host Bridge IP driver (bsc#1161495). - PCI: mobiveil: Collect the interrupt related operations into a function (bsc#1161495). - PCI: mobiveil: Move the host initialization into a function (bsc#1161495). - PCI: mobiveil: Introduce a new structure mobiveil_root_port (bsc#1161495). - commit 84a8a95 - pcie: mobiveil: remove patchset v9 Prepare to backport upstream version. - commit 00b589d - x86/cpu: Add 'table' argument to cpu_matches() (bsc#1154824 CVE-2020-0543). - commit a0bbf3d - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: remove duplicate unloading checks (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). Remove hunk in patches.suse/lpfc-Refactor-Send-LS-Response-support.patch which is in patches.suse/scsi-lpfc-remove-duplicate-unloading-checks.patch - scsi: lpfc: Remove redundant initialization to variable rc (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.8.0.1 (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix MDS Diagnostic Enablement definition (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix noderef and address space warnings (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Remove unnecessary lockdep_assert_held calls (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Change default queue allocation for reduced memory consumption (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Remove re-binding of nvme rport during registration (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Maintain atomic consistency of queue_claimed flag (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - commit 575ae7a - series.conf: cleanup - update upstream reference and resort: patches.suse/s390-kexec_file-fix-initrd-location-for-kdump-kernel.patch - update upstream reference and move into sorted section: patches.suse/x86-microcode-amd-increase-microcode-patch_max_size.patch - move into sorted section: patches.suse/signal-avoid-double-atomic-counter-increments-for-user-accounting.patch No effect on expanded tree. - commit 571cf9a - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/cifs-add-SMB2_open-arg-to-return-POSIX-data.patch patches.suse/cifs-add-smb2-POSIX-info-level.patch patches.suse/cifs-call-wake_up-server-response_q-inside-of-cifs_r.patch patches.suse/cifs-do-d_move-in-rename.patch patches.suse/cifs-do-not-ignore-the-SYNC-flags-in-getattr.patch patches.suse/cifs-handle-prefix-paths-in-reconnect.patch patches.suse/cifs-make-use-of-cap_unix-ses-in-cifs_reconnect_tcon.patch patches.suse/cifs-plumb-smb2-POSIX-dir-enumeration.patch patches.suse/cifs-potential-unintitliazed-error-code-in-cifs_geta.patch patches.suse/cifs-rename-posix-create-rsp.patch patches.suse/cifs-use-mod_delayed_work-for-server-reconnect-if-al.patch patches.suse/smb3-fix-performance-regression-with-setting-mtime.patch - update to mainline version, rename and move into sorted section: patches.suse/cifs-print-warning-once-if-mounting-with-vers-1.0.patch -> patches.suse/cifs-print-warning-mounting-with-vers-1-0.patch No relevant effect on expanded tree: diff -urN old/fs/cifs/connect.c new/fs/cifs/connect.c - -- old/fs/cifs/connect.c 2020-05-27 11:46:54.090968292 +0200 +++ new/fs/cifs/connect.c 2020-05-27 11:46:54.990971522 +0200 @@ -1466,8 +1466,8 @@ cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); return 1; } - printk_once(KERN_WARNING "Use of the less secure dialect " - "vers=1.0 is not recommended unless required for " + cifs_dbg(VFS, "Use of the less secure dialect vers=1.0 " + "is not recommended unless required for " "access to very old servers\n"); vol->ops = &smb1_operations; vol->vals = &smb1_values; diff -urN old/fs/cifs/smb2ops.c new/fs/cifs/smb2ops.c - -- old/fs/cifs/smb2ops.c 2020-05-27 11:46:54.074968234 +0200 +++ new/fs/cifs/smb2ops.c 2020-05-27 11:46:54.974971463 +0200 @@ -3020,7 +3020,7 @@ oparms.fid = &fid; oparms.reconnect = false; - rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL,NULL, NULL, + rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL, NULL, NULL); kfree(utf16_path); if (!rc) { - - - commit f7dacbf ++++ lvm2: - removing LVM cache with cache volume does not remove the cache volume (bsc#1171907) + bug-1171907-lvremove-remove-attached-cachevol-with-removed-LV.patch ++++ libsolv: - Support blacklisted packages in solver_findproblemrule() [bnc#1172135] - Support rules with multiple negative literals in choice rule generation - bump version to 0.7.14 ++++ libxml2: - Fix invalid xmlns references since the fix for CVE-2019-19956 [bsc#1172021] - Remove libxml2-CVE-2019-19956.patch ++++ libzypp: - Enable zchunk on SLE-15-SP2. - Older kernel-devel packages are not properly purged (bsc#1171224) - doc: enhance service plugin example. - version 17.23.5 (22) ------------------------------------------------------------------ ------------------ 2020-5-26 - May 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh patches.suse/block-floppy-fix-contended-case-in-floppy_queue_rq.patch: update upstream references (submitted -> applied). - commit fce9354 - block/floppy: fix contended case in floppy_queue_rq() (bsc#1171426). - commit 18ed9ad - tty: serial: add missing spin_lock_init for SiFive serial console (git-fixes). - vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (git-fixes). - vfio: avoid possible overflow in vfio_iommu_type1_pin_pages (git-fixes). - vfio: Ignore -ENODEV when getting MSI cookie (git-fixes). - commit 250c72c - Add a GIT commit ID of already cherry-picked x86/platform patch - commit 6c1b791 - ax25: fix setsockopt(SO_BINDTODEVICE) (git-fixes). - dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' (git-fixes). - dmaengine: dmatest: Restore default for channel (git-fixes). - dmaengine: owl: Use correct lock in owl_dma_get_pchan() (git-fixes). - mtd: Fix mtd not registered due to nvmem name collision (git-fixes). - mtd: spinand: Propagate ECC information to the MTD structure (git-fixes). - ARM: oxnas: make ox820_boot_secondary static (git-fixes). - commit eaf4ceb - ACPICA: Fixes for acpiExec namespace init file (git-fixes). - commit 36c0ce1 - powerpc/64s/kuap: Restore AMR in system reset exception (bsc#1156395). - powerpc/kuap: PPC_KUAP_DEBUG should depend on PPC_KUAP (bsc#1156395). - commit bba3032 - powerpc/setup_64: Set cache-line-size based on cache-block-size (bsc#1065729). - commit 2697326 - blacklist.conf: Add 9d82973e032e gcc-10 warnings: fix low-hanging fruit - commit d3df11a - scripts/decodecode: fix trapping instruction formatting (bsc#1065729). - commit b83c354 - tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send() (bsc#1065729). - commit a0d3d55 - rpm/kernel-source.spec.in: Add obsolete_rebuilds (boo#1172073). - commit 6524463 - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready (bsc#1172095). - commit 96ce1d2 - vsprintf: don't obfuscate NULL and error pointers (bsc#1172086). - commit f35dca1 - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround (bsc#1172017). - commit c7e1c2b - kabi/severities: Ingnore get_dev_data() The function is internal to the AMD IOMMU driver and must not be called by any third party. - commit b897173 ++++ mozilla-nss: - update to NSS 3.52.1 Notable changes * Update NSS to support PKCS#11 v3.0 (bmo#1603628) * Support new PKCS #11 v3.0 Message Interface for AES-GCM and ChaChaPoly (bmo#1623374) * Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL* (bmo#1612493) * CVE-2020-12399 - Force a fixed length for DSA exponentiation (bmo#1631576, bsc#1171978) - Set NSS_ENABLE_WERROR=0 in order to fix boo#1169746. - update to NSS 3.52: * Update NSS to support PKCS #11 v3.0. (bmo#1603628) Note: This change modifies the CK_GCM_PARAMS struct to include the ulIvBits field which, prior to PKCS #11 v3.0, was ambiguously defined and not included in the NSS definition. If an application is recompiled with NSS 3.52+, this field must be initialized to a value corresponding to ulIvLen. Alternatively, defining NSS_PKCS11_2_0_COMPAT will yield the old definition. See the bug for more information. * Support new PKCS #11 v3.0 Message Interface for AES-GCM and ChaChaPoly (bmo#1623374). * Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL* (bmo#1612493). * Fix unused variable 'getauxval' error on iOS compilation. (bmo#1633498) * Add Softoken functions for FIPS. (bmo#1630721) * Fix problem of GYP MSVC builds not producing debug symbol files. (bmo#1630458) * Add IKEv1 Quick Mode KDF. (bmo#1629663) * MPConfig calls in SSL initialize policy before NSS is initialized. (bmo#1629661) * Support temporary session objects in ckfw. (bmo#1629655) * Add PKCS11 v3.0 functions to module debug logger. (bmo#1629105) * Fix error in generation of fuzz32 docker image after updates. (bmo#1626751) * Fix implicit declaration of function 'getopt' error. (bmo#1625133) * Allow building of gcm-arm32-neon on non-armv7 architectures. (bmo#1624864) * Fix compilation error in Firefox Android. (bmo#1624402) * Require CK_FUNCTION_LIST structs to be packed. (bmo#1624130) * Fix clang warning for unknown argument '-msse4'. (bmo#1624377) * Support new PKCS #11 v3.0 Message Interface for AES-GCM and ChaChaPoly. (bmo#1623374) * Fix freebl_cpuid for querying Extended Features. (bmo#1623184) * Fix argument parsing in lowhashtest. (bmo#1622555) * Introduce NSS_DISABLE_GCM_ARM32_NEON to build on arm32 without NEON support. (bmo#1620799) * Add workaround option to include both DTLS and TLS versions in DTLS supported_versions. (bmo#1619102) * Update README: TLS 1.3 is not experimental anymore. (bmo#1619056) * Fix UBSAN issue in ssl_ParseSessionTicket. (bmo#1618915) * Don't assert fuzzer behavior in SSL_ParseSessionTicket. (bmo#1618739) * Update Delegated Credentials implementation to draft-07. (bmo#1617968) * Update HACL* dependencies for libintvector.h (bmo#1617533) * Add vector accelerated SHA2 for POWER 8+. (bmo#1613238) * Integrate AVX2 ChaCha20, Poly1305, and ChaCha20Poly1305 from HACL*. (bmo#1612493) * Maintain PKCS11 C_GetAttributeValue semantics on attributes that lack NSS database columns. (bmo#1612281) * Add Wycheproof RSA test vectors. (bmo#1612260) * broken fipstest handling of KI_len. (bmo#1608250) * Consistently handle NULL slot/session. (bmo#1608245) * Avoid dcache pollution from sdb_measureAccess(). (bmo#1603801) * Update NSS to support PKCS #11 v3.0. (bmo#1603628) * TLS 1.3 does not work in FIPS mode. (bmo#1561637) * Fix overzealous assertion when evicting a cached sessionID or using external cache. (bmo#1531906) * Fix issue where testlib makefile build produced extraneous object files. (bmo#1465613) * Properly handle multi-block SEED ECB inputs. (bmo#1619959) * Guard all instances of NSSCMSSignedData.signerInfo to avoid a CMS crash (bmo#1630925) * Name Constraints validation: CN treated as DNS name even when syntactically invalid as DNS name (bmo#1571677) - update to NSS 3.51.1: * Update Delegated Credentials implementation to draft-07 (bmo#1617968) * Add workaround option to include both DTLS and TLS versions in DTLS supported_versions (bmo#1619102) * Update README: TLS 1.3 is not experimental anymore (bmo#1619056) * Don't assert fuzzer behavior in SSL_ParseSessionTicket (bmo#1618739) * Fix UBSAN issue in ssl_ParseSessionTicket (bmo#1618915) * Consistently handle NULL slot/session (bmo#1608245) * broken fipstest handling of KI_len (bmo#1608250) * Update Delegated Credentials implementation to draft-07 (bmo#1617968) - Add patch nss-kremlin-ppc64le.patch to fix ppc and s390x builds - update to NSS 3.51 * Updated DTLS 1.3 implementation to Draft-34. (bmo#1608892) * Correct swapped PKCS11 values of CKM_AES_CMAC and CKM_AES_CMAC_GENERAL (bmo#1611209) * Complete integration of Wycheproof ECDH test cases (bmo#1612259) * Check if PPC __has_include() (bmo#1614183) * Fix a compilation error for ‘getFIPSEnv’ "defined but not used" (bmo#1614786) * Send DTLS version numbers in DTLS 1.3 supported_versions extension to avoid an incompatibility. (bmo#1615208) * SECU_ReadDERFromFile calls strstr on a string that isn't guaranteed to be null-terminated (bmo#1538980) * Correct a warning for comparison of integers of different signs: 'int' and 'unsigned long' in security/nss/lib/freebl/ecl/ecp_25519.c:88 (bmo#1561337) * Add test for mp_int clamping (bmo#1609751) * Don't attempt to read the fips_enabled flag on the machine unless NSS was built with FIPS enabled (bmo#1582169) * Fix a null pointer dereference in BLAKE2B_Update (bmo#1431940) * Fix compiler warning in secsign.c (bmo#1617387) * Fix a OpenBSD/arm64 compilation error: unused variable 'getauxval' (bmo#1618400) * Fix a crash on unaligned CMACContext.aes.keySchedule when using AES-NI intrinsics (bmo#1610687) - update to NSS 3.50 * Verified primitives from HACL* were updated, bringing performance improvements for several platforms. Note that Intel processors with SSE4 but without AVX are currently unable to use the improved ChaCha20/Poly1305 due to a build issue; such platforms will fall-back to less optimized algorithms. See bmo#1609569 for details * Updated DTLS 1.3 implementation to Draft-30. See bmo#1599514 for details. * Added NIST SP800-108 KBKDF - PKCS#11 implementation. See bmo#1599603 for details. * Several bugfixes and minor changes - Disable LTO on %arm as LTO fails on neon errors - update to NSS 3.49.2 Fixed bugs: * Fix compilation problems with NEON-specific code in freebl (bmo#1608327) * Fix a taskcluster issue with Python 2 / Python 3 (bmo#1608895) - update to NSS 3.49.1 3.49.1 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49.1_release_notes * Cache the most recent PBKDF2 password hash, to speed up repeated SDR operations, important with the increased KDF iteration counts (bmo#1606992) 3.49 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_release_notes * The legacy DBM database, libnssdbm, is no longer built by default when using gyp builds (bmo#1594933) * several bugfixes - update to NSS 3.48 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.48_release_notes Notable Changes * TLS 1.3 is the default maximum TLS version (bmo#1573118) * TLS extended master secret is enabled by default, where possible (bmo#1575411) * The master password PBE now uses 10,000 iterations by default when using the default sql (key4.db) storage (bmo#1562671) Certificate Authority Changes * Added Entrust Root Certification Authority - G4 Cert (bmo#1591178) Bugfixes - requires NSPR 4.24 ++++ qemu: - Fix segfault when doing HMP wavcapture (boo#1171712) audio-fix-wavcapture-segfault.patch ------------------------------------------------------------------ ------------------ 2020-5-25 - May 25 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - iommu/amd: Fix over-read of ACPI UID from IVRS table (bsc#1172064). - iommu/virtio: Reverse arguments to list_add (bsc#1172068). - iommu/amd: Do not flush Device Table in iommu_map_page() (bsc#1172062). - iommu/amd: Update Device Table in increase_address_space() (bsc#1172066). - iommu/amd: Call domain_flush_complete() in update_domain() (bsc#1172061). - iommu/amd: Do not loop forever when trying to increase address space (bsc#1172063). - iommu/amd: Fix race in increase_address_space()/fetch_pte() (bsc#1172065). - iommu/qcom: Fix local_base status check (bsc#1172067). - KVM: Check validity of resolved slot when searching memslots (bsc#1172069). - commit dd49af6 - mm: memcontrol: fix memory.low proportional distribution (bsc#1168230). - commit 94666fc - scsi: qla2xxx: Do not log message when reading port speed via sysfs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - scsi: qla2xxx: Delete all sessions before unregister local nvme port (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - commit b6f8c1c - wireguard: noise: separate receive counter from send counter (bsc#1169021 jsc#SLE-12250). - wireguard: queueing: preserve flow hash across packet scrubbing (bsc#1169021 jsc#SLE-12250). - wireguard: noise: read preshared key while taking lock (bsc#1169021 jsc#SLE-12250). - wireguard: selftests: use newer iproute2 for gcc-10 (bsc#1169021 jsc#SLE-12250). - commit 299cebb - rcu: Avoid data-race in rcu_gp_fqs_check_wake() (bsc#1171828). - rcu: Use *_ONCE() to protect lockless ->expmask accesses (bsc#1171828). - rcu: Make rcu_read_unlock_special() checks match raise_softirq_irqoff() (bsc#1172046). Refresh rcu-Use-READ_ONCE-for-expmask-in-rcu_read_unlock_spe.patch - rcu: Simplify rcu_read_unlock_special() deferred wakeups (bsc#1172046). - commit 14cfc7d - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks (bsc#1058115). (cherry picked from commit 5d062fa0c4b96d9f6695e0393114da63299cd52e) - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks (bsc#1058115). - commit d9c0a48 - series.conf: cleanup - update upstream references and resort: patches.suse/s390-kexec_file-fix-initrd-location-for-kdump-kernel.patch - commit 6765b4b - iio: sca3000: Remove an erroneous 'get_device()' (git-fixes). - iio: adc: ti-ads8344: Fix channel selection (git-fixes). - staging: iio: ad2s1210: Fix SPI reading (git-fixes). - iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()' (git-fixes). - commit f20f881 - bpf: Prevent mmap()'ing read-only maps as writable (bsc#1155518). - commit db279bd ++++ util-linux: - nologin: Add support for -c to prevent error from su -c (bsc#1151708, util-linux-nologin-su-c.patch). ++++ systemd: - Disable bump of /proc/sys/fs/nr-open Hopefully a _temporary_ workaround until bsc#1165351 is fixed otherwise user instances crashes the system is using NIS (and the nscd cache is empty). ++++ podman: - Update to podman v1.9.3: * Fixed a bug where, on FIPS enabled hosts, FIPS mode secrets were not properly mounted into containers * Fixed a bug where builds run over Varlink would hang * Fixed a bug where podman save would fail when the target image was specified by digest * Fixed a bug where rootless containers with ports forwarded to them could panic and dump core due to a concurrency issue (#6018) * Fixed a bug where rootless Podman could race when opening the rootless user namespace, resulting in commands failing to run * Fixed a bug where HTTP proxy environment variables forwarded into the container by the --http-proxy flag could not be overridden by --env or --env-file * Fixed a bug where rootless Podman was setting resource limits on cgroups v2 systems that were not using systemd-managed cgroups (and thus did not support resource limits), resulting in containers failing to start ++++ timezone: - zdump --version reported "unknown" (boo#1172055) ++++ util-linux-systemd: - nologin: Add support for -c to prevent error from su -c (bsc#1151708, util-linux-nologin-su-c.patch). ------------------------------------------------------------------ ------------------ 2020-5-24 - May 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched: Offload wakee task activation if it the wakee is descheduling (bnc#1158748, bnc#1159781). - sched: Optimize ttwu() spinning on p->on_cpu (bnc#1158748, bnc#1159781). - commit 6a690f9 ++++ rpm: - Add reproducible-debuginfo.patch to generate debuginfo in a reproducible way [bsc#1172173] ------------------------------------------------------------------ ------------------ 2020-5-22 - May 22 2020 ------------------- ------------------------------------------------------------------ ++++ cracklib: - Enable translation-update-upstream on leap, to remove the use of is_opensuse (jsc#SLE-12096). ++++ gsettings-desktop-schemas: - Add 00_org.gnome.desktop.peripherals.gschema.override: in SLE-15-SP2 and Leap 15.2, revert touchpad click method default value via gsettings vendor overrides, in order to be consistent with earlier service pack (bsc#1171593). ++++ kernel-default: - ALSA: hda/realtek - Add more fixup entries for Clevo machines (git-fixes). - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio option (git-fixes). - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme (git-fixes). - ALSA: pcm: fix incorrect hw_base increase (git-fixes). - commit 1a75995 - Update patch reference for SPI security fix (CVE-2020-12769 bsc#1171983) - commit bdb2e59 - Update patch reference for USB gadeget security fix (CVE-2020-13143 bsc#1171982) - commit 2b875ef - x86/resctrl: Preserve CDP enable over CPU hotplug (bsc#1152489). - commit f6b2bde - x86/resctrl: Fix invalid attempt at removing the default resource group (bsc#1152489). - commit 960b1f0 - EDAC/synopsys: Do not dump uninitialized pinf->col (bsc#1152489). - commit 349fab2 - blacklist.conf: 870b4333a62e x86/ioremap: Fix CONFIG_EFI=n build - commit c645d02 - nfs: fix NULL deference in nfs4_get_valid_delegation. - commit ee8a543 - blacklist.conf: - commit 1787033 ------------------------------------------------------------------ ------------------ 2020-5-20 - May 20 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update kabi files. - update to "RC3" submission (commit de1e6fb20e9d) - commit 8f25cbe - USB: gadget: fix illegal array access in binding with UDC (git-fixes). - USB: usbfs: fix mmap dma mismatch (git-fixes). - dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg() (git-fixes). - drm/amd/display: add basic atomic check for cursor plane (git-fixes). - Make the "Reducing compressed framebufer size" message be DRM_INFO_ONCE() (git-fixes). - usb: usbfs: correct kernel->user page attribute mismatch (git-fixes). - dmaengine: mmp_tdma: Reset channel error on release (git-fixes). - dmaengine: mmp_tdma: Do not ignore slave config validation errors (git-fixes). - dmaengine: pch_dma.c: Avoid data race between probe and irq handler (git-fixes). - drm/amdgpu: invalidate L2 before SDMA IBs (v2) (git-fixes). - drm/amd/powerplay: avoid using pm_en before it is initialized revised (git-fixes). - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() (git-fixes). - pnp: Use list_for_each_entry() instead of open coding (git-fixes). - drm/amdgpu: simplify padding calculations (v2) (git-fixes). - commit eb4042e - blacklist.conf: Add an entry for non-supported arch/hexagon - commit 4f664be - workqueue: Remove the warning in wq_worker_sleeping() (git-fixes). - workqueue: don't use wq_select_unbound_cpu() for bound works (git-fixes). - commit 4686860 - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (git-fixes). - vt: vt_ioctl: remove unnecessary console allocation checks (git-fixes). - commit 3c82977 - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B (git-fixes). - usb: gadget: udc: atmel: Make some symbols static (git-fixes). - usb: host: xhci-plat: keep runtime active when removing host (git-fixes). - usb: gadget: legacy: fix error return code in gncm_bind() (git-fixes). - usb: gadget: legacy: fix error return code in cdc_bind() (git-fixes). - usb: gadget: net2272: Fix a memory leak in an error handling path in 'net2272_plat_probe()' (git-fixes). - usb: gadget: audio: Fix a missing error return value in audio_bind() (git-fixes). - commit 8d23cb6 - i2c: mux: demux-pinctrl: Fix an error handling path in 'i2c_demux_pinctrl_probe()' (git-fixes). - gpio: pca953x: Fix pca953x_gpio_set_config (git-fixes). - iwlwifi: mvm: limit maximum queue appropriately (git-fixes). - mfd: intel-lpss: Use devm_ioremap_uc for MMIO (git-fixes). - lib: devres: add a helper function for ioremap_uc (git-fixes). - commit db78707 - drm/i915/gvt: Fix kernel oops for 3-level ppgtt guest (git-fixes). - drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of inheritance (git-fixes). - drm/i915: Propagate error from completed fences (git-fixes). - drm/i915: Don't enable WaIncreaseLatencyIPCEnabled when IPC is disabled (git-fixes). - coredump: fix crash when umh is disabled (git-fixes). - dmaengine: dmatest: Fix process hang when reading 'wait' parameter (git-fixes). - drm/i915: HDCP: fix Ri prime check done during link check (git-fixes). - coredump: fix null pointer dereference on coredump (git-fixes). - dma-debug: fix displaying of dma allocation type (git-fixes). - dma-direct: fix data truncation in dma_direct_get_required_mask() (git-fixes). - dma-coherent: fix integer overflow in the reserved-memory dma allocation (git-fixes). - drm/etnaviv: rework perfmon query infrastructure (git-fixes). - commit 79467c5 - perf/core: fix parent pid/tid in task exit events (git-fixes). - perf/core: Fix endless multiplex timer (git-fixes). - commit 9e85c92 - netfilter: ctnetlink: netns exit must wait for callbacks (bsc#1169795). - commit 1367464 - Update upstream reference and move to sorted section: patches.suse/x86-sched-Don-t-enable-static-key-when-starting-seco.patch. - commit 286ea13 - Update upstream reference and move to sorted section: patches.suse/x86-sched-Account-for-CPUs-with-less-than-4-cores-in.patch. - commit 806c75b - Update upstream reference and move to sorted section: patches.suse/x86-sched-Bail-out-of-frequency-invariance-if-.patch. - commit debf0d3 - fix patch metadata - fix Patch-mainline: patches.suse/NFSv3-fix-rpc-receive-buffer-size-for-MOUNT-call.patch - commit c8d32f9 - drm/i915/gvt: Fix kernel oops for 3-level ppgtt guest (bsc#1152489) - commit 9d0ce16 - drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of (bsc#1152489) - commit addefe4 - drm/amdgpu: force fbdev into vram (bsc#1152472) * context changes - commit 84af19b - drm/i915: Don't enable WaIncreaseLatencyIPCEnabled when IPC is (bsc#1152489) - commit 2c2843b - sun6i: dsi: fix gcc-4.8 (bsc#1152489) - commit 7678d54 - drm/i915: HDCP: fix Ri prime check done during link check (bsc#1152489) * context changes - commit a3e33d0 - drm/i915: Extend WaDisableDARBFClkGating to icl,ehl,tgl (bsc#1152489) - commit 99f05b3 - NFSv3: fix rpc receive buffer size for MOUNT call (bsc#1171849). - commit 4832c5f ++++ kernel-default-base: - Add vxlan (bsc#1171903) ------------------------------------------------------------------ ------------------ 2020-5-19 - May 19 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mptfusion: Fix double fetch bug in ioctl (bsc#1171218 CVE-2020-12652). - commit d61daf3 - Update patch reference for ipv6 security fix (CVE-2020-1749 bsc#1165629) - commit b65b793 - KVM: SVM: Fix potential memory leak in svm_cpu_init() (bsc#1171736). - commit 010dbdc - scripts/dtc: Remove redundant YYLOC global declaration (bsc#1160388). - commit 40e5eca - bdi: Fix up kabi for dev_name addition (bsc#1171844). - commit 4d83bb4 - x86/unwind/orc: Fix error handling in __unwind_start() (bsc#1058115). - commit ad0fbff - platform/x86: ISST: Fix wrong unregister type (bsc#1171810). - platform/x86: ISST: Allow additional core-power mailbox commands (bsc#1171810). - platform/x86: ISST: Use dev_get_drvdata (bsc#1171810). - commit 6bfd9ca - Move two upstreamed IMA patches into sorted section - commit caf8825 - bpf: Fix error return code in map_lookup_and_delete_elem() (bsc#1155518). - bpf: Fix sk_psock refcnt leak when receiving message (bsc#1155518). - commit d621e20 ++++ mozilla-nss: - nss-fips-aes-keywrap-post.patch: Add AES Keywrap POST. - nss-fips-constructor-self-tests.patch: Accept EACCES in lieu of ENOENT when trying to access /proc/sys/crypto/fips_enabled (bsc#1170908). ++++ libgcrypt: - FIPS: RSA/DSA/ECC test_keys() print out debug messages [bsc#1171872] * Print the debug messages in test_keys() only in debug mode. - Update patches: libgcrypt-PCT-RSA.patch libgcrypt-PCT-DSA.patch libgcrypt-PCT-ECC.patch ------------------------------------------------------------------ ------------------ 2020-5-18 - May 18 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Update to v2.0.16 - tty: flush pending data when fd is ready ++++ grub2: - Skip zfcpdump kernel from the grub boot menu (bsc#1166513) * grub2-s390x-skip-zfcpdump-image.patch ++++ kernel-default: - perf/x86/intel/uncore: Add Ice Lake server uncore support (jsc#SLE-8898). - perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (jsc#SLE-8898). - perf/x86/intel/uncore: Add box_offsets for free-running counters (jsc#SLE-8898). - commit 093dafa - vt: fix unicode console freeing with a common interface (git-fixes). - commit 4d7b8d6 - s390/kexec_file: fix initrd location for kdump kernel (bsc#1166340 ltc#184171). - commit d2b5550 - block: Fix writeback throttling W=1 compiler warnings (bsc#1171844). - blacklist.conf: Remove the commit - commit 2a895f4 - bdi: add a ->dev_name field to struct backing_dev_info (bsc#1171844). - commit 1e675b2 - bdi: move bdi_dev_name out of line (bsc#1171844). - commit 8c98f9b - bdi: use bdi_dev_name() to get device name (bsc#1171844). - commit 2f2a729 - propagate_one(): mnt_set_mountpoint() needs mount_lock (bsc#1171843). - commit d12939e - vt: don't hardcode the mem allocation upper bound (git-fixes). - commit cef46bf - vt: don't use kmalloc() for the unicode screen buffer (git-fixes). - commit 4fd1f99 - rcu: Add *_ONCE() for grace-period progress indicators (bsc#1171828). - rcu: Add READ_ONCE() to rcu_segcblist ->tails (bsc#1171828). - rcu: Add WRITE_ONCE() to rcu_node ->qsmaskinitnext (bsc#1171828). - rcu: Add WRITE_ONCE() to rcu_state ->gp_req_activity (bsc#1171828). - rcu: Add WRITE_ONCE to rcu_node ->exp_seq_rq store (bsc#1171828). - rcu: Add WRITE_ONCE() to rcu_node ->qsmask update (bsc#1171828). - rcu: Provide debug symbols and line numbers in KCSAN runs (bsc#1171828). - rcu: Fix exp_funnel_lock()/rcu_exp_wait_wake() datarace (bsc#1171828). - rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special() (bsc#1171828). - srcu: Apply *_ONCE() to ->srcu_last_gp_end (bsc#1171828). - commit a409a59 - blacklist.conf: Blacklist c4b4c2a78a9f - commit 7d1f234 - ext4: use non-movable memory for superblock readahead (bsc#1171842). - commit cc13e88 - ocfs2: no need try to truncate file beyond i_size (bsc#1171841). - commit 4ea0462 - USB: uas: add quirk for LaCie 2Big Quadra (git-fixes). - commit 827d447 - io_uring: remove bogus RLIMIT_NOFILE check in file registration (bsc#1171840). - commit 2d64873 - io_uring: honor original task RLIMIT_FSIZE (bsc#1171839). - commit c77337d - USB: serial: qcserial: Add DW5816e support (git-fixes). - commit aa6d686 - mm/swapfile.c: move inode_lock out of claim_swapfile (git-fixes, bsc#1171730). - commit e2fed77 - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list (git-fixes). - commit 25bbbc6 - blacklist.conf: Blacklist ce623f89872d - commit 1a198c3 - blacklist.conf: Blacklist 02f03c4206c1 - commit 2d8e6ba - ext4: fix a data race at inode->i_blocks (bsc#1171835). - commit 3a01d10 - block, bfq: invoke flush_idle_tree after reparent_active_queues in pd_offline (bsc#1171834). - commit 2f6d8ec - block, bfq: make reparent_leaf_entity actually work only on leaf entities (bsc#1171833). - commit d07ba45 - block, bfq: turn put_queue into release_process_ref in __bfq_bic_change_cgroup (bsc#1171832). - commit 8dc34a5 - libnvdimm/dax: Pick the right alignment default when creating dax devices (bsc#1171759). - powerpc/book3s64: Export has_transparent_hugepage() related functions (bsc#1171759). - Refresh patches.suse/powerpc-hash64-devmap-Use-H_PAGE_THP_HUGE-when-setti.patch. - commit 01ee8de - rcu: Remove rcu_swap_protected() (bsc#1171827). - wireless/mediatek: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1171827). - fs/afs: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1171827). - drivers/scsi: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1171827). - drm/i915: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1171827). - x86/kvm/pmu: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1171827). - mt76: drop rcu read lock in mt76_rx_aggr_stop (bsc#1171827). - commit a6fb099 - blacklist.conf: Append "ARM: dts: bcm283x: Disable dsi0 node" It's a device tree change, we don't maintain device trees. - commit 2f253e6 - blacklist.conf: add 5a57c05b56b6e - commit a97a544 - blacklist.conf: add 71912e08e06b7 - commit e4cf882 - net: broadcom: Select BROADCOM_PHY for BCMGENET (git-fixes). - commit 45f06fc - bpf: Enforce returning 0 for fentry/fexit progs (bsc#1154353). - bpf: Fix bug in mmap() implementation for BPF array map (bsc#1154353). - ionic: call ionic_port_init after fw-upgrade (bsc#1167773). - ionic: leave netdev mac alone after fw-upgrade (bsc#1167773). - RDMA/uverbs: Move IB_EVENT_DEVICE_FATAL to destroy_uobj (jsc#SLE-8449). - RDMA/uverbs: Do not discard the IB_EVENT_DEVICE_FATAL event (jsc#SLE-8449). - ipv6: fix restrict IPV6_ADDRFORM operation (bsc#1171662). - selftests/bpf: Validate frozen map contents stays frozen (bsc#1154353). - ipv6: restrict IPV6_ADDRFORM operation (bsc#1171662). - commit b0eba11 - wireguard: send/receive: cond_resched() when processing worker ringbuffers (bsc#1169021 jsc#SLE-12250). - wireguard: socket: remove errant restriction on looping to self (bsc#1169021 jsc#SLE-12250). - wireguard: receive: use tunnel helpers for decapsulating ECN markings (bsc#1169021 jsc#SLE-12250). - wireguard: queueing: cleanup ptr_ring in error path of packet_queue_init (bsc#1169021 jsc#SLE-12250). - commit 3b1c8e3 - clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks (git-fixes). - clk: Unlink clock if failed to prepare or enable (git-fixes). - commit 1326aea - net: ipv4: really enforce backoff for redirects (git-fixes). - commit 439f9a6 - series.conf: cleanup - move kabi workaround to the right section: patches.kabi/snd-rawmidi-buffer_ref-kABI-workaround.patch - commit 6394f10 - ima: Set again build_ima_appraise variable (bsc#1171709). - ima: Remove redundant policy rule set in add_rules() (bsc#1171709). - ima: Fix ima digest hash table key calculation (bsc#1171709). - ima: Fix return value of ima_write_policy() (bsc#1171709). - ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() (bsc#1171709). - commit 9bfa29c - series.conf: cleanup Drop unneeded comment. - commit c7bd9f9 ++++ kernel-default-base: - Add usbhid and hid-generic for USB input devices (boo#1167749) ++++ libpwquality: - Register with pam-config in %post(un) ------------------------------------------------------------------ ------------------ 2020-5-17 - May 17 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ipc/util.c: sysvipc_find_ipc() incorrectly updates position index (bsc#1171236). - kernel/gcov/fs.c: gcov_seq_next() should increase position index (bsc#1171236). - fs/seq_file.c: seq_read(): add info message about buggy .next functions (bsc#1171236). - selinux: sel_avc_get_stat_idx should increase position index (bsc#1171236). - mm/swapfile.c: swap_next should increase position index (bsc#1171236). - commit 02aa5d8 - pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler (git-fixes). - pinctrl: baytrail: Enable pin configuration setting for GPIO chip (git-fixes). - pinctrl: sunrisepoint: Fix PAD lock register offset for SPT-H (git-fixes). - pinctrl: qcom: fix wrong write in update_dual_edge (git-fixes). - pinctrl: actions: fix function group name for i2c0_group (git-fixes). - commit 47ce68c ------------------------------------------------------------------ ------------------ 2020-5-16 - May 16 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: sg: add sg_remove_request in sg_common_write (bsc#1171790). - commit 6f665e2 - Blacklist git-fix that uses kABI not present yet in SLE. This uses get_unaligned_be24(), which isn't in our kernel yet, to clean up debug code, but it does not fix anything. - commit 0389ede - scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1171783). - scsi: ufs: Clean up ufshcd_scale_clks() and clock scaling error out path (bsc#1171792). - scsi: aha1740: Fix an errro handling path in aha1740_probe() (bsc#1171774). - scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic (bsc#1171795). - scsi: ufs: fix Auto-Hibern8 error detection (bsc#1171794). - block/drbd: delete invalid function drbd_md_mark_dirty_ (bsc#1171773). - scsi: sd: Fix optimal I/O size for devices that change reported values (bsc#1171789). - scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails (bsc#1171796). - scsi: csiostor: Adjust indentation in csio_device_reset (bsc#1171777). - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free (bsc#1171784). - scsi: ufs: Recheck bkops level if bkops is disabled (bsc#1171798). - scsi: fnic: fix invalid stack access (bsc#1171780). - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI (bsc#1171787). - scsi: iscsi: Fix a potential deadlock in the timeout handler (bsc#1171781). - scsi: ufs: Disable autohibern8 feature in Cadence UFS (bsc#1171793). - scsi: iscsi: qla4xxx: fix double free in probe (bsc#1171782). - scsi: ufs: Give an unique ID to each ufs-bsg (bsc#1171797). - scsi: scsi_transport_sas: Fix memory leak when removing devices (bsc#1171786). - scsi: bnx2i: fix potential use after free (bsc#1171775). - scsi: qla4xxx: fix double free bug (bsc#1171785). - scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane) (bsc#1171799). - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) (bsc#1171791). - scsi: core: scsi_trace: Use get_unaligned_be*() (bsc#1171776). - scsi: esas2r: unlock on error in esas2r_nvram_read_direct() (bsc#1171779). - scsi: csiostor: Don't enable IRQs too early (bsc#1171778). - scsi: sd: enable compat ioctls for sed-opal (bsc#1171788). - commit f218358 - umh: fix memory leak on execve failure (git-fixes). - r8169: re-establish support for RTL8401 chip version (git-fixes). - hwmon: (da9052) Synchronize access with mfd (git-fixes). - commit c93a77b - kABI workaround for snd_rawmidi buffer_ref field addition (git-fixes). - commit a26b757 - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 (git-fixes bsc#1171293). - ALSA: hda/realtek - Add COEF workaround for ASUS ZenBook UX431DA (git-fixes). - ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295 (git-fixes). - ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295 (git-fixes). - ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295 (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Notebook (git-fixes). - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses (git-fixes). - ALSA: usb-audio: add mapping for ASRock TRX40 Creator (git-fixes). - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse (git-fixes). - Revert "ALSA: hda/realtek: Fix pop noise on ALC225" (git-fixes). - ALSA: firewire-lib: fix 'function sizeof not defined' error of tracepoints format (git-fixes). - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset (git-fixes). - commit 1c282f0 ------------------------------------------------------------------ ------------------ 2020-5-15 - May 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - s390/qeth: refactor buffer pool code (git-fixes). - s390/qeth: use page pointers to manage RX buffer pool (git-fixes). - commit 78b8e17 - s390/qdio: fill SBALEs with absolute addresses (git-fixes). - commit 3a84ac3 - blacklist.conf: Add unimportant S390 fixes. - commit da76ba0 - s390: Keep kABI after adding fields to struct lowcore (git-fixes). - s390: prevent leaking kernel address in BEAR (git-fixes). - commit 2432c42 - Update upstream references and move to sorted section: patches.suse/s390-mm-fix-page-table-upgrade-vs-2ndary-address-mode - commit 5b70b1c - s390/protvirt: fix compilation issue (git-fixes). - s390/pci: do not set affinity for floating irqs (git-fixes). - KVM: s390: Fix PV check in deliverable_irqs() (git-fixes). - s390/cio: generate delayed uevent for vfio-ccw subchannels (git-fixes). - s390/cio: avoid duplicated 'ADD' uevents (git-fixes). - KVM: s390: vsie: Fix possible race when shadowing region 3 tables (git-fixes). - KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks (git-fixes). - s390/diag: fix display of diagnose call statistics (git-fixes). - s390/cpuinfo: fix wrong output when CPU0 is offline (git-fixes). - scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point (git-fixes). - s390/gmap: return proper error code on ksm unsharing (git-fixes). - s390/qeth: support net namespaces for L3 devices (git-fixes). - s390/qeth: implement smarter resizing of the RX buffer pool (git-fixes). - s390/qeth: cancel RX reclaim work earlier (git-fixes). - s390/qeth: handle error when backing RX buffer (git-fixes). - s390/qeth: don't reset default_out_queue (git-fixes). - s390/qeth: fix off-by-one in RX copybreak check (git-fixes). - s390/qeth: don't warn for napi with 0 budget (git-fixes). - s390/qeth: vnicc Fix EOPNOTSUPP precedence (git-fixes). - commit f4042da - s390/uv: Fix handling of length extensions (git-fixes). - Refresh patches.suse/0008-s390-protvirt-introduce-host-side-setup. - commit b147e1a - s390/qeth: consolidate QDIO queue setup (git-fixes). - s390/startup: round down "mem" option to page boundary (git-fixes). - commit 1751aa6 - s390/cpum_cf: Add new extended counters for IBM z15 (bsc#1169763 LTC#185290). - commit 7b5f7a7 - s390/ftrace: fix potential crashes when switching tracers (bsc#1171242 LTC#185786). - commit 4872847 - fnic: to not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675). - commit ab83c6a - ima: Use ima_hash_algo for collision detection in the measurement list (bsc#1171709). - ima: Calculate and extend PCR with digests in ima_template_entry (bsc#1171709). - ima: Allocate and initialize tfm for each PCR bank (bsc#1171709). - ima: Switch to dynamically allocated buffer for template digests (bsc#1171709). - ima: Store template digest directly in ima_template_entry (bsc#1171709). - ima: Evaluate error in init_ima() (bsc#1171709). - ima: Switch to ima_hash_algo for boot aggregate (bsc#1171709). - commit b14498d - mmc: sdhci-acpi: Add SDHCI_QUIRK2_BROKEN_64_BIT_DMA for AMDI0040 (git-fixes). - mmc: block: Fix request completion in the CQE timeout path (git-fixes). - mmc: core: Fix recursive locking issue in CQE recovery path (git-fixes). - mmc: core: Check request type before completing the request (git-fixes). - mmc: sdhci-pci-gli: Fix can not access GL9750 after reboot from Windows 10 (git-fixes). - mmc: alcor: Fix a resource leak in the error path for ->probe() (git-fixes). - mmc: sdhci-pci-gli: Fix no irq handler from suspend (git-fixes). - HID: wacom: Report 2nd-gen Intuos Pro S center button status over BT (git-fixes). - commit c8b265a ++++ gcc10: - Update to gcc-10 branch head (b0461f44076c26ced5526e4fd6), git68. - Add gcc10-foffload-default.patch to make offloading ignore offload targets that have not been installed both at compile and runtime (for the libgomp plugin part). ++++ qemu: - Note: a stable patch we've already included addresses bsc#1167816 migration-Rate-limit-inside-host-pages.patch ------------------------------------------------------------------ ------------------ 2020-5-14 - May 14 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: zfcp: Move allocation of the shost object to after xconf- and xport-data (bsc#1158050). - commit 21f0bbc - scsi: zfcp: Fence early sysfs interfaces for accesses of shost objects (bsc#1158050). - commit 14fe477 - scsi: zfcp: Fence adapter status propagation for common statuses (bsc#1158050). - commit 2239fe3 - scsi: zfcp: Move p-t-p port allocation to after xport data (bsc#1158050). - commit 6523a4a - scsi: zfcp: Fence fc_host updates during link-down handling (bsc#1158050). - commit e19869e - scsi: zfcp: Move fc_host updates during xport data handling into fenced function (bsc#1158050). - commit ed1083e - scsi: zfcp: Move shost updates during xconfig data handling into fenced function (bsc#1158050). - commit 2b1bff7 - scsi: zfcp: Move shost modification after QDIO (re-)open into fenced function (bsc#1158050). - commit 125f4c2 - scsi: zfcp: log FC Endpoint Security errors (bsc#1158050). - commit 917028c - scsi: zfcp: enhance handling of FC Endpoint Security errors (bsc#1158050). - commit 36c135f - scsi: zfcp: trace FC Endpoint Security of FCP devices and connections (bsc#1158050). - commit 7e76f52 - scsi: zfcp: log FC Endpoint Security of connections (bsc#1158050). - commit c39b6cd - scsi: zfcp: report FC Endpoint Security in sysfs (bsc#1158050). - commit f23d4ba - scsi: zfcp: auto variables for dereferenced structs in open port handler (bsc#1158050). - commit 59d992b - scsi: zfcp: fix fc_host attributes that should be unknown on local link down (bsc#1158050). - commit eeef336 - scsi: zfcp: wire previously driver-specific sysfs attributes also to fc_host (bsc#1158050). - commit 6bad869 - scsi: zfcp: expose fabric name as common fc_host sysfs attribute (bsc#1158050). - commit ea0cf94 - scsi: zfcp: fix wrong data and display format of SFP+ temperature (bsc#1158050). - commit 90e31fe - scsi: zfcp: proper indentation to reduce confusion in zfcp_erp_required_act (bsc#1158050). - commit 4e35fda - scsi: zfcp: move maximum age of diagnostic buffers into a per-adapter variable (bsc#1158050). - commit be264de - scsi: zfcp: implicitly refresh config-data diagnostics when reading sysfs (bsc#1158050). - commit 20412aa - scsi: zfcp: introduce sysfs interface to read the local B2B-Credit (bsc#1158050). - commit 843431c - scsi: zfcp: implicitly refresh port-data diagnostics when reading sysfs (bsc#1158050). - commit 161aea6 - scsi: zfcp: introduce sysfs interface for diagnostics of local SFP transceiver (bsc#1158050). - commit a779192 - scsi: zfcp: support retrieval of SFP Data via Exchange Port Data (bsc#1158050). - commit 5dc40b1 - scsi: zfcp: add diagnostics buffer for exchange config data (bsc#1158050). - commit 57cb8ce - scsi: zfcp: diagnostics buffer caching and use for exchange port data (bsc#1158050). - commit dd2087b - scsi: zfcp: signal incomplete or error for sync exchange config/port data (bsc#1158050). - commit c1722d3 - ext4: do not zeroout extents beyond i_disksize (bsc#1167851). - commit af137fd - x86/smpboot: Remove the last ICPU() macro (bsc#1171644). - commit 363d04a - ceph: demote quotarealm lookup warning to a debug message (jsc#SES-1134). - ceph: fix double unlock in handle_cap_export() (jsc#SES-1134). - ceph: fix special error code in ceph_try_get_caps() (jsc#SES-1134). - ceph: fix endianness bug when handling MDS session feature bits (jsc#SES-1134). - commit f1fae63 - ACPI: Convert to new X86 CPU match macros (bsc#1171644). - ASoC: Intel: Convert to new X86 CPU match macros (bsc#1171644). - cpufreq: Convert to new X86 CPU match macros (bsc#1171644). - cpufreq/intel_pstate: Fix wrong macro conversion (bsc#1171644). - crypto: Convert to new CPU match macros (bsc#1171644). - EDAC: Convert to new X86 CPU match macros (bsc#1171644). - extcon: axp288: Convert to new X86 CPU match macros (bsc#1171644). - hwmon: Convert to new X86 CPU match macros (bsc#1171644). - hwrng: via_rng: Convert to new X86 CPU match macros (bsc#1171644). - intel_idle: Convert to new X86 CPU match macros (bsc#1171644). - mmc: sdhci-acpi: Convert to new X86 CPU match macros (bsc#1171644). - PCI: intel-mid: Convert to new X86 CPU match macros (bsc#1171644). - platform/x86: Convert to new CPU match macros (bsc#1171644). - powercap/intel_rapl: Convert to new X86 CPU match macros (bsc#1171644). - thermal: Convert to new X86 CPU match macros (bsc#1171644). - x86/cpu/bugs: Convert to new matching macros (bsc#1171644). - x86/cpu: Cleanup the now unused CPU match macros (bsc#1171644). - x86/intel: Aggregate big core client naming (bsc#1171644). - x86/intel: Aggregate big core graphics naming (bsc#1171644). - x86/intel: Aggregate big core mobile naming (bsc#1171644). - x86/intel: Aggregate microserver naming (bsc#1171644). - x86/kernel: Convert to new CPU match macros (bsc#1171644). - x86/kvm: Convert to new CPU match macros (bsc#1171644). - x86/perf/events: Convert to new CPU match macros (bsc#1171644). - x86/platform: Convert to new CPU match macros (bsc#1171644). - Refresh patches.suse/edac-i10nm-update-driver-to-support-different-bus-number-config-register-offsets.patch. - Refresh patches.suse/edac-skx-i10nm-make-some-configurations-cpu-model-specific.patch. - Refresh patches.suse/perf-x86-cstate-add-comet-lake-cpu-support.patch. - Refresh patches.suse/perf-x86-cstate-update-c-state-counters-for-ice-lake.patch. - Refresh patches.suse/perf-x86-intel-add-comet-lake-cpu-support.patch. - Refresh patches.suse/perf-x86-msr-add-comet-lake-cpu-support.patch. - Refresh patches.suse/platform-x86-intel_pmc_core-Add-Comet-Lake-CML-platf.patch. - Refresh patches.suse/platform-x86-intel_pmc_core-update-Comet-Lake-platfo.patch. - Refresh patches.suse/powercap-intel_rapl-add-support-for-CometLake-Mobile. - Refresh patches.suse/powercap-intel_rapl-add-support-for-Cometlake-desktop. - Refresh patches.suse/powercap-intel_rapl-add-support-for-TigerLake-Mobile.patch. - Refresh patches.suse/x86-bugs-Add-ITLB_MULTIHIT-bug-infrastructure.patch. - Refresh patches.suse/x86-cpu-Add-Tiger-Lake-to-Intel-family.patch. - Refresh patches.suse/x86-cpu-Add-Tremont-to-the-cpu-vulnerability-whiteli.patch. - Refresh patches.suse/x86-cpu-add-a-steppings-field-to-struct-x86_cpu_id.patch. - Refresh patches.suse/x86-sched-Add-support-for-frequency-invariance.patch. - commit 424d9a3 - Update patches.suse/pci-aer-add-pci_aer_raw_clear_status-to-unconditionally-clear-error-status (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-aer-rationalize-error-status-register-clearing (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-dpc-add-error-disconnect-recover-edr-support (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-dpc-cache-dpc-capabilities-in-pci_init_capabilities (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-dpc-expose-dpc_process_error-dpc_reset_link-for-use-by-edr (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-dpc-move-dpc-data-into-struct-pci_dev (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-err-remove-service-dependency-in-pcie_do_recovery (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - Update patches.suse/pci-err-return-status-of-pcie_do_recovery (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - commit dbc15d0 - efi: READ_ONCE rng seed size before munmap (jsc#SLE-12424). - efi/random: Treat EFI_RNG_PROTOCOL output as bootloader randomness (jsc#SLE-12424). - char/random: Add a newline at the end of the file (jsc#SLE-12424). - fdt: add support for rng-seed (jsc#SLE-12424). - arm64: map FDT as RW for early_init_dt_scan() (jsc#SLE-12424). - commit 14ee05c - rpm/check-for-config-changes: Ignore CONFIG_CC_VERSION_TEXT - commit 8e6b05f ++++ vim: - introduce vim-small package with reduced requirements for small installations (boo#1166602). - BuildRequire pkg-config(krb5) instead of krb5-mini to be able to build against Tumbleweed repo ------------------------------------------------------------------ ------------------ 2020-5-13 - May 13 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Add missing patch, which mistakenly removed in lvm2 update + bug-998893_make_pvscan_service_after_multipathd.patch - Change lvm2.spec for fixing build error + lvm2.spec ++++ glibc: - nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942) ++++ kernel-default: - Update kabi files. - update to "Snapshot 16" submission (commit 2c1dc3e59ade) - commit 5277b75 - fanotify: merge duplicate events on parent and child (bsc#1171285). - commit 31ead62 - blacklist.conf: 81b67439d147 ("x86/unwind/orc: Fix premature unwind stoppage due to IRET frames") Breaks kABI. SLE15-SP3 is the target. - commit 9871f13 - series.conf: whitespace cleanup No functional change. - commit 2c1dc3e - x86/unwind/orc: Fix error path for bad ORC entry type (bsc#1058115). - commit 031383f - x86/unwind/orc: Prevent unwinding before ORC initialization (bsc#1058115). - commit d558feb - x86/unwind/orc: Don't skip the first frame for inactive tasks (bsc#1058115). - commit aa72d5b - x86/unwind: Prevent false warnings for non-current tasks (bsc#1058115). - commit 00ea671 - Dropped jsc#PM and jsc#ECO references. - Update patches.suse/Doc-networking-device_drivers-pensando-fix-ionic.rst.patch (bsc#1167773). - Update patches.suse/Documentation-networking-device-drivers-Remove-stray.patch (bsc#1167773). - Update patches.suse/dynamic_debug-provide-dynamic_hex_dump-stub.patch (bsc#1167773). - Update patches.suse/ionic-Add-RSS-support.patch (bsc#1167773). - Update patches.suse/ionic-Add-Rx-filter-and-rx_mode-ndo-support.patch (bsc#1167773). - Update patches.suse/ionic-Add-Tx-and-Rx-handling.patch (bsc#1167773). - Update patches.suse/ionic-Add-adminq-action.patch (bsc#1167773). - Update patches.suse/ionic-Add-async-link-status-check-and-basic-stats.patch (bsc#1167773). - Update patches.suse/ionic-Add-basic-adminq-support.patch (bsc#1167773). - Update patches.suse/ionic-Add-basic-framework-for-IONIC-Network-device-d.patch (bsc#1167773). - Update patches.suse/ionic-Add-basic-lif-support.patch (bsc#1167773). - Update patches.suse/ionic-Add-coalesce-and-other-features.patch (bsc#1167773). - Update patches.suse/ionic-Add-driver-stats.patch (bsc#1167773). - Update patches.suse/ionic-Add-hardware-init-and-device-commands.patch (bsc#1167773). - Update patches.suse/ionic-Add-initial-ethtool-support.patch (bsc#1167773). - Update patches.suse/ionic-Add-interrupts-and-doorbells.patch (bsc#1167773). - Update patches.suse/ionic-Add-management-of-rx-filters.patch (bsc#1167773). - Update patches.suse/ionic-Add-netdev-event-handling.patch (bsc#1167773). - Update patches.suse/ionic-Add-notifyq-support.patch (bsc#1167773). - Update patches.suse/ionic-Add-port-management-commands.patch (bsc#1167773). - Update patches.suse/ionic-Add-the-basic-NDO-callbacks-for-netdev-support.patch (bsc#1167773). - Update patches.suse/ionic-Fix-an-error-code-in-ionic_lif_alloc.patch (bsc#1167773). - Update patches.suse/ionic-Remove-set-but-not-used-variable-sg_desc.patch (bsc#1167773). - Update patches.suse/ionic-Remove-unnecessary-ternary-operator-in-ionic_d.patch (bsc#1167773). - Update patches.suse/ionic-Remove-unused-including-linux-version.h.patch (bsc#1167773). - Update patches.suse/ionic-add-Rx-dropped-packet-counter.patch (bsc#1167773). - Update patches.suse/ionic-add-a-watchdog-timer-to-monitor-heartbeat.patch (bsc#1167773). - Update patches.suse/ionic-add-decode-for-IONIC_RC_ENOSUPP.patch (bsc#1167773). - Update patches.suse/ionic-add-dynamic_debug-header.patch (bsc#1167773). - Update patches.suse/ionic-add-heartbeat-check.patch (bsc#1167773). - Update patches.suse/ionic-add-lif_quiesce-to-wait-for-queue-activity-to-.patch (bsc#1167773). - Update patches.suse/ionic-add-support-for-device-id-0x1004.patch (bsc#1167773). - Update patches.suse/ionic-add-timeout-error-checking-for-queue-disable.patch (bsc#1167773). - Update patches.suse/ionic-check-for-NULL-structs-on-teardown.patch (bsc#1167773). - Update patches.suse/ionic-check-for-linkup-in-watchdog.patch (bsc#1167773). - Update patches.suse/ionic-check-for-queues-before-deleting.patch (bsc#1167773). - Update patches.suse/ionic-clean-irq-affinity-on-queue-deinit.patch (bsc#1167773). - Update patches.suse/ionic-clean-tx-queue-of-unfinished-requests.patch (bsc#1167773). - Update patches.suse/ionic-clean-up-bitflag-usage.patch (bsc#1167773). - Update patches.suse/ionic-clear-compiler-warning-on-hb-use-before-set.patch (bsc#1167773). - Update patches.suse/ionic-decouple-link-message-from-netdev-state.patch (bsc#1167773). - Update patches.suse/ionic-deinit-rss-only-if-selected.patch (bsc#1167773). - Update patches.suse/ionic-disable-the-queues-on-link-down.patch (bsc#1167773). - Update patches.suse/ionic-drop-use-of-subdevice-tags.patch (bsc#1167773). - Update patches.suse/ionic-fix-fw_status-read.patch (bsc#1167773). - Update patches.suse/ionic-fix-rxq-comp-packet-type-mask.patch (bsc#1167773). - Update patches.suse/ionic-fix-stats-memory-dereference.patch (bsc#1167773). - Update patches.suse/ionic-fix-unused-assignment.patch (bsc#1167773). - Update patches.suse/ionic-fix-up-struct-name-comments.patch (bsc#1167773). - Update patches.suse/ionic-fix-vf-op-lock-usage.patch (bsc#1167773). - Update patches.suse/ionic-ignore-eexist-on-rx-filter-add.patch (bsc#1167773). - Update patches.suse/ionic-implement-ethtool-set-fec.patch (bsc#1167773). - Update patches.suse/ionic-implement-support-for-rx-sgl.patch (bsc#1167773). - Update patches.suse/ionic-improve-irq-numa-locality.patch (bsc#1167773). - Update patches.suse/ionic-ionic_if-bits-for-sr-iov-support.patch (bsc#1167773). - Update patches.suse/ionic-keep-ionic-dev-on-lif-init-fail.patch (bsc#1167773). - Update patches.suse/ionic-keep-users-rss-hash-across-lif-reset.patch (bsc#1167773). - Update patches.suse/ionic-leave-dev-cmd-request-contents-alone-on-FW-tim.patch (bsc#1167773). - Update patches.suse/ionic-make-spdxcheck.py-happy.patch (bsc#1167773). - Update patches.suse/ionic-move-debugfs-add-delete-to-match-alloc-free.patch (bsc#1167773). - Update patches.suse/ionic-move-irq-request-to-qcq-alloc.patch (bsc#1167773). - Update patches.suse/ionic-only-save-good-lif-dentry.patch (bsc#1167773). - Update patches.suse/ionic-print-data-for-unknown-xcvr-type.patch (bsc#1167773). - Update patches.suse/ionic-print-pci-bus-lane-info.patch (bsc#1167773). - Update patches.suse/ionic-remove-adminq-napi-instance.patch (bsc#1167773). - Update patches.suse/ionic-remove-lifs-on-fw-reset.patch (bsc#1167773). - Update patches.suse/ionic-remove-pragma-packed.patch (bsc#1167773). - Update patches.suse/ionic-replay-filters-after-fw-upgrade.patch (bsc#1167773). - Update patches.suse/ionic-report-users-coalesce-request.patch (bsc#1167773). - Update patches.suse/ionic-restrict-received-packets-to-mtu-size.patch (bsc#1167773). - Update patches.suse/ionic-reverse-an-interrupt-coalesce-calculation.patch (bsc#1167773). - Update patches.suse/ionic-select-CONFIG_NET_DEVLINK.patch (bsc#1167773). - Update patches.suse/ionic-set-station-addr-only-if-needed.patch (bsc#1167773). - Update patches.suse/ionic-simplify-returns-in-devlink-info.patch (bsc#1167773). - Update patches.suse/ionic-stop-devlink-warn-on-mgmt-device.patch (bsc#1167773). - Update patches.suse/ionic-support-ethtool-rxhash-disable.patch (bsc#1167773). - Update patches.suse/ionic-support-sr-iov-operations.patch (bsc#1167773). - Update patches.suse/ionic-update-driver-version.patch (bsc#1167773). - Update patches.suse/ionic-use-wait_on_bit_lock-rather-than-open-code.patch (bsc#1167773). - Update patches.suse/net-ionic-Use-scnprintf-for-avoiding-potential-buffe.patch (bsc#1167773). - commit cd1780f - update metadata of nvme patches and move them out from sorted section The nvme-5.8 branch in nvme repository got rebased fourth time in three weeks. Update Git-commit tags again and move the patches out of sorted section as keeping them there makes more harm than good. - update upstream reference and move to "almost mainline" section: patches.suse/lpfc-Commonize-lpfc_async_xchg_ctx-state-and-flag-de.patch patches.suse/lpfc-Refactor-NVME-LS-receive-handling.patch patches.suse/lpfc-Refactor-Send-LS-Abort-support.patch patches.suse/lpfc-Refactor-Send-LS-Request-support.patch patches.suse/lpfc-Refactor-Send-LS-Response-support.patch patches.suse/lpfc-Refactor-lpfc-nvme-headers.patch patches.suse/lpfc-Refactor-nvmet_rcv_ctx-to-create-lpfc_async_xch.patch patches.suse/lpfc-nvme-Add-Receive-LS-Request-and-Send-LS-Respons.patch patches.suse/lpfc-nvmet-Add-Send-LS-Request-and-Abort-LS-Request-.patch patches.suse/lpfc-nvmet-Add-support-for-NVME-LS-request-hosthandl.patch patches.suse/nvme-fc-Add-Disconnect-Association-Rcv-support.patch patches.suse/nvme-fc-Ensure-private-pointers-are-NULL-if-no-data.patch patches.suse/nvme-fc-Sync-header-to-FC-NVME-2-rev-1.08.patch patches.suse/nvme-fc-Update-header-and-host-for-common-definition.patch patches.suse/nvme-fc-and-nvmet-fc-revise-LLDD-api-for-LS-receptio.patch patches.suse/nvme-fc-convert-assoc_active-flag-to-bit-op.patch patches.suse/nvme-fc-nvmet-fc-refactor-for-common-LS-definitions.patch patches.suse/nvme-fcloop-add-target-to-host-LS-request-support.patch patches.suse/nvme-fcloop-refactor-to-enable-target-to-host-LS.patch patches.suse/nvmet-fc-Add-Disconnect-Association-Xmt-support.patch patches.suse/nvmet-fc-Better-size-LS-buffers.patch patches.suse/nvmet-fc-Update-target-for-common-definitions-for-LS.patch patches.suse/nvmet-fc-add-LS-failure-messages.patch patches.suse/nvmet-fc-perform-small-cleanups-on-unneeded-checks.patch patches.suse/nvmet-fc-rename-ls_list-to-ls_rcv_list.patch patches.suse/nvmet-fc-track-hostport-handle-for-associations.patch - commit 63b19d5 ++++ libcontainers-common: - Add registry.opensuse.org as default registry [bsc#1171578] ++++ lvm2: - Add missing patch, which mistakenly removed in lvm2 update + bug-998893_make_pvscan_service_after_multipathd.patch - Change lvm2.spec for fixing build error + lvm2.spec ++++ microos-devel-tools: - add rpmorphan tool ------------------------------------------------------------------ ------------------ 2020-5-12 - May 12 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Fix hv_alloc_hyperv_zeroed_page to actually return something (bsc#1171507) Refresh patches.suse/suse-hv-kabi.patch. - commit 2870dc6 - iwlwifi: mvm: fix non-ACPI function (git-fixes). - commit 676dedd - mm: don't prepare anon_vma if vma has VM_WIPEONFORK (bsc#1169681). - Delete patches.suse/0002-mm-set-vm_next-and-vm_prev-to-NULL-in-vm_area_dup.patch. The added patch is a proactive git-fix, the removed patch is unnecessary member of the same series (bsc#1169681). - commit a316e23 - x86/entry/64: Fix unwind hints in rewind_stack_do_exit() (bsc#1058115). - commit 3901d59 - pinctrl: denverton: Update pin names according to v1.08 (bsc#1171514). - commit 2f0f43d - pinctrl: denverton: Provide Interrupt Status register offset (bsc#1171514). - commit 60af7d7 - x86/entry/64: Fix unwind hints in __switch_to_asm() (bsc#1058115). - commit 9d0fdcf - x86/entry/64: Fix unwind hints in kernel exit path (bsc#1058115). - commit 5322f7b - x86/entry/64: Fix unwind hints in register clearing code (bsc#1058115). - commit 74bcafb - objtool: Fix stack offset tracking for indirect CFAs (bsc#1169514). - commit bcaa294 - blacklist.conf: add one net entry - commit 8a6918a - net: macb: Fix runtime PM refcounting (git-fixes). - selftests: Fix suppress test in fib_tests.sh (git-fixes). - commit b936936 - Refresh patches.suse/net-mlx5-Remove-redundant-NULL-initializations.patch. Folded in merge commit 95e6ba5133163f8241c9ea2439369cec0452fec6 from Linus: [ Did an evil merge to silence a warning introduced by this pull - Linus ] - commit 6693a9f - cxgb4: fix EOTID leak when disabling TC-MQPRIO offload (jsc#SLE-8389). - ionic: refresh devinfo after fw-upgrade (bsc#1167773). - ionic: no link check until after probe (bsc#1167773). - net/mlx5e: Fix q counters on uplink representors (jsc#SLE-8464). - net/mlx5: DR, On creation set CQ's arm_db member to right value (jsc#SLE-8464). - net/mlx5: Expose port speed when possible (bsc#1171117). - net/mlx5: Expose link speed directly (bsc#1171117). - commit 0b73846 - tracing/kprobes: Fix a double initialization typo (git-fixes). - commit 84310a8 - tracing: Add a vmalloc_sync_mappings() for safe measure (git-fixes). - commit 2019d7b - clocksource/drivers/hyper-v: Set TSC clocksource as default w/ InvariantTSC (bsc#1170621). - x86/hyperv: Allow guests to enable InvariantTSC (bsc#1170621). - commit 16f337f ------------------------------------------------------------------ ------------------ 2020-5-11 - May 11 2020 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.3.0: * news: add notes for 2.3.0 * config/v3_2_experimental: update all copyright dates * doc/configuration-*: update for new spec * tests: stabilize spec 3.1.0 * *: update for new experimental spec * config/v3_2_experimental: set up package * config/v3_2_experimental: copy from config/v3_1 * config/v3_1_experimental: mark stable * doc/development: update spec stabilization instructions * config: rename function for clarity * tests: bump invalid 2.x experimental version to match spec2x branch * config/v3_1_experimental: add some missing version tests * config/v3_1/translate: fix package name * doc/migrating-configs: update for 3.1.0 * resource/url: allow compression in data URLs * doc/migrating-configs: mention spec 2.4.0 * validate: accept any supported config version * exec: drop validate.go * doc/migrating-configs: put newest version first * Add SHA-256 reference in the docs * Add SHA-256 support for file verification * ci: run blackbox tests in CoreOS CI * Send ssh_authorized keys info into the journald log * Update go-systemd with the systemd module * Send a message to the systemd journal if a user config is provided * tests: add positive tests for resource compression * spec: unify resource fetching type * doc: clarify wording of files.*.verification.hash * vendor: refresh after gomod changes * gomod: update to go-systemd v22 * stages: fix package names * providers/packet: override Accept header fetching instance metadata * resource/url: allow caller-specified headers to override defaults * Allow to specify HTTP headers for fetching configs and files ++++ kernel-default: - ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() (bsc#1159886). - vdso/datapage: Use correct clock mode name in comment (bsc#1164648,jsc#SLE-11493). - time/namespace: Fix time_for_children symlink (bsc#1164648,jsc#SLE-11493). - ipc/util.c: sysvipc_find_ipc() should increase position index (bsc#1171236). - ipc/shm.c: make compat_ksys_shmctl() static (bsc#1159886). - ipc/mqueue.c: fix a brace coding style issue (bsc#1159886). - epoll: fix possible lost wakeup on epoll_ctl() path. - commit dbaec66 - usb: dwc3: gadget: Properly set maxpacket limit (git-fixes). - wimax/i2400m: Fix potential urb refcnt leak (git-fixes). - drm/amdgpu: Correctly initialize thermal controller for GPUs with Powerplay table v0 (e.g Hawaii) (git-fixes). - remoteproc: qcom_q6v5_mss: fix a bug in q6v5_probe() (git-fixes). - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event (git-fixes). - mac80211: add ieee80211_is_any_nullfunc() (git-fixes). - platform/x86: GPD pocket fan: Fix error message when temp-limits are out of range (git-fixes). - PM / devfreq: Add missing locking while setting suspend_freq (git-fixes). - remoteproc: Fix wrong rvring index computation (git-fixes). - commit 4da097b - PCI/DPC: Add Error Disconnect Recover (EDR) support (bsc#1169263). - Update config files. - Refresh patches.suse/0001-kABI-more-hooks-for-PCI-changes.patch. - commit dc2f3a4 - x86/asm/64: Align start of __clear_user() loop to 16-bytes (bsc#1168461) - commit 1bafa6b - kABI: Fix kABI after EDR backport (bsc#1169263, jsc#SLE-10700, jsc#SLE-9457, jsc#SLE-12300). - commit 3c954c1 - xhci: Fix handling halted endpoint even if endpoint ring appears empty (git-fixes). - Refresh patches.suse/xhci-Don-t-clear-hub-TT-buffer-on-ep0-protocol-stall.patch. - commit 6ca613f - net: dsa: bcm_sf2: Ensure correct sub-node is parsed (networking-stable-20_04_09). - mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE (networking-stable-20_04_09). - net: dsa: bcm_sf2: Do not register slave MDIO bus with OF (networking-stable-20_04_09). - net_sched: fix a missing refcnt in tcindex_init() (networking-stable-20_04_09). - net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting (networking-stable-20_04_09). - cxgb4: fix MPS index overwrite when setting MAC address (networking-stable-20_04_09). - ipv6: don't auto-add link-local address to lag ports (networking-stable-20_04_09). - net_sched: add a temporary refcnt for struct tcindex_data (networking-stable-20_04_09). - commit 964e915 - clk: qoriq: add cpufreq platform device (bsc#1165455). - cpufreq: qoriq: convert to a platform driver (bsc#1165455). - commit e0e9680 - asm-generic/tlb: add missing CONFIG symbol (bsc#1156395). - commit ee4dbba - supported.conf: cleanup - fix path of wireguard module - fix sort order - commit 5ca7d5d - series.conf: refresh - update upstream references and resort: patches.suse/scsi-ibmvfc-Don-t-send-implicit-logouts-prior-to-NPI.patch patches.suse/scsi-ibmvscsi-Fix-WARN_ON-during-event-pool-release.patch - commit 7f02596 - update metadata of nvme patches The nvme-5.8 branch in nvme repository got rebased again, update Git-commit tags: patches.suse/lpfc-Commonize-lpfc_async_xchg_ctx-state-and-flag-de.patch patches.suse/lpfc-Refactor-NVME-LS-receive-handling.patch patches.suse/lpfc-Refactor-Send-LS-Abort-support.patch patches.suse/lpfc-Refactor-Send-LS-Request-support.patch patches.suse/lpfc-Refactor-Send-LS-Response-support.patch patches.suse/lpfc-Refactor-lpfc-nvme-headers.patch patches.suse/lpfc-Refactor-nvmet_rcv_ctx-to-create-lpfc_async_xch.patch patches.suse/lpfc-nvme-Add-Receive-LS-Request-and-Send-LS-Respons.patch patches.suse/lpfc-nvmet-Add-Send-LS-Request-and-Abort-LS-Request-.patch patches.suse/lpfc-nvmet-Add-support-for-NVME-LS-request-hosthandl.patch patches.suse/nvme-fc-Add-Disconnect-Association-Rcv-support.patch patches.suse/nvme-fc-Ensure-private-pointers-are-NULL-if-no-data.patch patches.suse/nvme-fc-Sync-header-to-FC-NVME-2-rev-1.08.patch patches.suse/nvme-fc-Update-header-and-host-for-common-definition.patch patches.suse/nvme-fc-and-nvmet-fc-revise-LLDD-api-for-LS-receptio.patch patches.suse/nvme-fc-convert-assoc_active-flag-to-bit-op.patch patches.suse/nvme-fc-nvmet-fc-refactor-for-common-LS-definitions.patch patches.suse/nvme-fcloop-add-target-to-host-LS-request-support.patch patches.suse/nvme-fcloop-refactor-to-enable-target-to-host-LS.patch patches.suse/nvmet-fc-Add-Disconnect-Association-Xmt-support.patch patches.suse/nvmet-fc-Better-size-LS-buffers.patch patches.suse/nvmet-fc-Update-target-for-common-definitions-for-LS.patch patches.suse/nvmet-fc-add-LS-failure-messages.patch patches.suse/nvmet-fc-perform-small-cleanups-on-unneeded-checks.patch patches.suse/nvmet-fc-rename-ls_list-to-ls_rcv_list.patch patches.suse/nvmet-fc-track-hostport-handle-for-associations.patch - commit 0113fce - btrfs: relocation: Work around dead relocation stage loop (bsc#1171417). - commit f418462 - btrfs: relocation: Check cancel request after each extent found (bsc#1171417). - commit 9d1084e - btrfs: relocation: Check cancel request after each data page read (bsc#1171417). - commit 6e7cf97 - btrfs: relocation: add error injection points for cancelling balance (bsc#1171417). - commit ef70462 ++++ gnutls: - Add RSA 4096 key generation support in FIPS mode (bsc#1171422) * add gnutls-3.6.7-fips-rsa-4096.patch ++++ permissions: - Remove setuid bit for newgidmap and newuidmap in paranoid profile (bsc#1171173) ------------------------------------------------------------------ ------------------ 2020-5-10 - May 10 2020 ------------------- ------------------------------------------------------------------ ++++ microos-tools: - Update to version 2.0 - use autoconf tools to support libexecdir ------------------------------------------------------------------ ------------------ 2020-5-9 - May 9 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - staging: gasket: Check the return value of gasket_get_bar_index() (git-fixes). - Revert "tty: serial: bcm63xx: fix missing clk_put() in bcm63xx_uart" (git-fixes). - USB: serial: garmin_gps: add sanity checking for data length (git-fixes). - drm: ingenic-drm: add MODULE_DEVICE_TABLE (git-fixes). - commit e8b3583 ------------------------------------------------------------------ ------------------ 2020-5-8 - May 8 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - build tegra186 as a module (bsc#1171156) - export MODULE_DEVICE_TABLE to allow building as module: add patches.suse/gpio-tegra186-export-MODULE_DEVICE_TABLE.patch - update arm64 configs (GPIO_TEGRA186 y->m) - add gpio-tegra186 entry to supported.conf - soc/tegra: pmc: Enable PMIC wake event on Tegra186. - commit 70ad6b5 - Update patches.suse/net-dsa-felix-Use-PHY_INTERFACE_MODE_INTERNAL-instea.patch upstream reference and move to sorted section. - commit c046bd4 - Update patches.suse/net-mscc-fix-in-frame-extraction.patch upstream reference and move to sorted section. - commit 28974d3 ------------------------------------------------------------------ ------------------ 2020-5-7 - May 7 2020 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-19-1149066a54a372b30b7cbd79cd222e11d96dc984.patch * Not all XTerm based emulators do have an terminfo entry (boo#1087982) - Add patch git-20-6452441f2054b4b290c089ce6269889993b95fc1.patch * Better support of Midnight Commander (bsc#1170527) ++++ kernel-default: - kernel-docs: Change Requires on python-Sphinx to earlier than version 3 References: bsc#1166965 From 3 on the internal API that the build system uses was rewritten in an incompatible way. See https://github.com/sphinx-doc/sphinx/issues/7421 and https://bugzilla.suse.com/show_bug.cgi?id=1166965#c16 for some details. - commit cf60b5c - libnvdimm: cover up nd_region changes (bsc#1162400). - commit 528df6d - libnvdimm: cover up struct nvdimm changes (bsc#1171742). - commit 78df47c - ceph: fix potential bad pointer deref in async dirops cb's (bsc#1171390). - rbd: don't mess with a page vector in rbd_notify_op_lock() (bsc#1171391). - rbd: don't test rbd_dev->opts in rbd_dev_image_release() (bsc#1171392). - commit 11ed7ef - libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742). - commit 37c125e - libnvdimm: cover up nd_pfn_sb changes (bsc#1171759). - commit 59fc719 - Update config files: Build w1 bus on arm64 (jsc#SLE-12203) - supported.conf: support w1 core and thermometer support - commit 73998d2 - sched/psi: Fix OOB write when writing 0 bytes to PSI files (CVE-2020-0110 bsc#1171374). - commit 0044c49 - dp83640: reverse arguments to list_add_tail (git-fixes). - batman-adv: Fix refcnt leak in batadv_v_ogm_process (git-fixes). - batman-adv: Fix refcnt leak in batadv_store_throughput_override (git-fixes). - batman-adv: Fix refcnt leak in batadv_show_throughput_override (git-fixes). - batman-adv: fix batadv_nc_random_weight_tq (git-fixes). - crypto: arch/nhpoly1305 - process in explicit 4k chunks (git-fixes). - crypto: arch/lib - limit simd usage to 4k chunks (git-fixes). - commit fbff5a5 - series.conf: cleanup - update upstream references and resort: patches.suse/bnxt_en-Fix-VF-anti-spoof-filter-setup.patch patches.suse/bnxt_en-Fix-VLAN-acceleration-handling-in-bnxt_fix_f.patch patches.suse/bnxt_en-Improve-AER-slot-reset.patch patches.suse/bnxt_en-Reduce-BNXT_MSIX_VEC_MAX-value-to-supported-.patch patches.suse/bnxt_en-Return-error-when-allocating-zero-size-conte.patch patches.suse/ibmvnic-Skip-fatal-error-reset-after-passive-init.patch - commit 7b08e5b ++++ gcc10: - Update to gcc-10 branch head (dd38686d9c810cecbaa80bb82e), git40. * Includes GCC 10.1 release. ++++ salt: - Fix CVE-2020-11651 and CVE-2020-11652 (bsc#1170595) - Do not require vendored backports-abc (bsc#1170288) - Fix partition.mkpart to work without fstype (bsc#1169800) - Added: * fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch * remove-vendored-backports-abc-from-requirements.patch * fix-cve-2020-11651-and-fix-cve-2020-11652.patch ------------------------------------------------------------------ ------------------ 2020-5-6 - May 6 2020 ------------------- ------------------------------------------------------------------ ++++ cracklib: - use /usr/lib instead of %{_libexecdir}, %{_libexecdir} should contain internal binaries, not data ++++ kernel-default: - add kabi reference files - import from Public RC2 submission (commit b8c70f8e938e) - enable kabi checking for -default and -preempt flavors - commit 297cfce - supported.conf: mark cuse as supported (bsc#1171279) - commit 57d34e1 - x86/cpu: Add a steppings field to struct x86_cpu_id (bsc#1152489). - commit 0e87eea - PM: hibernate: Freeze kernel threads in software_resume() (git-fixes). - PM: ACPI: Output correct message on target power state (git-fixes). - dmaengine: dmatest: Fix iteration non-stop logic (git-fixes). - drm/amd/display: Fix green screen issue after suspend (git-fixes). - drm/edid: Fix off-by-one in DispID DTD pixel clock (git-fixes). - mmc: sdhci-msm: Enable host capabilities pertains to R1b response (git-fixes). - commit 2128020 - blacklist.conf: Append 'drm/amdgpu/powerplay: using the FCLK DPM table to set the MCLK' - commit 8f1a5e9 - blacklist.conf: Append 'drm/i915/gt: Close race between cacheline_retire and free' - commit 8f35802 - drm/i915/gt: Stage the transfer of the virtual breadcrumb (bsc#1152489) * context changes - commit dd7c1b9 - drm/i915: Apply Wa_1406680159:icl,ehl as an engine workaround (bsc#1152489) * context changes - commit 1b9f5c3 - blacklist.conf: Append 'drm/i915/gt: Avoid resetting ring->head outside of its timeline mutex' - commit ce5eb60 - arm64: blacklist.conf: ignore commit that got reveted later - commit ea9a578 - arm64: Update config files. (bsc#1170680) Enable CONFIG_KEXEC_SIG and CONFIG_KEXEC_IMAGE_VERIFY_SIG - commit 83dffa3 - arm64: kexec_file: Fixed code style (bsc#1170680). - arm64: kexec_file: add crash dump support (bsc#1170680). - libfdt: include fdt_addresses.c (bsc#1170680). - arm64: kexec: remove unnecessary debug prints (bsc#1170680). - libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h (bsc#1170680). - commit 3e603a5 - arm64: Use pr_warn instead of pr_warning (bsc#1170680). - Refresh patches.suse/arm64-smp-fix-smp_send_stop-behaviour.patch. - commit deabe43 - arm64: smp: Treat unknown boot failures as being 'stuck in kernel' (bsc#1170680). - arm64: kexec_file: add rng-seed support (bsc#1170680). - arm64/kexec: Use consistent convention of initializing 'kxec_buf.mem' with KEXEC_BUF_MEM_UNKNOWN (bsc#1170680). - commit b8854a2 - fix patches metadata - fix Patch-mainline tags: patches.suse/NFS-Directory-page-cache-pages-need-to-be-locked-whe.patch patches.suse/NFS-Fix-a-page-leak-in-nfs_destroy_unlinked_subreque.patch patches.suse/NFS-Fix-fix-of-show_nfs_errors.patch patches.suse/NFS-Fix-memory-leaks-and-corruption-in-readdir.patch patches.suse/NFS-Fix-races-nfs_page_group_destroy-vs-nfs_destroy_.patch patches.suse/NFS-Fix-use-after-free-issues-in-nfs_pageio_add_requ.patch patches.suse/NFS-Revalidate-the-file-mapping-on-all-fatal-writeba.patch patches.suse/NFS-Revalidate-the-file-size-on-a-fatal-write-error.patch patches.suse/NFS-alloc_nfs_open_context-must-use-the-file-cred-wh.patch patches.suse/NFS-pnfs-Fix-pnfs_generic_prepare_to_resend_writes.patch patches.suse/NFSD-fixing-possible-null-pointer-derefering-in-copy.patch patches.suse/NFSv2-Fix-a-typo-in-encode_sattr.patch patches.suse/NFSv4-pnfs-Return-valid-stateids-in-nfs_layout_find_.patch patches.suse/NFSv4-pnfs_roc-must-use-cred_fscmp-to-compare-creds.patch patches.suse/NFSv4-try-lease-recovery-on-NFS4ERR_EXPIRED.patch patches.suse/NFSv4.0-nfs4_do_fsinfo-should-not-do-implicit-lease-.patch patches.suse/NFSv4.1-fix-handling-of-backchannel-binding-in-BIND_.patch patches.suse/NFSv4.1-make-cachethis-no-for-writes.patch patches.suse/NFSv4.x-Drop-the-slot-if-nfs4_delegreturn_prepare-wa.patch patches.suse/NFSv4.x-Handle-bad-dead-sessions-correctly-in-nfs41_.patch patches.suse/SUNRPC-Fix-a-potential-buffer-overflow-in-svc_print_.patch patches.suse/SUNRPC-Fix-backchannel-RPC-soft-lockups.patch patches.suse/SUNRPC-Remove-unreachable-error-condition.patch patches.suse/nfs-Fix-potential-posix_acl-refcnt-leak-in-nfs3_set_.patch patches.suse/nfsd-Don-t-add-locks-to-closed-or-closing-open-state.patch patches.suse/nfsd-Fix-NFSv4-READ-on-RDMA-when-using-readv.patch patches.suse/nfsd-Return-the-correct-number-of-bytes-written-to-t.patch patches.suse/nfsd-depend-on-CRYPTO_MD5-for-legacy-client-tracking.patch patches.suse/nfsd-fix-delay-timer-on-32-bit-architectures.patch patches.suse/nfsd-fix-jiffies-time_t-mixup-in-LRU-list.patch patches.suse/nfsd-fsnotify-on-rmdir-under-nfsd-clients.patch patches.suse/nfsd-memory-corruption-in-nfsd4_lock.patch patches.suse/nfsd-remove-nfs4_reset_lease-declarations.patch patches.suse/nfsd4-fix-up-replay_matches_cache.patch patches.suse/sunrpc-expiry_time-should-be-seconds-not-timeval.patch patches.suse/svcrdma-Fix-double-svc_rdma_send_ctxt_put-in-an-erro.patch patches.suse/svcrdma-Fix-leak-of-transport-addresses.patch - commit 913c3fc ++++ u-boot-rpiarm64: - Enable USB on RPi4 (jsc#SLE-12150) Patch queue updated from git://github.com/openSUSE/u-boot.git sle15-sp2 * Patches added: 0022-usb-xhci-Add-missing-cache-flush-in.patch 0023-usb-xhci-Use-only-32-bit-accesses-i.patch 0024-pci-Move-some-PCIe-register-offset-.patch 0025-rpi4-shorten-a-mapping-for-the-DRAM.patch 0026-rpi4-add-a-mapping-for-the-PCIe-XHC.patch 0027-linux-bitfield.h-Add-primitives-for.patch 0028-pci-Add-some-PCI-Express-capability.patch 0029-pci-Add-driver-for-Broadcom-STB-PCI.patch 0030-config-Enable-support-for-the-XHCI-.patch 0031-arm-rpi-Add-function-to-trigger-VL8.patch 0032-usb-xhci-Load-Raspberry-Pi-4-VL805-.patch ------------------------------------------------------------------ ------------------ 2020-5-5 - May 5 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix boot failure as journaled data not get drained due to abrupt power off after grub-install (bsc#1167756) * grub-install-force-journal-draining-to-ensure-data-i.patch ++++ kernel-default: - x86/cpu: Add consistent CPU match macros (bsc#1152489). - commit a70979e - x86/devicetable: Move x86 specific macro out of generic code (bsc#1152489). - commit 9581d95 - nvdimm: Avoid race between probe and reading device attributes (bsc#1170442). - commit daea9d3 - xfs: add agf freeblocks verify in xfs_agf_verify (bsc#1171217 CVE-2020-12655). - commit 08016b2 - xsk: Add missing check on user supplied headroom size (CVE-2020-12659 bsc#1171214). - commit 57877bb - Update patch reference tags for mwifiex security fixes (CVE-2020-12653 bsc#1171195 CVE-2020-12654 bsc#1171202) - commit 8da2e42 - Update patch reference tag for a bfq security fix (CVE-2020-12657 bsc#1171205) - commit a3037e6 - net: dsa: ksz: Select KSZ protocol tag (networking-stable-20_04_02). - net, ip_tunnel: fix interface lookup with no key (networking-stable-20_04_02). - sctp: fix possibly using a bad saddr with a given dst (networking-stable-20_04_02). - sctp: fix refcount bug in sctp_wfree (networking-stable-20_04_02). - ipv4: fix a RCU-list lock in fib_triestat_seq_show (networking-stable-20_04_02). - commit 841d154 - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features() (bsc#1171150). - bnxt_en: Return error when allocating zero size context memory (bsc#1171150). - bnxt_en: Improve AER slot reset (bsc#1171150). - bnxt_en: Reduce BNXT_MSIX_VEC_MAX value to supported CQs per PF (bsc#1171150). - bnxt_en: Fix VF anti-spoof filter setup (bsc#1171150). - bnxt_en: Reset rings if ring reservation fails during open() (bsc#1171150). - bnxt_en: Free context memory after disabling PCI in probe error path (bsc#1171150). - bnxt_en: Return error if bnxt_alloc_ctx_mem() fails (bsc#1171150). - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets() (bsc#1171150). - bnxt_en: Fix Priority Bytes and Packets counters in ethtool -S (bsc#1171150). - commit 0a89267 - xprtrdma: Fix trace point use-after-free race (git-fixes). - commit 52af41b - mlxsw: spectrum_mr: Fix list iteration in error path (networking-stable-20_03_28). - net: dsa: tag_8021q: replace dsa_8021q_remove_header with __skb_vlan_pop (networking-stable-20_03_28). - net: cbs: Fix software cbs to consider packet sending time (networking-stable-20_03_28). - net: dsa: Fix duplicate frames flooded by learning (networking-stable-20_03_28). - bnxt_en: Reset rings if ring reservation fails during open() (networking-stable-20_03_28). - bnxt_en: Free context memory after disabling PCI in probe error path (networking-stable-20_03_28). - bnxt_en: Return error if bnxt_alloc_ctx_mem() fails (networking-stable-20_03_28). - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets() (networking-stable-20_03_28). - bnxt_en: Fix Priority Bytes and Packets counters in ethtool -S (networking-stable-20_03_28). - macsec: restrict to ethernet devices (networking-stable-20_03_28). - ipv4: fix a RCU-list lock in inet_dump_fib() (networking-stable-20_03_28). - tcp: repair: fix TCP_QUEUE_SEQ implementation (networking-stable-20_03_28). - net: phy: dp83867: w/a for fld detect threshold bootstrapping issue (networking-stable-20_03_28). - net: stmmac: dwmac-rk: fix error path in rk_gmac_probe (networking-stable-20_03_28). - hsr: fix general protection fault in hsr_addr_is_self() (networking-stable-20_03_28). - cxgb4: fix Txq restart check during backpressure (networking-stable-20_03_28). - net/sched: act_ct: Fix leak of ct zone template on replace (networking-stable-20_03_28). - net: ip_gre: Accept IFLA_INFO_DATA-less configuration (networking-stable-20_03_28). - net: mvneta: Fix the case where the last poll did not process all rx (networking-stable-20_03_28). - net_sched: cls_route: remove the right filter from hashtable (networking-stable-20_03_28). - hsr: set .netnsok flag (networking-stable-20_03_28). - hsr: add restart routine into hsr_get_node_list() (networking-stable-20_03_28). - hsr: use rcu_read_lock() in hsr_get_node_{list/status}() (networking-stable-20_03_28). - net/packet: tpacket_rcv: avoid a producer race condition (networking-stable-20_03_28). - net: ip_gre: Separate ERSPAN newlink / changelink callbacks (networking-stable-20_03_28). - net_sched: hold rtnl lock in tcindex_partial_destroy_work() (networking-stable-20_03_28). - commit b6b5945 - svcrdma: Fix trace point use-after-free race (git-fixes). - commit 44461e4 - Revert "HID: wacom: generic: read the number of expected touches on a per collection basis" (git-fixes). - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices (git-fixes). - commit 16cdbdb - NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630). - commit a75f6f6 - SUNRPC: Remove unreachable error condition (git-fixes). - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl (git-fixes). - SUNRPC: Fix backchannel RPC soft lockups (git-fixes). - nfsd: memory corruption in nfsd4_lock() (git-fixes). - NFS: Fix use-after-free issues in nfs_pageio_add_request() (git-fixes). - NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() (git-fixes). - NFS: Fix a page leak in nfs_destroy_unlinked_subrequests() (git-fixes). - NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid() (git-fixes). - NFS: alloc_nfs_open_context() must use the file cred when available (git-fixes). - svcrdma: Fix leak of transport addresses (git-fixes). - SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' (git-fixes). - nfsd: fsnotify on rmdir under nfsd/clients/ (git-fixes). - nfsd: Don't add locks to closed or closing open stateids (git-fixes). - svcrdma: Fix double svc_rdma_send_ctxt_put() in an error path (git-fixes). - nfsd: Fix NFSv4 READ on RDMA when using readv (git-fixes). - NFSv4.1 make cachethis=no for writes (git-fixes). - sunrpc: expiry_time should be seconds not timeval (git-fixes). - nfsd: remove nfs4_reset_lease() declarations (git-fixes). - nfsd: fix jiffies/time_t mixup in LRU list (git-fixes). - nfsd: fix delay timer on 32-bit architectures (git-fixes). - nfsd: Return the correct number of bytes written to the file (git-fixes). - NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals (git-fixes). - NFSv4: try lease recovery on NFS4ERR_EXPIRED (git-fixes). - NFS: Directory page cache pages need to be locked when read (git-fixes). - NFS: Fix memory leaks and corruption in readdir (git-fixes). - NFSv4: pnfs_roc() must use cred_fscmp() to compare creds (git-fixes). - NFS: Fix fix of show_nfs_errors (git-fixes). - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() (git-fixes). - NFS: Revalidate the file mapping on all fatal writeback errors (git-fixes). - NFS: Revalidate the file size on a fatal write error (git-fixes). - nfsd: depend on CRYPTO_MD5 for legacy client tracking (git-fixes). - NFSD fixing possible null pointer derefering in copy offload (git-fixes). - nfsd4: fix up replay_matches_cache() (git-fixes). - NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for layoutreturn (git-fixes). - NFSv4.x: Handle bad/dead sessions correctly in nfs41_sequence_process() (git-fixes). - NFSv2: Fix a typo in encode_sattr() (git-fixes). - commit d9c3108 ------------------------------------------------------------------ ------------------ 2020-5-4 - May 4 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: acquire superblock freeze protection on eofblocks scans (git-fixes). - commit ae8b96a - xfs: clear PF_MEMALLOC before exiting xfsaild thread (git-fixes). - commit a472c36 - RDMA/core: Fix overwriting of uobj in case of error (jsc#SLE-8449). - RDMA/uverbs: Fix a race with disassociate and exit_mmap() (jsc#SLE-8449). - commit fcb09af - ibmvnic: Skip fatal error reset after passive init (bsc#1171078 ltc#184239). - commit b0e0859 - arm64: dts: allwinner: a64: Fix display clock register range (bsc#1171081). - arm64: bcm2835: Drop select of nonexistent HAVE_ARM_ARCH_TIMER (bsc#1171079). - ARM: bcm2835-rpi-zero-w: Add missing pinctrl name (bsc#1171075). - arm64: alternative: fix build with clang integrated assembler (bsc#1171076). - arm64: compat: Fix syscall number of compat_clock_getres (bsc#1171080). - arm64: smp: fix crash_smp_send_stop() behaviour (bsc#1171082). - arm64: smp: fix smp_send_stop() behaviour (bsc#1171083). - compat: ARM64: always include asm-generic/compat.h (bsc#1171084). - commit 559d336 - Update patches.suse/firmware-raspberrypi-introduce-vl805-init-routine.patch. - commit 984c0bd - blacklist.conf: add aer_inject entry It requires the new irq injection infrastructure. - commit a8523ff - Revert "serial: uartps: Fix uartps_major handling" (git-fixes). - net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array (git-fixes). - commit 7b95e1e - random: always use batched entropy for get_random_u{32,64} (git-fixes). - commit 6e4b6dc ++++ kernel-default-base: - Add hardware-specific crc32c implementations (boo#1171065) ++++ slirp4netns: - Update to 0.4.5 (bsc#1170940) * libslirp: update to v4.3.0: * Fix use-afte-free in ip_reass() (CVE-2020-1983) ++++ u-boot-rpiarm64: Fix grub2 console (bsc#1166971, bsc#1160464) Patch queue updated from git://github.com/openSUSE/u-boot.git sle15-sp2 * Patches added: 0021-efi_loader-imply-VIDEO_ANSI.patch ------------------------------------------------------------------ ------------------ 2020-5-3 - May 3 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - series.conf: cleanup - update upstream references and resort: patches.suse/ALSA-pcm-oss-Place-the-plugin-buffer-overflow-checks.patch patches.suse/scsi-qla2xxx-check-UNLOADING-before-posting-async-wo.patch patches.suse/scsi-qla2xxx-set-UNLOADING-before-waiting-for-sessio.patch - commit ed4ef69 - update metadata of nvme patches The nvme-5.8 branch in nvme repository got rebased again, update Git-commit tags: patches.suse/lpfc-Commonize-lpfc_async_xchg_ctx-state-and-flag-de.patch patches.suse/lpfc-Refactor-NVME-LS-receive-handling.patch patches.suse/lpfc-Refactor-Send-LS-Abort-support.patch patches.suse/lpfc-Refactor-Send-LS-Request-support.patch patches.suse/lpfc-Refactor-Send-LS-Response-support.patch patches.suse/lpfc-Refactor-lpfc-nvme-headers.patch patches.suse/lpfc-Refactor-nvmet_rcv_ctx-to-create-lpfc_async_xch.patch patches.suse/lpfc-nvme-Add-Receive-LS-Request-and-Send-LS-Respons.patch patches.suse/lpfc-nvmet-Add-Send-LS-Request-and-Abort-LS-Request-.patch patches.suse/lpfc-nvmet-Add-support-for-NVME-LS-request-hosthandl.patch patches.suse/nvme-fc-Add-Disconnect-Association-Rcv-support.patch patches.suse/nvme-fc-Ensure-private-pointers-are-NULL-if-no-data.patch patches.suse/nvme-fc-Sync-header-to-FC-NVME-2-rev-1.08.patch patches.suse/nvme-fc-Update-header-and-host-for-common-definition.patch patches.suse/nvme-fc-and-nvmet-fc-revise-LLDD-api-for-LS-receptio.patch patches.suse/nvme-fc-convert-assoc_active-flag-to-bit-op.patch patches.suse/nvme-fc-nvmet-fc-refactor-for-common-LS-definitions.patch patches.suse/nvme-fcloop-add-target-to-host-LS-request-support.patch patches.suse/nvme-fcloop-refactor-to-enable-target-to-host-LS.patch patches.suse/nvmet-fc-Add-Disconnect-Association-Xmt-support.patch patches.suse/nvmet-fc-Better-size-LS-buffers.patch patches.suse/nvmet-fc-Update-target-for-common-definitions-for-LS.patch patches.suse/nvmet-fc-add-LS-failure-messages.patch patches.suse/nvmet-fc-perform-small-cleanups-on-unneeded-checks.patch patches.suse/nvmet-fc-rename-ls_list-to-ls_rcv_list.patch patches.suse/nvmet-fc-track-hostport-handle-for-associations.patch - commit a859813 ------------------------------------------------------------------ ------------------ 2020-5-2 - May 2 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Update SPEC file to handle the fact that the service_del_postun_without_restart RPM macro exists in factory but not in SLE. No functional change for factory. ++++ kernel-default: - PCI: Add ACS quirk for iProc PAXB (git-fixes). - Refresh patches.suse/PCI-Add-ACS-quirk-for-Amazon-Annapurna-Labs-root-por.patch. - commit aef108e - i2c: aspeed: Avoid i2c interrupt status clear race condition (git-fixes). - i2c: amd-mp2-pci: Fix Oops in amd_mp2_pci_init() error handling (git-fixes). - i2c: iproc: generate stop event for slave writes (git-fixes). - drm/qxl: qxl_release use after free (git-fixes). - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() (git-fixes). - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() (git-fixes). - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers (git-fixes). - mmc: sdhci-xenon: fix annoying 1.8V regulator warning (git-fixes). - mmc: cqhci: Avoid false "cqhci: CQE stuck on" by not open-coding timeout loop (git-fixes). - mmc: meson-mx-sdio: remove the broken ->card_busy() op (git-fixes). - mmc: meson-mx-sdio: Set MMC_CAP_WAIT_WHILE_BUSY (git-fixes). - PCI: Move Apex Edge TPU class quirk to fix BAR assignment (git-fixes). - hwmon: (jc42) Fix name to have no illegal characters (git-fixes). - mac80211: fix channel switch trigger from unknown mesh peer (git-fixes). - PCI: Add ACS quirk for Zhaoxin Root/Downstream Ports (git-fixes). - PCI: Add ACS quirk for Zhaoxin multi-function devices (git-fixes). - PCI: Add Zhaoxin Vendor ID (git-fixes). - PCI: Avoid ASMedia XHCI USB PME# from D0 defect (git-fixes). - PCI: Unify ACS quirk desired vs provided checking (git-fixes). - PCI: Make ACS quirk implementations more uniform (git-fixes). - commit 21a860f - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID (git-fixes). - ALSA: opti9xx: shut up gcc-10 range warning (git-fixes). - ALSA: hda/hdmi: fix without unlocked before return (git-fixes). - ALSA: hda/hdmi: fix race in monitor detection during probe (git-fixes). - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter (git-fixes). - ALSA: line6: Fix POD HD500 audio playback (git-fixes). - ALSA: hda: Match both PCI ID and SSID for driver blacklist (git-fixes). - commit f537abd - Move the upstreamed sound and scsi patches to the mainline section - commit f5d1d6a - libnvdimm/region: Fix build error (bsc#1162400). - libnvdimm/region: Introduce an 'align' attribute (bsc#1162400). - commit cdf6722 - libnvdimm/region: Introduce NDD_LABELING (bsc#1162400). - libnvdimm/namespace: Enforce memremap_compat_align() (bsc#1162400). - libnvdimm/pfn: Prevent raw mode fallback if pfn-infoblock valid (bsc#1171743). - commit f5c3d9e - mm/memremap_pages: Introduce memremap_compat_align() (bsc#1162400). - Update configs for the above change. - Refresh patches.suse/powerpc-bpf-Enable-bpf_probe_read-str-on-powerpc-aga.patch. - mm/memremap_pages: Kill unused __devm_memremap_pages() (bsc#1162400). - libnvdimm/btt: fix variable 'rc' set but not used (bsc#1162400). - libnvdimm/namsepace: Don't set claim_class on error (bsc#1162400). - commit 312e489 - lib: Uplevel the pmem "region" ida to a global allocator (bc#1162400). - Update configs for the above change. - libnvdimm: Use PAGE_SIZE instead of SZ_4K for align check (bsc#1171759). - libnvdimm/label: Remove the dpa align check (bsc#1171759). - libnvdimm/pfn_dev: Add page size and struct page size to pfn superblock (bsc#1171759). - commit c578923 - libnvdimm/pmem: Advance namespace seed for specific probe errors (bsc#1171743). - libnvdimm/pfn_dev: Add a build check to make sure we notice when struct page size change (bsc#1171743). - Refresh for the above changes, patches.suse/libnvdimm-namespace-Differentiate-between-probe-mapp.patch. - commit 9e70235 ++++ gcc10: - Update to gcc-10 branch head (2aaa1dc3c87372fd55c1c33aa7a), git5. * Includes first release candidate for GCC 10.1. * Includes gcc10-pr94734.patch ------------------------------------------------------------------ ------------------ 2020-5-1 - May 1 2020 ------------------- ------------------------------------------------------------------ ++++ gstreamer-plugins-base: - Remove is_opensuse conditionals / really enable orc on SLE 15 (jsc#SLE-12265). ++++ kernel-default: - libnvdimm/region: Rewrite _probe_success() to _advance_seeds() (bsc#1171743). - commit dd1569b - libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742). - Refresh for the above change, patches.suse/libnvdimm-prevent-nvdimm-from-requesting-key-when-security.patch. - commit 307a9c7 - libnvdimm/of_pmem: Provide a unique name for bus provider (bsc#1171739). - commit 3aff0cd - fanotify: fix merging marks masks with FAN_ONDIR (bsc#1170799). - commit 5edf4ab - Revert an ASoC meson backport that is known to to break Delete patches.suse/ASoC-meson-axg-card-fix-codec-to-codec-link-setup.patch Add the commit to blacklist.conf, too - commit d6f33c1 ++++ libpwquality: - Add baselibs.conf ------------------------------------------------------------------ ------------------ 2020-4-30 - Apr 30 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - libnvdimm: Out of bounds read in __nd_ioctl() (bsc#1065729). - mm/memremap: drop unused SECTION_SIZE and SECTION_MASK (bsc#1162400 bsc#1170895 ltc#184375 ltc#185686). - commit ceaa507 - Update patch reference for a USB core fix (CVE-2020-12464 bsc#1170901) - commit c3ba43e - fix patch metadata - fix Patch-mainline, drop Git-repo and Git-commit: patches.suse/net-phy-realtek-fix-handling-of-RTL8105e-integrated-.patch - commit d71cae8 - Update patches.suse/mt76-fix-array-overflow-on-receiving-too-many-fragme.patch (bsc#1170828 CVE-2020-12465). Added bsc and CVE number - commit 62c98d8 - drm/i915: properly sanity check batch_start_offset (git-fixes). - commit 6a1493c - tty: hvc: fix buffer overflow during hvc_alloc() (git-fixes). - watchdog: reset last_hw_keepalive time at start (git-fixes). - Revert "software node: Simplify software_node_release() function" (git-fixes). - intel_th: msu: Fix window switching without windows (git-fixes). - commit f284d1e - crypto: caam - fix the address of the last entry of S/G (git-fixes). - USB: sisusbvga: Change port variable from signed to unsigned (git-fixes). - usb-storage: Add unusual_devs entry for JMicron JMS566 (git-fixes). - xhci: prevent bus suspend if a roothub port detected a over-current condition (git-fixes). - USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE (git-fixes). - usb: typec: tcpm: Ignore CC and vbus changes in PORT_RESET change (git-fixes). - cdc-acm: introduce a cool down (git-fixes). - cdc-acm: close race betrween suspend() and acm_softint (git-fixes). - USB: core: Fix free-while-in-use bug in the USB S-Glibrary (git-fixes). - serial: sh-sci: Make sure status register SCxSR is read in correct sequence (git-fixes). - staging: comedi: dt2815: fix writing hi byte of analog output (git-fixes). - iwlwifi: mvm: fix inactive TID removal return value usage (git-fixes). - iwlwifi: mvm: Do not declare support for ACK Enabled Aggregation (git-fixes). - iwlwifi: mvm: beacon statistics shouldn't go backwards (git-fixes). - drm/amd/display: Calculate scaling ratios on every medium/full update (git-fixes). - drm/amd/display: Update stream adjust in dc_stream_adjust_vmin_vmax (git-fixes). - drm/amd/display: Not doing optimize bandwidth if flip pending (git-fixes). - xhci: Finetune host initiated USB3 rootport link suspend and resume (git-fixes). - xhci: Wait until link state trainsits to U0 after setting USB_SS_PORT_LS_U0 (git-fixes). - xhci: Ensure link state is U3 after setting USB_SS_PORT_LS_U3 (git-fixes). - PCI/PM: Add pcie_wait_for_link_delay() (git-fixes). - PCI/ASPM: Allow re-enabling Clock PM (git-fixes). - commit 69b68ab - bpf: Fix handling of XADD on BTF memory (bsc#1155518). - bpf: Forbid XADD on spilled pointers for unprivileged users (bsc#1155518). - commit 60505c2 ++++ openldap2: - bsc#1170771 (CVE-2020-12243) - recursive filters may crash server * patch: 0205-bsc-1170771-limit-depth-of-nested-filters.patch ++++ qemu: - Fix use after free in slirp networking code (CVE-2020-1983 bsc#1170940) Fix-use-afte-free-in-ip_reass-CVE-2020-1.patch - Increased disk space in _constraints file from 8GB to 9GB ++++ rebootmgr: - Update to version 1.1 - fix systemd and tmpfiles.d directory path - Use official tar archive ------------------------------------------------------------------ ------------------ 2020-4-29 - Apr 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: phy: realtek: fix handling of RTL8105e-integrated PHY (git-fixes). - commit 630c337 - USB: hub: Fix handling of connect changes during sleep (git-fixes). - usb: typec: altmode: Fix typec_altmode_get_partner sometimes returning an invalid pointer (git-fixes). - usb: gadget: udc: atmel: Fix vbus disconnect handling (git-fixes). - usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete (git-fixes). - geneve: use the correct nlattr array in NL_SET_ERR_MSG_ATTR (git-fixes). - drivers: soc: xilinx: fix firmware driver Kconfig dependency (git-fixes). - soc: imx: gpc: fix power up sequencing (git-fixes). - hibernate: Allow uswsusp to write to swap (git-fixes). - phy: uniphier-usb3ss: Add Pro5 support (git-fixes). - padata: update documentation file path in MAINTAINERS (git-fixes). - commit b521dd8 - fix patches metadata - fix Patch-mainline: patches.suse/0001-btrfs-don-t-pass-system_chunk-into-can_overcommit.patch patches.suse/0001-btrfs-fix-force-usage-in-inc_block_group_ro.patch patches.suse/0002-btrfs-kill-min_allocable_bytes-in-inc_block_group_ro.patch patches.suse/0002-btrfs-take-overcommit-into-account-in-inc_block_grou.patch patches.suse/btrfs-check-rw_devices-not-num_devices-for-balance.patch patches.suse/btrfs-scrub-Don-t-check-free-space-before-marking-a-.patch - commit 0c4ef8d - scsi: ibmvscsi: Fix WARN_ON during event pool release (bsc#1170791 ltc#185128). - commit 235b7cd - btrfs: take overcommit into account in inc_block_group_ro (bsc#1156898). - commit b4b780e - btrfs: fix force usage in inc_block_group_ro (bsc#1156898). - commit 9de9dbb - btrfs: scrub: Don't check free space before marking a block group RO (bsc#1156898). - Refresh patches.suse/0001-btrfs-scrub-Require-mandatory-block-group-RO-for-dev.patch. - Refresh patches.suse/Btrfs-fix-block-group-remaining-RO-forever-after-err.patch. - commit 0af353d - btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1156898). - commit d02303e - btrfs: don't pass system_chunk into can_overcommit (bsc#1156898). - commit c373e8e - btrfs: check rw_devices, not num_devices for balance (bsc#1156898). - commit 1228d44 - RDMA/bnxt_re: make bnxt_re_ib_init static (bsc#1170774). - RDMA/bnxt_re: Wait for all the CQ events before freeing CQ data structures (bsc#1170774). - RDMA/bnxt_re: Remove unnecessary sched count (bsc#1170774). - RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1170774). - RDMA/bnxt_re: Use ib_device_try_get() (bsc#1170774). - RDMA/bnxt_re: Remove a redundant 'memset' (bsc#1170774). - RDMA/bnxt_re: Remove set but not used variables 'pg' and 'idx' (bsc#1170774). - RDMA/bnxt_re: Remove set but not used variable 'dev_attr' (bsc#1170774). - RDMA/bnxt_re: Remove set but not used variable 'pg_size' (bsc#1170774). - RDMA/bnxt_re: Use driver_unregister and unregistration API (bsc#1170774). - RDMA/bnxt_re: Refactor device add/remove functionalities (bsc#1170774). - RDMA/bnxt_re: Using vmalloc requires including vmalloc.h (bsc#1170774). - RDMA/bnxt_re: use ibdev based message printing functions (bsc#1170774). - RDMA/bnxt_re: Refactor doorbell management functions (bsc#1170774). - RDMA/bnxt_re: Refactor notification queue management code (bsc#1170774). - RDMA/bnxt_re: Refactor command queue management code (bsc#1170774). - RDMA/bnxt_re: Refactor net ring allocation function (bsc#1170774). - RDMA/bnxt_re: Refactor hardware queue memory allocation (bsc#1170774). - RDMA/bnxt_re: Replace chip context structure with pointer (bsc#1170774). - RDMA/bnxt_re: Refactor queue pair creation code (bsc#1170774). - RDMA/bnxt_re: Use rdma_read_gid_hw_context to retrieve HW gid index (bsc#1170774). - RDMA/core: Add helper function to retrieve driver gid context from gid attr (bsc#1170774). - commit 63c9b07 ++++ libvirt: - qemu: Fix memory leak in qemuDomainGetStatsIOThread CVE-2020-12430 9bf9e0ae-CVE-2020-12430.patch bsc#1170765 ++++ podman: - Update podman to v1.9.1: * Bugfixes - Fixed a bug where healthchecks could become nonfunctional if container log paths were manually set with --log-path and multiple container logs were placed in the same directory - Fixed a bug where rootless Podman could, when using an older libpod.conf, print numerous warning messages about an invalid CGroup manager config - Fixed a bug where rootless Podman would sometimes fail to close the rootless user namespace when joining it * Misc - Updated containers/common to v0.8.2 ------------------------------------------------------------------ ------------------ 2020-4-28 - Apr 28 2020 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - don't set GRUB_DISTRIBUTOR (https://github.com/OSInside/kiwi/issues/1416) ++++ kernel-default: - s390/mm: fix page table upgrade vs 2ndary address mode accesses (bsc#1170030 CVE-2020-11884). - commit 0b0d8cd - EDAC/i10nm: Update driver to support different bus number config register offsets (bsc#1159522). - commit 796bb54 - Update patches.suse/x86-mm-split-vmalloc_sync_all.patch (bsc#1165741, bsc#1166969). - commit dc341e6 - EDAC, {skx,i10nm}: Make some configurations CPU model specific (bsc#1159522). - commit 7936538 - Update patches.suse/ibmvfc-don-t-send-implicit-logouts-prior-to-NPIV-log.patch to upstream version and rename to patches.suse/scsi-ibmvfc-Don-t-send-implicit-logouts-prior-to-NPI.patch - commit d04a4dc - wireguard: Kconfig: select parent dependency for crypto (bsc#1169021 jsc#SLE-12250). - commit 41bcd62 ------------------------------------------------------------------ ------------------ 2020-4-27 - Apr 27 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: s390: Return last valid slot if approx index is out-of-bounds (bsc#1133021). - commit a035552 - proc, time/namespace: Show clock symbolic names in /proc/pid/timens_offsets (bsc#1164648,jsc#SLE-11493). - futex: Remove {get,drop}_futex_key_refs() (bsc#1149032). - futex: Remove pointless mmgrap() + mmdrop() (bsc#1149032). - locking/rtmutex: rcu: Add WRITE_ONCE() to rt_mutex ->owner (bsc#1149032). - futex: Unbreak futex hashing (bsc#1149032). - futex: Fix inode life-time issue (bsc#1149032). - commit 7790db5 - x86: hyperv: report value of misc_features (git fixes). - commit e231452 - x86/Hyper-V: Report crash data in die() when panic_on_oops is set (git fixes). Refresh patches.suse/suse-hv-kabi.patch - commit 5afa1b8 - x86/Hyper-V: Report crash register data when sysctl_record_panic_msg is not set (git fixes). - commit f165c68 - x86/Hyper-V: Report crash register data or kmsg before running crash kernel (git fixes). - commit b120cb7 - x86/Hyper-V: Trigger crash enlightenment only once during system crash (git fixes). - commit 1644d6f - x86/Hyper-V: Free hv_panic_page when fail to register kmsg dump (git fixes). - commit 918a3d5 - x86/Hyper-V: Unload vmbus channel in hv panic callback (git fixes). Refresh patches.suse/suse-hv-kabi.patch - commit f66b321 - drm/exynos: Fix cleanup of IOMMU related objects (git-fixes). - commit 7669fb1 - staging: comedi: Fix comedi_device refcnt leak in comedi_open (git-fixes). - macsec: avoid to set wrong mtu (git-fixes). - iwlwifi: pcie: actually release queue memory in TVQM (git-fixes). - macvlan: fix null dereference in macvlan_device_event() (git-fixes). - PM: sleep: core: Switch back to async_schedule_dev() (git-fixes). - drm/meson: Delete an error message in meson_dw_hdmi_bind() (git-fixes). - audit: check the length of userspace generated audit records (git-fixes). - tpm/tpm_tis: Free IRQ if probing fails (git-fixes). - tpm: fix wrong return value in tpm_pcr_extend (git-fixes). - drm/amdkfd: kfree the wrong pointer (git-fixes). - drm/nouveau/gr/gp107,gp108: implement workaround for HW hanging during init (git-fixes). - drm/nouveau: workaround runpm fail by disabling PCI power management on certain intel bridges (git-fixes). - drm/nouveau/svm: check for SVM initialized before migrating (git-fixes). - drm/nouveau/svm: fix vma range check for migration (git-fixes). - fbcon: fix null-ptr-deref in fbcon_switch (git-fixes). - power: supply: bq27xxx_battery: Silence deferred-probe error (git-fixes). - power: supply: axp288_charger: Add special handling for HP Pavilion x2 10 (git-fixes). - power: supply: axp288_fuel_gauge: Broaden vendor check for Intel Compute Sticks (git-fixes). - clk: tegra: Fix Tegra PMC clock out parents (git-fixes). - clk: at91: usb: continue if clk_hw_round_rate() return zero (git-fixes). - rtc: 88pm860x: fix possible race condition (git-fixes). - NTB: ntb_transport: Use scnprintf() for avoiding potential buffer overflow (git-fixes). - ntb_hw_switchtec: Fix ntb_mw_clear_trans error if size == 0 (git-fixes). - ntb_tool: Fix printk format (git-fixes). - NTB: ntb_perf: Fix address err in perf_copy_chunk (git-fixes). - NTB: Fix an error in get link status (git-fixes). - cpufreq: imx6q: fix error handling (git-fixes). - cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL (git-fixes). - iio: industrialio-core: Fix debugfs read (git-fixes). - libfs: fix infoleak in simple_attr_read() (git-fixes). - drm/amdgpu: fix memory leak during TDR test(v2) (git-fixes). - Fix built-in early-load Intel microcode alignment (git-fixes). - cpufreq: s3c64xx: Remove pointless NULL check in s3c64xx_cpufreq_driver_init (git-fixes). - commit d13e57f - Drivers: hv: vmbus: Fix crash handler reset of Hyper-V synic (git fixes). Refresh patches.suse/suse-hv-kabi.patch - commit 73a1fdb - Drivers: hv: vmbus: Remove dependencies on guest page size (git fixes). - commit 0eb9623 - UAS: fix deadlock in error handling and PM flushing work (git-fixes). - commit f10ebae - UAS: no use logging any details in case of ENODEV (git-fixes). - commit 12e8b6e - USB: hub: Revert commit bd0e6c9614b9 ("usb: hub: try old enumeration scheme first for high speed devices") (git-fixes). - commit 63272b5 - xhci: Don't clear hub TT buffer on ep0 protocol stall (git-fixes). - commit d0e1439 - usb: dwc3: gadget: Fix request completion check (git-fixes). - commit eb78203 - drm/sun4i: sun6i_mipi_dsi: Add VCC-DSI regulator support (bsc#1152489) * manual patch refresh - commit 66ebcc7 - usb: dwc3: gadget: Do link recovery for SS and SSP (git-fixes). - commit 87d561b - usb: dwc3: Fix GTXFIFOSIZ.TXFDEP macro name (git-fixes). - commit 7eb2c31 - usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset() (git-fixes). - commit 1fb0c5f - USB: early: Handle AMD's spec-compliant identifiers, too (git-fixes). - commit 26634ce - fix patch metadata - fix Patch-mainline: patches.suse/cpuidle-menu-Allow-tick-to-be-stopped-if-PM-QoS-is-used.patch patches.suse/mm-vmscan.c-clean-code-by-removing-unnecessary-assignment.patch patches.suse/rcu-Allow-only-one-expedited-GP-to-run-concurrently-with-wakeups.patch patches.suse/rcu-Fix-missed-wakeup-of-exp_wq-waiters.patch patches.suse/sched-fair-Align-rq-avg_idle-and-rq-avg_scan_cost.patch - commit f15a73a - sched/nohz: Avoid disabling the tick for very short durations (bnc#754690, bsc#1158748). - Delete patches.suse/sched-throttle-nohz.patch. - commit 0628907 - sched/cpuacct: Use __this_cpu_add() instead of this_cpu_ptr() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 04cc379 - sched/fair: Use __this_cpu_read() in wake_wide() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Align rq->avg_idle and rq->avg_scan_cost (bnc#1155798 (CPU scheduler functional and performance backports)). - mm/vmscan.c: clean code by removing unnecessary assignment (git fixes (mm/vmscan)). - rcu: Allow only one expedited GP to run concurrently with wakeups (git fixes (rcu)). - rcu: Fix missed wakeup of exp_wq waiters (git fixes (rcu)). - cpuidle: menu: Allow tick to be stopped if PM QoS is used (bnc#1158748 (network regression)). - commit cb72208 - tty: rocket, avoid OOB access (git-fixes). - tty: serial: bcm63xx: fix missing clk_put() in bcm63xx_uart (git-fixes). - tty: serial: owl: add "much needed" clk_prepare_enable() (git-fixes). - staging: vt6656: Fix calling conditions of vnt_set_bss_mode (git-fixes). - staging: vt6656: Fix pairwise key entry save (git-fixes). - staging: vt6656: Fix drivers TBTT timing counter (git-fixes). - staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default (git-fixes). - iio: core: remove extra semi-colon from devm_iio_device_register() macro (git-fixes). - iio: adc: ti-ads8344: properly byte swap value (git-fixes). - iio: st_sensors: rely on odr mask to know if odr can be set (git-fixes). - iio: xilinx-xadc: Make sure not exceed maximum samplerate (git-fixes). - iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode (git-fixes). - iio: xilinx-xadc: Fix clearing interrupt when enabling trigger (git-fixes). - iio: xilinx-xadc: Fix ADC-B powerdown (git-fixes). - iio: adc: stm32-adc: fix sleep in atomic context (git-fixes). - iio:ad7797: Use correct attribute_group (git-fixes). - staging: gasket: Fix incongruency in handling of sysfs entries creation (git-fixes). - commit 4fa06ba - KVM: s390: vsie: Fix delivery of addressing exceptions (bsc#1133021). - commit 2daae50 ++++ libgcrypt: - FIPS: libgcrypt: Double free in test_keys() on failed signature verification [bsc#1169944] * Use safer gcry_mpi_release() instead of mpi_free() - Update patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch ++++ libsepol: - Enable -fcommon in order to fix boo#1160874. ++++ systemd: - Drop legacy /sbin/{udevd,udevadm) symlinks hopefully for good Since boo#1160890 has been fixed since a couple of months now. - Drop content of /usr/share/factory/ (bsc#1170146) systemd ships several files in /usr/share/factory/etc that are copied to /etc in case those files are missing there. Unfortunately the content does not match the openSUSE defaults. - Drop most of the tmpfiles that deal with generic paths (bsc#1078466) They are problematic because some of them conflict with SUSE defaults. Therefore it seems better to let the revelant packages owning these paths to provide their own definitions instead. Meanwhile we still keep the homeless definitions in suse.conf until a better place is found for them. Drop 0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch Drop 0001-SUSE-policy-do-not-clean-tmp-by-default.patch ++++ psmisc: - Modify patch 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch * Allow not unique mounts as well as not unique mountpoint (bsc#1170247) ++++ python-requests: - Switch off test_https_warnings test (bsc#1170175) ++++ qemu: -Fix potential DoS in ATI VGA emulation (CVE-2020-11869 bsc#1170537) ati-vga-Fix-checks-in-ati_2d_blt-to-avoi.patch ++++ rebootmgr: - Adjust BuildRequires - Update to version 1.0 - Rewrite rebootmgrd to not depend on glib and dbus-glib ------------------------------------------------------------------ ------------------ 2020-4-26 - Apr 26 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly (for 5.7) (bsc#1170522). - commit b4d1953 ++++ mozilla-nss: - nss-fips-constructor-self-tests.patch: Add Softoken POSTs for new DSA and ECDSA hash-and-sign update functinos. ------------------------------------------------------------------ ------------------ 2020-4-25 - Apr 25 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: hda: Always use jackpoll helper for jack update after resume (git-fixes). - ALSA: hda/realtek - Add new codec supported for ALC245 (git-fixes). - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif (git-fixes). - ALSA: usb-audio: Add connector notifier delegation (git-fixes). - ASoC: wm8960: Fix wrong clock after suspend & resume (git-fixes). - ASoC: rsnd: Fix "status check failed" spam for multi-SSI (git-fixes). - ASoC: rsnd: Don't treat master SSI in multi SSI setup as parent (git-fixes). - ASoC: meson: axg-card: fix codec-to-codec link setup (git-fixes). - ASoC: dapm: fixup dapm kcontrol widget (git-fixes). - ASoC: SOF: Intel: add min/max channels for SSP on Baytrail/Broadwell (git-fixes). - ASoC: rsnd: Fix HDMI channel mapping for multi-SSI mode (git-fixes). - ASoC: rsnd: Fix parent SSI start/stop in multi-SSI mode (git-fixes). - ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry (git-fixes). - ASoC: topology: Fix endianness issue (git-fixes). - ASoC: q6dsp6: q6afe-dai: add missing channels to MI2S DAIs (git-fixes). - ASoC: sgtl5000: Fix VAG power-on handling (git-fixes). - ASoC: madera: Remove a couple of stray blank lines (git-fixes). - ASoC: qcom: common: Silence duplicate parse error messages (git-fixes). - soc/stm/stm32_sub_sai: Add missing '\n' in log messages (git-fixes). - ASoC: tas571x: disable regulators on failed probe (git-fixes). - ASoC: topology: Check return value of soc_tplg_dai_config (git-fixes). - ASoC: topology: Check return value of pcm_new_ver (git-fixes). - ASoC: topology: Check soc_tplg_add_route return value (git-fixes). - ASoC: topology: Check return value of soc_tplg_*_create (git-fixes). - ASoC: topology: Check return value of soc_tplg_create_tlv (git-fixes). - ALSA: usb-audio: Apply async workaround for Scarlett 2i4 2nd gen (git-fixes). - ALSA: usx2y: Fix potential NULL dereference (git-fixes). - ALSA: usb-audio: Add quirk for Focusrite Scarlett 2i2 (git-fixes). - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos (git-fixes). - ALSA: hda: Remove ASUS ROG Zenith from the blacklist (git-fixes). - ALSA: hda/realtek - Fix unexpected init_amp override (git-fixes). - ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices (git-fixes). - ALSA: hda/hdmi: Add module option to disable audio component binding (git-fixes). - commit 9aa515f ------------------------------------------------------------------ ------------------ 2020-4-24 - Apr 24 2020 ------------------- ------------------------------------------------------------------ ++++ iproute2: - follow-up fixes backported from upstream (bsc#1160242): ip-fix-link-type-and-vlan-oneline-output.patch ip-xfrm-Fix-help-messages.patch ip-link-xstats-fix-TX-IGMP-reports-string.patch erspan-set-erspan_ver-to-1-by-default.patch xfrm-not-try-to-delete-ipcomp-states-when-using-dele.patch nexthop-fix-error-reporting-in-filter-dump.patch - refresh: xfrm-support-displaying-transformations-used-for-Mob.patch - fix duplicated patch metadata: introduce-print_masked_u16-and-print_masked_u32.patch ++++ kernel-default: - config: clean up s390x/zfcpdump Sync some config options in s390x/zfcpdump with SLE15-SP2. These did differ from SLE15-SP2 without apparent reason (for zfcpdump, that is): - FRONTSWAP (y -> n) - CMA (y -> n) - ZPOOL (y -> n) - REGULATOR (y -> n) - HARDENED_USERCOPY (y -> n) - CRYPTO (y -> n) - CRC_T10DIF (y -> n) - commit 118d550 - Update patches.suse/powerpc-pseries-ddw-Extend-upper-limit-for-huge-DMA-.patch (FATE#327775 bsc#1142685 bsc#1167867 ltc#179509 ltc#184616). - commit 54d9eaa ++++ libcontainers-common: - Add /var/lib/ca-certificates/pem/SUSE.pem to the SLES mounts. This for making container-suseconnect working in the public cloud on-demand images. It needs that file for being able to verify the server certificates of the RMT servers hosted in the public cloud. (https://github.com/SUSE/container-suseconnect/issues/41) ++++ mozilla-nss: - nss-fips-combined-hash-sign-dsa-ecdsa.patch: Add pairwise consistency check for CKM_SHA224_RSA_PKCS. Remove ditto checks for CKM_RSA_PKCS, CKM_DSA and CKM_ECDSA, since these are served by the new CKM_SHA224_RSA_PKCS, CKM_DSA_SHA224, CKM_ECDSA_SHA224 checks. - nss-fips-constructor-self-tests.patch: Replace bad attempt at unconditional nssdbm checksumming with a dlopen(), so it can be located consistently and perform its own self-tests. ++++ gcc10: - Update to master head (3685c5adf5c0b30268cb8f95c89e4), git176017. - Add gcc10-pr94734.patch ++++ libsolv: - Fix solvable swapping messing up idarrays - bump version to 0.7.13 ++++ systemd: - Drop %tmpfiles_create portables.conf from %post of networkd sub-package It was probably mistakenly added because systemd-portable served as template for systemd-network. ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#126 - always install EFI fallback boot for aarch64 (bsc#1167015) - 0.927 ++++ timezone: - timezone update 2020a (bsc#1169582) * Morocco springs forward on 2020-05-31, not 2020-05-24. * Canada's Yukon advanced to -07 year-round on 2020-03-08. * America/Nuuk renamed from America/Godthab. * zic now supports expiration dates for leap second lists. ++++ yast2: - Avoid using systemctl calls when already started with the installation and thus, running inside the chroot (bsc#1168849) - 4.2.83 ------------------------------------------------------------------ ------------------ 2020-4-23 - Apr 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: qla2xxx: check UNLOADING before posting async work (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - scsi: qla2xxx: set UNLOADING before waiting for session deletion (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - scsi: qla2xxx: Fix regression warnings (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - scsi: qla2xxx: Remove non functional code (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - scsi: qla2xxx: add ring buffer for tracing debug logs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169). - commit 0ed2831 - Fix meta data for FC-NVME-2 patches The branch of the maintainer got rebased. Update the commit id accordingly. - commit e17d7e2 - Revert "drm/panel: simple: Add support for Sharp LQ150X1LG11 panels" (bsc#1152472) - commit 5a48ac0 - drm/sun4i: dsi: Remove incorrect use of runtime PM (bsc#1152472) * manual patch refresh - commit 1f5ded0 - fbcon: fix null-ptr-deref in fbcon_switch (bsc#1152472) - commit a5735e6 - net: fec_ptp: Use platform_get_irq_xxx_optional() to avoid error message (bsc#1161695). - net: fec_main: Use platform_get_irq_byname_optional() to avoid error message (bsc#1161695). - commit 7080d97 ++++ systemd: - Import commit 08cd65ac385c884ed6e4bd71128a0796f56ecd17 (include merge of v245.5) 1ceedf8535 meson: fix build of udev 'path_id_compat' builtin with meson 0.54 e61569d4a9 pid1: by default make user units inherit their umask from the user manager (bsc#1162698) 64fdacd5f1 user-util: rework how we validate user names (bsc#1170272) [...] For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/c5aa158173ced05201182d1cc18632a25cf43b94...08cd65ac385c884ed6e4bd71128a0796f56ecd17 - Drop 0001-meson-fix-build-of-udev-path_id_compat-builtin-with-.patch It's been merged in 'openSUSE-Factory' branch otherwise this branch won't build anymore since meson has been upgraded to version 0.54 in Factory. ++++ zlib: - Update 410.patch to contain latest fixes from IBM bsc#1166260 * The build behaviour changed ++++ wpa_supplicant: - Add CVE-2019-16275.patch -- AP mode PMF disconnection protection bypass (bsc#1150934) ------------------------------------------------------------------ ------------------ 2020-4-22 - Apr 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - irqchip/mbigen: Free msi_desc on device teardown (git-fixes). - i2c: altera: use proper variable to hold errno (git-fixes). - i2c: designware: platdrv: Remove DPM_FLAG_SMART_SUSPEND flag on BYT and CHT (git-fixes). - drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is enabled (git-fixes). - watchdog: sp805: fix restart handler (git-fixes). - mac80211: fix race in ieee80211_register_hw() (git-fixes). - mac80211_hwsim: Use kstrndup() in place of kasprintf() (git-fixes). - commit 158e556 - Revert ACPI EC patch that was reverted in stable tree Delete: patches.suse/ACPI-EC-Do-not-clear-boot_ec_is_ecdt-in-acpi_ec_add.patch. - commit 4ca2cd1 - objtool: Make BP scratch register warning more robust (bsc#1169514). - commit 21d4b08 - objtool: Fix switch table detection in .text.unlikely (bsc#1169514). - commit c2b49a3 - ionic: fix unused assignment (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add dynamic_debug header (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - commit 61e55e9 - net/mlx5e: Fix nest_level for vlan pop action (bsc#1154353). - ionic: set station addr only if needed (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: replay filters after fw upgrade (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - net: icmp6: do not select saddr from iif when route has prefsrc set (bsc#1154353). - commit da058f0 ++++ qemu: - Minor tweaks to patches and support doc ++++ systemd-presets-branding-MicroOS: - Enable container-image-prune.timer by default ------------------------------------------------------------------ ------------------ 2020-4-21 - Apr 21 2020 ------------------- ------------------------------------------------------------------ ++++ hwinfo: - merge gh#openSUSE/hwinfo#86 - update pci and usb ids (bsc#1169682) - fix compiler warnings - 21.70 ++++ kernel-default: - PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes). - commit efb90c5 - mmc: sdhci-of-at91: fix memleak on clk_get failure (git-fixes). - commit df10885 - fix patches metadata - fix Patch-mainline: patches.suse/ext4-Avoid-freeing-inodes-on-dirty-list.patch patches.suse/fs-Avoid-leaving-freed-inode-on-dirty-list.patch patches.suse/writeback-Export-inode_io_list_del.patch - commit 9d7a667 - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n (bsc#1169021 jsc#SLE-12250). - commit 8129fee - crypto: arm64/poly1305 - ignore build files (bsc#1169021 jsc#SLE-12250). - commit 5860f7d - Update references for ptp security fixes (CVE-2020-10690, bsc#1170056) - commit 0efc222 - padata: always acquire cpu_hotplug_lock before pinst->lock (git-fixes). - commit d5448e4 - padata: validate cpumask without removed CPU during offline (git-fixes). - commit e4437ab - ext4: Avoid freeing inodes on dirty list (bsc#1168423). - writeback: Export inode_io_list_del() (bsc#1168423). - fs: Avoid leaving freed inode on dirty list (bsc#1168423). - commit 86af897 - PCI: endpoint: Fix for concurrent memory allocation in OB address region (git-fixes). - PCI: endpoint: Cast the page number to phys_addr_t (git-fixes). - commit 3e58a3a - mm: set vm_next and vm_prev to NULL in vm_area_dup() (bnc#1169681). - Revert "mm/rmap.c: reuse mergeable anon_vma as parent when fork" (bnc#1169681). - commit f7b4d10 - bpf: Prevent re-mmap()'ing BPF map as writable for initially r/o mapping (bsc#1155518). - xsk: Fix out of boundary write in __xsk_rcv_memcpy (bsc#1155518). - kbuild, btf: Fix dependencies for DEBUG_INFO_BTF (bsc#1155518). - commit ac4792a ++++ kernel-default-base: - Add qemu_fw_cfg needed by ignition (boo#1170069). ++++ mozilla-nss: - Add nss-fix-dh-pkcs-derive-inverted-logic.patch. This fixes an instance of inverted logic due to a boolean being mistaken for a SECStatus, which caused key derivation to fail when the caller provided a valid subprime. ++++ gnutls: - Don't check for /etc/system-fips which we don't have (bsc#1169992) * add gnutls-fips_mode_enabled.patch ++++ libvirt: - libxl: Add support for 'passthrough' and 'e820_host' settings b7d6648d-conf-add-e820-host.patch, 5749395b-libxl-e820-host.patch, f3ef7daf-xenconfig-e820-host.patch, 34077c1b-tests-check-e820-host.patch, fadbaa23-conf-add-passthrough.patch, 9529e007-libxl-passthrough.patch, 9cb8bc6f-xenconfig-refactor-features.patch, b523e225-xenconfig-passthrough.patch, bed32525-tests-check-passthrough.patch bsc#1167217 ++++ python-rpm-macros: - Update to version 20200207.5feb6c1 bsc#1171561: * Do not write .pyc files for tests ++++ qemu: - Add gcc10-maybe-uninitialized.patch in order to fix boo#1169728. ------------------------------------------------------------------ ------------------ 2020-4-20 - Apr 20 2020 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - Update to v1.0.0 - Fix portability issue to 32 bits architectures ++++ kernel-default: - wireguard: noise: error out precomputed DH during handshake rather than config (bsc#1169021 jsc#SLE-12250). - commit e14e578 - wireguard: receive: remove dead code from default packet type case (bsc#1169021 jsc#SLE-12250). - commit c43a23b - wireguard: queueing: account for skb->protocol==0 (bsc#1169021 jsc#SLE-12250). - commit 9e6b83e - wireguard: selftests: test using new 64-bit time_t (bsc#1169021 jsc#SLE-12250). - commit 60756ac - wireguard: selftests: remove duplicated include (bsc#1169021 jsc#SLE-12250). - commit b51ae0c - wireguard: socket: remove extra call to synchronize_net (bsc#1169021 jsc#SLE-12250). - commit 182535b - wireguard: send: account for mtu=0 devices (bsc#1169021 jsc#SLE-12250). - commit 2f73731 - wireguard: receive: reset last_under_load to zero (bsc#1169021 jsc#SLE-12250). - commit 5207bec - wireguard: selftests: reduce complexity and fix make races (bsc#1169021 jsc#SLE-12250). - commit 9718224 - wireguard: device: use icmp_ndo_send helper (bsc#1169021 jsc#SLE-12250). - commit 76ba369 - wireguard: selftests: tie socket waiting to target pid (bsc#1169021 jsc#SLE-12250). - commit bf1d7e5 - wireguard: selftests: cleanup CONFIG_ENABLE_WARN_DEPRECATED (bsc#1169021 jsc#SLE-12250). - commit fe77b94 - wireguard: selftests: ensure non-addition of peers with failed precomputation (bsc#1169021 jsc#SLE-12250). - commit ad7678e - wireguard: noise: reject peers with low order public keys (bsc#1169021 jsc#SLE-12250). - commit 8542988 - wireguard: allowedips: fix use-after-free in root_remove_peer_lists (bsc#1169021 jsc#SLE-12250). - commit 2be5b62 - net: introduce skb_list_walk_safe for skb segment walking (bsc#1169021 jsc#SLE-12250). - commit 1ec4578 - wireguard: socket: mark skbs as not on list when receiving via gro (bsc#1169021 jsc#SLE-12250). - commit a45554a - wireguard: queueing: do not account for pfmemalloc when clearing skb header (bsc#1169021 jsc#SLE-12250). - commit dd22191 - wireguard: selftests: remove ancient kernel compatibility code (bsc#1169021 jsc#SLE-12250). - commit e478c39 - wireguard: allowedips: use kfree_rcu() instead of call_rcu() (bsc#1169021 jsc#SLE-12250). - commit 8c0e1e0 - wireguard: main: remove unused include (bsc#1169021 jsc#SLE-12250). - commit 3a111bf - wireguard: global: fix spelling mistakes in comments (bsc#1169021 jsc#SLE-12250). - commit 79a082d - Update patches.suse/tcp-dccp-fix-possible-race-__inet_lookup_established.patch references (add bsc#1151794). - commit 0f4b072 - block: Fix partition support for host aware zoned block devices (git fixes (block layer)). - commit 2826707 - powerpc/sstep: Fix DS operand in ld encoding to appropriate value (bsc#1065729). - commit ffe7728 - block: fix busy device checking in blk_drop_partitions again (git fixes (block layer)). - scsi: sd_sbc: Fix sd_zbc_report_zones() (git fixes (block layer)). - block: allow partitions on host aware zone devices (git fixes (block layer)). - block: refactor rescan_partitions (bsc#1169493). - null_blk: Fix zoned command return code (git fixes (block layer)). - commit 2eec3ac - EDAC: skx_common: downgrade message importance on missing PCI device (bsc#1165581). - commit 33acab9 - rbd: call rbd_dev_unprobe() after unwatching and flushing notifies (git fixes (block layer)). - commit b8a8f93 - rbd: avoid a deadlock on header_rwsem when flushing notifies (git fixes (block layer)). - commit 39eb136 - block: fix busy device checking in blk_drop_partitions (git fixes (block layer)). - commit a502c37 - tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation (git-fixes). - commit e9b7241 - dm writecache: add cond_resched to avoid CPU hangs (git fixes (block layer)). - dm integrity: fix a crash with unusually large tag size (git fixes (block layer)). - dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone() (git fixes (block layer)). - commit bae04d0 - Revert "bcache: ignore pending signals when creating gc and allocator thread" (git fixes (block layer)). - commit 389cb15 - block: rework zone reporting (git fixes (block layer)). - Refresh for the above change, patches.suse/dm-zoned-reduce-overhead-of-backing-device-checks.patch. - commit e2e1ac1 - tracing: Disable trace_printk() on post poned tests (git-fixes). - commit a1f20fd - null_blk: clean up report zones (git fixes (block layer)). - null_blk: clean up the block device operations (git fixes (block layer)). - block: Remove partition support for zoned block devices (git fixes (block layer)). - commit 47f4ca0 - block: Simplify report zones execution (git fixes (block layer)). - block: cleanup the !zoned case in blk_revalidate_disk_zones (git fixes (block layer)). - block: Enhance blk_revalidate_disk_zones() (git fixes (block layer)). - block: add zone open, close and finish operations (git fixes (block layer)). - commit c73ea39 - block: Simplify REQ_OP_ZONE_RESET_ALL handling (git fixes (block layer)). - block: Remove REQ_OP_ZONE_RESET plugging (git fixes (block layer)). - commit 1d004e0 - dm: make dm_table_find_target return NULL (git fixes (block layer)). - null_blk: fix inline misuse (git fixes (block layer)). - null_blk: create a helper for zoned devices (git fixes (block layer)). - null_blk: move duplicate code to callers (git fixes (block layer)). - commit 9efd841 - fix patch metadata - fix Patch-mainline: patches.suse/ibmvfc-don-t-send-implicit-logouts-prior-to-NPIV-log.patch - commit cb5e73f - fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() (bsc#1163463). - commit 399801b ++++ openssl-1_1: - Security fix: [bsc#1169407, CVE-2020-1967] * Segmentation fault in SSL_check_chain: Server applications that call the SSL_check_chain() function during or after a TLS handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the signature_algorithms_cert TLS extension. - Add patches: * openssl-CVE-2020-1967.patch * openssl-CVE-2020-1967-test1.patch * openssl-CVE-2020-1967-test2.patch * openssl-CVE-2020-1967-test3.patch ++++ libsolv: - fix ruleinfo of complex dependencies returning the wrong origin - bump version to 0.7.12 ++++ microos-devel-tools: - new package ------------------------------------------------------------------ ------------------ 2020-4-17 - Apr 17 2020 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fixed _get_grub2_mkconfig_tool Last patch on this method breaks the search for alternative mkconfig names. It returns always on the first lookup which could be none. This breaks on systems that uses a different name than grub2-mkconfig, like on Ubuntu. ++++ kernel-default: - ALSA: hda: call runtime_allow() for all hda controllers (git-fixes). - ALSA: hda: Explicitly permit using autosuspend if runtime PM is supported (git-fixes). - ALSA: hda: Skip controller resume if not needed (git-fixes). - ALSA: hda: Keep the controller initialization even if no codecs found (git-fixes). - ALSA: hda: Release resources at error in delayed probe (git-fixes). - ALSA: hda: Honor PM disablement in PM freeze and thaw_noirq ops (git-fixes). - ALSA: hda: Don't release card at firmware loading error (git-fixes). - ALSA: usb-audio: Check mapping at creating connector controls, too (git-fixes). - ALSA: usb-audio: Don't create jack controls for PCM terminals (git-fixes). - ALSA: usb-audio: Don't override ignore_ctl_error value from the map (git-fixes). - ALSA: usb-audio: Filter error from connector kctl ops, too (git-fixes). - ALSA: hda/realtek - Enable the headset mic on Asus FX505DT (git-fixes). - commit 8a08089 - arm, bpf: Fix offset overflow for BPF_MEM BPF_DW (git-fixes). - nl80211: fix NL80211_ATTR_FTM_RESPONDER policy (git-fixes). - net: phy: micrel: use genphy_read_status for KSZ9131 (git-fixes). - arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0 (git-fixes). - keys: Fix proc_keys_next to increase position index (git-fixes). - drm/amdgpu: unify fw_write_wait for new gfx9 asics (git-fixes). - libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set (git-fixes). - Input: i8042 - add Acer Aspire 5738z to nomux list (git-fixes). - net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers (git-fixes). - vfio: platform: Switch to platform_get_irq_optional() (git-fixes). - PCI: Add boot interrupt quirk mechanism for Xeon chipsets (git-fixes). - ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256 (git-fixes). - drm/scheduler: fix rare NULL ptr race (git-fixes). - drm/dp_mst: Fix clearing payload state on topology disable (git-fixes). - crypto: ccree - dec auth tag size from cryptlen map (git-fixes). - crypto: ccree - only try to map auth tag if needed (git-fixes). - crypto: ccree - protect against empty or NULL scatterlists (git-fixes). - irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency (git-fixes). - ACPI: EC: Do not clear boot_ec_is_ecdt in acpi_ec_add() (git-fixes). - acpi/x86: ignore unspecified bit positions in the ACPI global lock field (git-fixes). - firmware: fix a double abort case with fw_load_sysfs_fallback (git-fixes). - usb: dwc3: core: add support for disabling SS instances in park mode (git-fixes). - xhci: bail out early if driver can't accress host in resume (git-fixes). - media: venus: firmware: Ignore secure call error on first resume (git-fixes). - media: allegro: fix type of gop_length in channel_create message (git-fixes). - media: i2c: ov5695: Fix power on and off sequences (git-fixes). - media: ti-vpe: cal: fix disable_irqs to only the intended target (git-fixes). - media: venus: hfi_parser: Ignore HEVC encoding for V1 (git-fixes). - pstore/platform: fix potential mem leak if pstore_init_fs failed (git-fixes). - tpm: Don't make log failures fatal (git-fixes). - i2c: pca-platform: Use platform_irq_get_optional (git-fixes). - i2c: st: fix missing struct parameter description (git-fixes). - bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads (git-fixes). - soc: fsl: dpio: register dpio irq handlers after dpio create (git-fixes). - Input: tm2-touchkey - add support for Coreriver TC360 variant (git-fixes). - i2c: jz4780: silence log flood on txabrt (git-fixes). - mmc: sdhci-of-esdhc: fix esdhc_reset() for different controller versions (git-fixes). - cpufreq: Cancel policy update work scheduled before freeing (git-fixes). - commit e5ee52f - xfs: reflink should force the log out if mounted with wsync (git-fixes). - commit 2e7b82b - xfs: factor out a new xfs_log_force_inode helper (git-fixes). - commit 9fd128e - xfs: don't write a corrupt unmount record to force summary counter recalc (git-fixes). - commit 6add31e - xfs: don't allow log IO to be throttled (git-fixes). - commit 925e53f - xfs: remove some stale comments from the log code (git-fixes). - commit b869987 - xfs: refactor unmount record writing (git-fixes). - commit 60c7c2f - xfs: merge xlog_commit_record with xlog_write_done (git-fixes). - commit 6169e00 - xfs: split xlog_ticket_done (git-fixes). - commit 3540978 - xfs: kill XLOG_TIC_INITED (git-fixes). - commit 1c52baf - xfs: refactor and split xfs_log_done() (git-fixes). - commit 27f5afa - xfs: re-order initial space accounting checks in xlog_write (git-fixes). - commit d2e492c - xfs: don't try to write a start record into every iclog (git-fixes). - commit 62148c3 - xfs: shutdown on failure to add page to log bio (git-fixes). - commit cb7737c - xfs: remove xlog_state_want_sync (git-fixes). - commit 99f092d - xfs: move the ioerror check out of xlog_state_clean_iclog (git-fixes). - commit f23116d - xfs: refactor xlog_state_clean_iclog (git-fixes). - commit e43b3ed - xfs: remove the aborted parameter to xlog_state_done_syncing (git-fixes). - commit eaff4cc - xfs: simplify log shutdown checking in xfs_log_release_iclog (git-fixes). - commit d486a9f - xfs: simplify the xfs_log_release_iclog calling convention (git-fixes). - commit 5b62921 - xfs: factor out a xlog_wait_on_iclog helper (git-fixes). - commit 371f1e3 - xfs: merge xlog_cil_push into xlog_cil_push_work (git-fixes). - commit 22531f1 - xfs: cleanup xfs_log_unmount_write (git-fixes). - commit 47964dc - xfs: remove dead code from xfs_log_unmount_write (git-fixes). - commit 15d084c - xfs: remove the unused return value from xfs_log_unmount_write (git-fixes). - commit 7daf110 - xfs: don't ever return a stale pointer from __xfs_dir3_free_read (git-fixes). - commit e98d8e7 - xfs: fix buffer corruption reporting when xfs_dir3_free_header_check fails (git-fixes). - commit 0d51de1 - xfs: add a function to deal with corrupt buffers post-verifiers (git-fixes). - commit cdad8b5 - xfs: fix iclog release error check race with shutdown (git-fixes). - commit 2814941 - xfs: don't check for AG deadlock for realtime files in bunmapi (git-fixes). - commit fc993c5 - xfs: remove the XLOG_STATE_DO_CALLBACK state (git-fixes). - commit c72277f - xfs: turn ic_state into an enum (git-fixes). - commit 1f9b2d3 - xfs: remove the unused XLOG_STATE_ALL and XLOG_STATE_UNUSED flags (git-fixes). - commit 22ec56e - xfs: remove dead ifdef XFSERRORDEBUG code (git-fixes). - commit f73533e - xfs: call xlog_state_release_iclog with l_icloglock held (git-fixes). - commit e2ae7c9 - xfs: move the locking from xlog_state_finish_copy to the callers (git-fixes). - commit 4fc8e18 - xfs: remove the unused ic_io_size field from xlog_in_core (git-fixes). - commit cc60ace - xfs: pass the correct flag to xlog_write_iclog (git-fixes). - commit d0ba340 ++++ mozilla-nss: - Add nss-fips-combined-hash-sign-dsa-ecdsa.patch. This implements API mechanisms for performing DSA and ECDSA hash-and-sign in a single call, which will be required in future FIPS cycles. ++++ gcc10: - Update to master head (b835645c7a51b7e99092abe61d677), git175845. - Drop to 4 jobs as constraint for s390x. ++++ libvirt: - qemu: fix hang in p2p + xbzrle compression + parallel migration 93b15ba0-qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch bsc#1161159 ++++ qemu: - Include upstream patches targeted for the next stable release (bug fixes only) spapr-Fix-failure-path-for-attempting-to.patch target-i386-do-not-set-unsupported-VMX-s.patch target-xtensa-fix-pasto-in-pfwait.r-opco.patch tcg-i386-Fix-INDEX_op_dup2_vec.patch tcg-mips-mips-sync-encode-error.patch vhost-user-gpu-Release-memory-returned-b.patch vpc-Don-t-round-up-already-aligned-BAT-s.patch xen-block-Fix-double-qlist-remove-and-re.patch - Fix bug causing weak encryption in PAuth for ARM (CVE-2020-10702 bsc#1168681) target-arm-Fix-PAuth-sbox-functions.patch - Fix OOB in tulip NIC emulation (CVE-2020-11102 bsc#1168713 net-tulip-check-frame-size-and-r-w-data-.patch - Note that previously included patch addresses CVE-2020-1711 and bsc#1166240 iscsi-Cap-block-count-from-GET-LBA-STATU.patch - Include performance improvement (and related?) patch aio-wait-delegate-polling-of-main-AioCon.patch async-use-explicit-memory-barriers.patch - Rework previous patch at Olaf H.'s direction hw-i386-disable-smbus-migration-for-xenf.patch - Eliminate is_opensuse usage in producing seabios version string what we are doing here is just replacing the upstream string with one indicating that the openSUSE build service built it, and so just leave it as "-rebuilt.opensuse.org" - Alter algorithm used to produce "unique" symbol for coordinating qemu with the optional modules it may load. This is a reasonable relaxation for broader compatibility configure-remove-pkgversion-from-CONFIG_.patch - Tweak supported.*.txt for latest deprecations, and other fixes - Tweak update_git.sh, config.sh ++++ wpa_supplicant: - Add restore-old-dbus-interface.patch to fix wicked wlan (boo#1156920) - Restore fi.epitest.hostap.WPASupplicant.service (bsc#1167331) ------------------------------------------------------------------ ------------------ 2020-4-16 - Apr 16 2020 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Increase spare space on disk repart The sizing of the virtual cylinders in parted seems to be unfavorable, as with some disks and SD cards here the device size is not a multiple of the cylinder size, so the last incomplete cylinder is wasted. If this wasted space is more than 5MiB, kiwi tries to resize indefinitely. Therefore min_additional_mbytes gets increased to prevent running into this situation. This Fixes bsc#1165823 - Fixed return value from _get_grub2_mkconfig_tool The method returned the basename of the tool if it could be found by Path.which(). But the method's scope has been changed in a way that the return value of the method must be the result from Path.which() to allow working on the full path name. ++++ grub2: - Fix executable stack in grub-probe and other grub utility (bsc#1169137) * grub2-btrfs-06-subvol-mount.patch ++++ kernel-default: - x86/xen: fix booting 32-bit pv guest (bsc#1071995). - commit de745ab - x86/xen: Make the secondary CPU idle tasks reliable (bsc#1071995). - commit b937a33 - x86/xen: Make the boot CPU idle task reliable (bsc#1071995). - commit 7555345 - Update patches.suse/media-stv06xx-add-missing-descriptor-sanity-checks.patch (bsc#1168854). Pending CVE request, adding bsc so that it is not lost - commit 3e4aa5f - Update patches.suse/media-xirlink_cit-add-missing-descriptor-sanity-chec.patch (bsc#1168952). Pending CVE request, adding bsc so this is not lost. - commit 98ac2ff - tools/test/nvdimm: Fix out of tree build (bsc#1156395). - commit bec0a07 - Refresh patches.suse/tools-testing-nvdimm-Fix-compilation-failure-without.patch. - commit 48bddf2 - ibmvfc: don't send implicit logouts prior to NPIV login (bsc#1169625 ltc#184611). - commit 1026f14 - net: systemport: fix index check to avoid an array out of bounds access (networking-stable-20_03_14). - taprio: Fix sending packets without dequeueing them (networking-stable-20_03_14). - net: memcg: fix lockdep splat in inet_csk_accept() (networking-stable-20_03_14). - net: dsa: Don't instantiate phylink for CPU/DSA ports unless needed (networking-stable-20_03_14). - net/packet: tpacket_rcv: do not increment ring index on drop (networking-stable-20_03_14). - net: fec: validate the new settings in fec_enet_set_coalesce() (networking-stable-20_03_14). - net: macsec: update SCI upon MAC address change (networking-stable-20_03_14). - ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface (networking-stable-20_03_14). - net: memcg: late association of sock to memcg (networking-stable-20_03_14). - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() (networking-stable-20_03_14). - cgroup, netclassid: periodically release file_lock on classid updating (networking-stable-20_03_14). - ipvlan: add cond_resched_rcu() while processing muticast backlog (networking-stable-20_03_14). - ipvlan: don't deref eth hdr before checking it's set (networking-stable-20_03_14). - sfc: detach from cb_page in efx_copy_channel() (networking-stable-20_03_14). - inet_diag: return classid for all socket types (networking-stable-20_03_14). - net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used (networking-stable-20_03_14). - gre: fix uninit-value in __iptunnel_pull_header (networking-stable-20_03_14). - bonding/alb: make sure arp header is pulled before accessing it (networking-stable-20_03_14). - net: nfc: fix bounds checking bugs on "pipe" (networking-stable-20_03_14). - net: hns3: fix a not link up issue when fibre port supports autoneg (networking-stable-20_03_14). - slip: make slhc_compress() more robust against malicious packets (networking-stable-20_03_14). - net: dsa: fix phylink_start()/phylink_stop() calls (networking-stable-20_03_14). - selftests/net/fib_tests: update addr_metric_test for peer route testing (networking-stable-20_03_14). - net/ipv6: remove the old peer route if change it to a new one (networking-stable-20_03_14). - net/ipv6: need update peer route when modify metric (networking-stable-20_03_14). - net: taprio: add missing attribute validation for txtime delay (networking-stable-20_03_14). - net: fq: add missing attribute validation for orphan mask (networking-stable-20_03_14). - fib: add missing attribute validation for tun_id (networking-stable-20_03_14). - devlink: validate length of region addr/len (networking-stable-20_03_14). - devlink: validate length of param values (networking-stable-20_03_14). - net/ipv6: use configured metric when add peer route (networking-stable-20_03_14). - net: dsa: mv88e6xxx: fix lockup on warm boot (networking-stable-20_03_14). - netlink: Use netlink header as base to calculate bad attribute offset (networking-stable-20_03_14). - r8152: check disconnect status after long sleep (networking-stable-20_03_14). - commit 4f8bc32 ++++ gcc10: - Update to master head (effcb4181e143bc390286a489ff84), git175831. - Package arm_cde.h and arm_mve_types.h for arm. - Alter _constraints to also constrain jobs. - Add libzstd-devel BuildRequires to cross compiler specs. - Switch to release checking builds. ++++ libgcrypt: - Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569) * add libgcrypt-fips_selftest_trigger_file.patch * refresh libgcrypt-global_init-constructor.patch - Remove libgcrypt-binary_integrity_in_non-FIPS.patch obsoleted by libgcrypt-global_init-constructor.patch ++++ podman: - Switched to simple `make binaries` for building podman - Update podman to v1.9.0: * Features - Experimental support has been added for podman run - -userns=auto, which automatically allocates a unique UID and GID range for the new container's user namespace - The podman play kube command now has a --network flag to place the created pod in one or more CNI networks - The podman commit command now supports an --iidfile flag to write the ID of the committed image to a file - Initial support for the new containers.conf configuration file has been added. containers.conf allows for much more detailed configuration of some Podman functionality * Changes - There has been a major cleanup of the podman info command resulting in breaking changes. Many fields have been renamed to better suit usage with APIv2 - All uses of the --timeout flag have been switched to prefer the alternative --time. The --timeout flag will continue to work, but man pages and --help will use the --time flag instead * Bugfixes - Fixed a bug where some volume mounts from the host would sometimes not properly determine the flags they should use when mounting - Fixed a bug where Podman was not propagating $PATH to Conmon and the OCI runtime, causing issues for some OCI runtimes that required it - Fixed a bug where rootless Podman would print error messages about missing support for systemd cgroups when run in a container with no cgroup support - Fixed a bug where podman play kube would not properly handle container-only port mappings (#5610) - Fixed a bug where the podman container prune command was not pruning containers in the created and configured states - Fixed a bug where Podman was not properly removing CNI IP address allocations after a reboot (#5433) - Fixed a bug where Podman was not properly applying the default Seccomp profile when --security-opt was not given at the command line * HTTP API - Many Libpod API endpoints have been added, including Changes, Checkpoint, Init, and Restore - Resolved issues where the podman system service command would time out and exit while there were still active connections - Stability overall has greatly improved as we prepare the API for a beta release soon with Podman 2.0 * Misc - The default infra image for pods has been upgraded to k8s.gcr.io/pause:3.2 (from 3.1) to address a bug in the architecture metadata for non-AMD64 images - The slirp4netns networking utility in rootless Podman now uses Seccomp filtering where available for improved security - Updated Buildah to v1.14.8 - Updated containers/storage to v1.18.2 - Updated containers/image to v5.4.3 - Updated containers/common to v0.8.1 ++++ update-test-trivial: - Add a retracted update test case ------------------------------------------------------------------ ------------------ 2020-4-15 - Apr 15 2020 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Make CommandCapabilities.check_version take the longest match This commit ensures that when trying to parse the version of a tool the comparison is done with the longest match for the given regular expression. This solves cases such in `grub2` where the tool name already provides some digit that could be seen as a version. - Fixed check for grub mkconfig capabilities The check for the capabilities of the tool were applied to the tool installed on the host but the later call of the tool will be done with the tool inside the image root - Validate use of GRUB_USE_LINUXEFI On systems that uses GRUB_USE_LINUXEFI with grub2 version less than 2.04 there is no support for dynamic EFI environment checking. In this condition we extend the grub setup to add this support. The change kiwi does is as follows: * Apply only on grub < 2.04 1. Modify 10_linux to set linux/initrd as variables 2. Write hybrid setup as 01_efihybrid This Fixes bsc#1165960 and bsc#1168480 ++++ kernel-default: - patches.suse/0005-scsi-target-use-the-stack-for-XCOPY-passthrough-cmds.patch: (bsc#1164514). - patches.suse/0004-scsi-target-increase-XCOPY-I-O-size.patch: (bsc#1164514). - patches.suse/0003-scsi-target-avoid-per-loop-XCOPY-buffer-allocations.patch: (bsc#1164514). - patches.suse/0002-scsi-target-drop-xcopy-DISK-BLOCK-LENGTH-debug.patch: (bsc#1164514). - patches.suse/0001-scsi-target-use-define-for-xcopy-descriptor-len.patch: (bsc#1164514). - commit 35bd511 - PCI/AER: Rationalize error status register clearing (bsc#1169263). - PCI/DPC: Expose dpc_process_error(), dpc_reset_link() for use by EDR (bsc#1169263). - PCI/AER: Add pci_aer_raw_clear_status() to unconditionally clear Error Status (bsc#1169263). - PCI/DPC: Cache DPC capabilities in pci_init_capabilities() (bsc#1169263). - PCI/ERR: Return status of pcie_do_recovery() (bsc#1169263). - PCI/ERR: Remove service dependency in pcie_do_recovery() (bsc#1169263). - PCI/DPC: Move DPC data into struct pci_dev (bsc#1169263). - commit 01b5293 - x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE (bsc#1169005). - commit 92271b2 - Refresh patches.suse/cifs-ignore-cached-share-root-handle-closing-errors.patch. - commit c6f232e - s390/zcrypt: use kvmalloc instead of kmalloc for 256k alloc (bsc#1169003 LTC#185029). - commit efd0cc2 - KVM: PPC: Book3S HV: Fix H_CEDE return code for nested guests (bsc#1156395). - commit 30499af - update patches metadata - update upstream references and resort: patches.suse/nvme-fc-Revert-add-module-to-ops-template-to-allow-m.patch patches.suse/nvme-fcloop-fix-deallocation-of-working-context.patch patches.suse/nvme-fix-deadlock-caused-by-ANA-update-wrong-locking.patch patches.suse/nvme-inherit-stable-pages-constraint-in-the-mpath-st.patch patches.suse/nvme-rdma-Replace-comma-with-a-semicolon.patch patches.suse/nvmet-fc-fix-typo-in-comment.patch patches.suse/nvmet-fix-NULL-dereference-when-removing-a-referral.patch patches.suse/nvmet-rdma-fix-bonding-failover-possible-NULL-deref.patch - fix Patch-mainline: patches.suse/nvme-Check-for-readiness-more-quickly-to-speed-up-bo.patch patches.suse/nvme-code-cleanup-nvme_identify_ns_desc.patch patches.suse/nvme-fabrics-Use-scnprintf-for-avoiding-potential-bu.patch patches.suse/nvme-log-additional-message-for-controller-status.patch patches.suse/nvme-multipath-do-not-reset-on-unknown-status.patch patches.suse/nvme-remove-unused-return-code-from-nvme_alloc_ns.patch patches.suse/nvme-tcp-Set-SO_PRIORITY-for-all-host-sockets.patch patches.suse/nvmet-check-sscanf-value-for-subsys-serial-attr.patch patches.suse/nvmet-configfs-code-cleanup.patch patches.suse/nvmet-make-ctrl-id-configurable.patch patches.suse/nvmet-make-ctrl-model-configurable.patch patches.suse/nvmet-tcp-set-SO_PRIORITY-for-accepted-sockets.patch - commit 66e0350 - Revert "cpufreq: arm64: prevent module unload (bsc#1168476)." This reverts commit 59dc6e32df1940481a3955a2caf2e64f735a0831. - commit c363644 - rpm/check-for-config-changes: Ignore CONFIG_LD_VERSION - commit e60242e - udp: rehash on disconnect (networking-stable-20_03_01). - net/tls: Fix to avoid gettig invalid tls record (networking-stable-20_03_01). - Revert "net: dev: introduce support for sch BYPASS for lockless qdisc" (networking-stable-20_03_01). - qede: Fix race between rdma destroy workqueue and link change event (networking-stable-20_03_01). - sctp: move the format error check out of __sctp_sf_do_9_1_abort (networking-stable-20_03_01). - net: sched: correct flower port blocking (networking-stable-20_03_01). - net: dsa: b53: Ensure the default VID is untagged (networking-stable-20_03_01). - net: macb: ensure interface is not suspended on at91rm9200 (networking-stable-20_03_01). - net: fib_rules: Correctly set table field when table number exceeds 8 bits (networking-stable-20_03_01). - ipv6: Fix nlmsg_flags when splitting a multipath route (networking-stable-20_03_01). - ipv6: Fix route replacement with dev-only route (networking-stable-20_03_01). - commit 7f4f9c7 - x86, sched: Don't enable static key when starting secondary CPUs (bsc#1169518). - commit 7e982dc - thermal/drivers/cpufreq_cooling: Fix return of cpufreq_set_cur_state (bsc#1168476). - commit 1bb91ae - EDAC/mce_amd: Make fam_ops static global (jsc#SLE-11833). - commit a2a7430 - cgroup: cgroup_procs_next should increase position index (bsc#1169524). - commit e8538bb - btrfs: separate definition of assertion failure handlers (bsc#1169514). - commit 47cc410 - objtool: Add relocation check for alternative sections (bsc#1169514). - commit ddcfb2d - Refresh patches.suse/x86-sched-Account-for-CPUs-with-less-than-4-cores-in.patch. - commit fe74002 - objtool: Add is_static_jump() helper (bsc#1169514). - commit d3f8210 - selftests/powerpc: Turn off timeout setting for benchmarks, dscr, signal, tm (git-fixes). - selftests/powerpc: Add tlbie_test in .gitignore (git-fixes). - tools: gpio: Fix out-of-tree build regression (git-fixes). - commit 32ce8b5 - EDAC/amd64: Drop some family checks for newer systems (jsc#SLE-11833). - commit c3845bc - ahci: Add support for Amazon's Annapurna Labs SATA controller (bsc#1169013). - commit 4296517 - blacklist.conf: add three cleanups - commit cf5b455 - EDAC/amd64: Add family ops for Family 19h Models 00h-0Fh (jsc#SLE-11833). - commit 6188ac8 - PCI: dwc: Fix dw_pcie_ep_raise_msix_irq() to get correct MSI-X table address (git-fixes). - PCI: endpoint: Fix ->set_msix() to take BIR and offset as arguments (git-fixes). - commit c6334e6 - fbmem: Adjust indentation in fb_prepare_logo and fb_blank (bsc#1152489) - commit bcb3d94 - config: refresh No functional change, only menu structure comments and one line move. - commit cbac380 - cxgb4: free MQPRIO resources in shutdown path (jsc#SLE-8389). - RDMA/hns: Fix a wrong judgment of return value (jsc#SLE-8449). - RDMA/hns: Fix wrong judgments of udata->outlen (jsc#SLE-8449). - RDMA/core: Remove the duplicate header file (jsc#SLE-8449). - IB/mlx5: Optimize u64 division on 32-bit arches (jsc#SLE-8446). - RDMA/mlx5: Prevent UMR usage with RO only when we have RO caps (jsc#SLE-8446). - net: hns3: fix for fraglist SKB headlen not handling correctly (bsc#1154353). - net: hns3: drop the WQ_MEM_RECLAIM flag when allocating WQ (bsc#1154353). - selftests/bpf: Fix test_progs's parsing of test numbers (bsc#1154353). - bnxt_en: Fix "fw.mgmt" and "fw.nsci" info via devlink info_get cb (jsc#SLE-8371 bsc#1153274). - taprio: do not use BIT() in TCA_TAPRIO_ATTR_FLAG_* definitions (bsc#1154353). - sfc: fix XDP-redirect in this driver (jsc#SLE-8314). - libbpf: Ignore incompatible types with matching name during CO-RE relocation (bsc#1154353). - sfc: remove unused variable 'efx_default_channel_type' (jsc#SLE-8314). - commit 655c6cc - OMAP: DSS2: remove non-zero check on variable r (bsc#1152489) - commit 82ee31e - fix patch metadata - fix Patch-mainline ("Queued" is for patches going to get into mainline): patches.suse/drm-i915-Fix-ref-mutex-deadlock-in-i915_active_wait.patch - commit f1086d5 - supported.conf: cleanup Make the comment consistent with the rest of the file. - commit c905a51 - EDAC/mce_amd: Always load on SMCA systems (jsc#SLE-11833). - commit f330d60 - improve patch metadata - make Patch-mainline more explicit: patches.suse/bfq-tune-slice-idle.patch - commit 6fb07af - Refresh patches.suse/0001-efi-fix-a-race-and-a-buffer-overflow-while-reading-e.patch. One more update on an upstreamed patch. - commit 0bed50c - Refresh patches.suse/KEYS-reaching-the-keys-quotas-correctly.patch. - Refresh patches.suse/PCI-pciehp-Add-DMI-table-for-in-band-presence-detect.patch. - Refresh patches.suse/PCI-pciehp-Disable-in-band-presence-detect-when-poss.patch. - Refresh patches.suse/PCI-pciehp-Wait-for-PDS-if-in-band-presence-is-disab.patch. - Refresh patches.suse/edac-mc-carve-out-error-increment-into-a-separate-function.patch. - Refresh patches.suse/edac-mc-change-mci-device-removal-to-use-put_device.patch. - Refresh patches.suse/edac-mc-determine-mci-pointer-from-the-error-descriptor.patch. - Refresh patches.suse/edac-mc-pass-the-error-descriptor-to-error-reporting-functions.patch. - Refresh patches.suse/edac-mc-remove-detail-string-and-cleanup-error-string-generation.patch. - Refresh patches.suse/edac-mc-remove-enable_per_layer_report-function-argument.patch. - Refresh patches.suse/edac-mc-remove-per-layer-counters.patch. - Refresh patches.suse/edac-mc-reorder-functions-edac_mc_alloc.patch. - Refresh patches.suse/edac-mc-report-unknown-memory-on-too-many-dimm-labels-found.patch. - Refresh patches.suse/edac-mc-split-edac_mc_alloc-into-smaller-functions.patch. - Refresh patches.suse/edac-store-error-type-in-struct-edac_raw_error_desc.patch. - Refresh patches.suse/efi-x86-add-tpm-related-efi-tables-to-unencrypted-mapping-checks.patch. - Refresh patches.suse/x86-amd_nb-char-amd64-agp-use-amd_nb_num-accessor.patch. - Refresh patches.suse/x86-intel_pstate-Handle-runtime-turbo-disablement-en.patch. - Refresh patches.suse/x86-sched-Add-support-for-frequency-invariance-on-ATOM.patch. - Refresh patches.suse/x86-sched-Add-support-for-frequency-invariance-on-ATOM_GOLDMONT.patch. - Refresh patches.suse/x86-sched-Add-support-for-frequency-invariance-on-SK.patch. - Refresh patches.suse/x86-sched-Add-support-for-frequency-invariance-on-XE.patch. - Refresh patches.suse/x86-sched-Add-support-for-frequency-invariance.patch. Update upstream status and sort them all. - commit 6e97756 ++++ util-linux: - Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: Avoid triggering autofs in lookup_umount_fs_by_statfs (boo#1168389) ++++ mozilla-nss: - nss-fips-constructor-self-tests.patch: Always perform nssdbm checksumming on softoken load, even if nssdbm itself is not loaded. ++++ gcc10: - Update to master head (2dc9294c3c7c81a6d5e1d4dedf58f), git175805. ++++ libgcrypt: - FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC: [bsc#1165539] - Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates. - Refreshed patches: * libgcrypt-PCT-DSA.patch * libgcrypt-PCT-RSA.patch * libgcrypt-PCT-ECC.patch ++++ systemd: - Switch back to the hybrid hierarchy Unfortunately Kubernetes and runc are not yet ready for cgroupsv2. Let's reconsider the unified hierarchy in a couple of months. ++++ util-linux-systemd: - Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: Avoid triggering autofs in lookup_umount_fs_by_statfs (boo#1168389) ------------------------------------------------------------------ ------------------ 2020-4-14 - Apr 14 2020 ------------------- ------------------------------------------------------------------ ++++ file: - file-5.24-nitpick.dif: remove obsolete patch (bsc#1169512) - file-secure_getenv.patch: refresh ++++ kernel-default: - x86/amd_nb: Add Family 19h PCI IDs (jsc#SLE-11833). - Refresh patches.suse/x86-amd_nb-char-amd64-agp-use-amd_nb_num-accessor.patch. - commit ffdd1b6 - exfat: add Kconfig and Makefile (JSC#SLE-9489). Also changes config files and supported.conf to incorporate exfat - exfat: add nls operations (JSC#SLE-9489). - exfat: add misc operations (JSC#SLE-9489). - exfat: add exfat cache (JSC#SLE-9489). - exfat: add bitmap operations (JSC#SLE-9489). - exfat: add fat entry operations (JSC#SLE-9489). - exfat: add file operations (JSC#SLE-9489). - exfat: add directory operations (JSC#SLE-9489). - exfat: add inode operations (JSC#SLE-9489). - exfat: add super block operations (JSC#SLE-9489). - exfat: add in-memory and on-disk structures and headers (JSC#SLE-9489). - vfs: Create fs_context-aware mount_bdev() replacement (JSC#SLE-9489). - commit 3b40335 - ceph: fix snapshot directory timestamps (jsc#SES-1134). - ceph: wait for async creating inode before requesting new max size (jsc#SES-1134). - ceph: don't skip updating wanted caps when cap is stale (jsc#SES-1134). - ceph: request new max size only when there is auth cap (jsc#SES-1134). - ceph: cleanup return error of try_get_cap_refs() (jsc#SES-1134). - ceph: return ceph_mdsc_do_request() errors from __get_parent() (jsc#SES-1134). - ceph: check all mds' caps after page writeback (jsc#SES-1134). - ceph: update i_requested_max_size only when sending cap msg to auth mds (jsc#SES-1134). - ceph: simplify calling of ceph_get_fmode() (jsc#SES-1134). - ceph: remove delay check logic from ceph_check_caps() (jsc#SES-1134). - ceph: consider inode's last read/write when calculating wanted caps (jsc#SES-1134). - ceph: always renew caps if mds_wanted is insufficient (jsc#SES-1134). - ceph: update dentry lease for async create (jsc#SES-1134). - ceph: attempt to do async create when possible (jsc#SES-1134). - ceph: cache layout in parent dir on first sync create (jsc#SES-1134). - ceph: add new MDS req field to hold delegated inode number (jsc#SES-1134). - ceph: decode interval_sets for delegated inos (jsc#SES-1134). - ceph: make ceph_fill_inode non-static (jsc#SES-1134). - ceph: perform asynchronous unlink if we have sufficient caps (jsc#SES-1134). - ceph: don't take refs to want mask unless we have all bits (jsc#SES-1134). - ceph: cap tracking for async directory operations (jsc#SES-1134). - ceph: make __take_cap_refs non-static (jsc#SES-1134). - ceph: add infrastructure for waiting for async create to complete (jsc#SES-1134). - ceph: track primary dentry link (jsc#SES-1134). - ceph: add flag to designate that a request is asynchronous (jsc#SES-1134). - ceph: more caps.c lockdep assertions (jsc#SES-1134). - ceph: clean up kick_flushing_inode_caps() (jsc#SES-1134). - libceph: directly skip to the end of redirect reply (jsc#SES-1134). - libceph: simplify ceph_monc_handle_map() (jsc#SES-1134). - ceph: return ETIMEDOUT errno to userland when request timed out (jsc#SES-1134). - ceph: re-org copy_file_range and fix some error paths (jsc#SES-1134). - ceph: move to a dedicated slabcache for mds requests (jsc#SES-1134). - ceph: reorganize fields in ceph_mds_request (jsc#SES-1134). - ceph: replace zero-length array with flexible-array member (jsc#SES-1134). - ceph: check if file lock exists before sending unlock request (jsc#SES-1134). - ceph: move ceph_osdc_{read,write}pages to ceph.ko (jsc#SES-1134). - ceph: don't ClearPageChecked in ceph_invalidatepage() (jsc#SES-1134). - libceph: drop CEPH_DEFINE_SHOW_FUNC (jsc#SES-1134). - ceph: check inode type for CEPH_CAP_FILE_{CACHE,RD,REXTEND,LAZYIO} (jsc#SES-1134). - ceph: add refcounting for Fx caps (jsc#SES-1134). - ceph: register MDS request with dir inode from the start (jsc#SES-1134). - commit 5555f78 - bfq: Tune slice_idle (bsc#1168838). - commit cd1f013 - mt76: mt76x02: fix coverage_class type (git-fixes). - commit 17e4f02 - blacklist.conf: cosmetic change only - commit c7bf43b - padata: fix uninitialized return value in padata_replace() (git-fixes). - commit 3620d06 - Revert "powerpc/64: irq_work avoid interrupt when called with hardware irqs enabled" (bsc#1156395). - commit 6d41ca5 - drm/i915: Fix ref->mutex deadlock in i915_active_wait() (stable-5.4.y). - commit 35b215a - drm/sun4i: dsi: Avoid hotplug race with DRM driver bind (git-fixes). - commit 725ce8a - pwm: pca9685: Fix PWM/GPIO inter-operation (git-fixes). - pwm: renesas-tpu: Fix late Runtime PM enablement (git-fixes). - pwm: rcar: Fix late Runtime PM enablement (git-fixes). - pwm: meson: Fix confusing indentation (git-fixes). - pwm: bcm2835: Dynamically allocate base (git-fixes). - ipmi: fix hung processes in __get_guid() (git-fixes). - drm/i915/gem: Flush all the reloc_gpu batch (git-fixes). - platform/chrome: cros_ec_rpmsg: Fix race with host event (git-fixes). - acpi/nfit: improve bounds checking for 'func' (git-fixes). - drm/sun4i: dsi: Allow binding the host without a panel (git-fixes). - drm/sun4i: dsi: Use NULL to signify "no panel" (git-fixes). - drm/sun4i: dsi: Remove unused drv from driver context (git-fixes). - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl (git-fixes). - commit 3034d25 - Delete patches.kabi/* workarounds - commit 70f1868 - supported.conf: fix order of entries (sort) - commit ead7ceb - series.conf: cleanup - update upstream references and resort: patches.suse/scsi-lpfc-Change-default-SCSI-LUN-QD-to-64.patch patches.suse/scsi-lpfc-Fix-crash-after-handling-a-pci-error.patch patches.suse/scsi-lpfc-Fix-crash-in-target-side-cable-pulls-hitti.patch patches.suse/scsi-lpfc-Fix-erroneous-cpu-limit-of-128-on-I-O-stat.patch patches.suse/scsi-lpfc-Fix-kasan-slab-out-of-bounds-error-in-lpfc.patch patches.suse/scsi-lpfc-Fix-lockdep-error-register-non-static-key.patch patches.suse/scsi-lpfc-Fix-lpfc-overwrite-of-sg_cnt-field-in-nvme.patch patches.suse/scsi-lpfc-Fix-scsi-host-template-for-SLI3-vports.patch patches.suse/scsi-lpfc-Fix-update-of-wq-consumer-index-in-lpfc_sl.patch patches.suse/scsi-lpfc-Make-debugfs-ktime-stats-generic-for-NVME-.patch patches.suse/scsi-lpfc-Remove-prototype-FIPS-DSS-options-from-SLI.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.0.patch - commit 8c32594 - series.conf: cleanup - move unsortable patch out of sorted section: patches.suse/cifs-ignore-cached-share-root-handle-closing-errors.patch - commit d749c1b - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() (bsc#1168486). - commit 97066fb ++++ rdma-core: - Update to v27.1 - Many bugfixes (memory leaks, use after free, etc.) ++++ rpm: - Do not map the index database read-write all the time [bnc#1168735] * new patch: ndb_backport2.diff ++++ u-boot-rpiarm64: - set udpate_git.sh branch to sle15-sp2 ------------------------------------------------------------------ ------------------ 2020-4-13 - Apr 13 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - time/namespace: Add max_time_namespaces ucount (bsc#1164648,jsc#SLE-11493). - commit 15be678 - blacklist.conf: add following commits, disable them temporarily, a4a8d286586d4b28c8517a51db8d86954aadc74b 3918e0667bbac99400b44fa5aef3f8be2eeada4a When add them back when dm back port done. - commit 23511fe - lib/raid6/test: fix build on distros whose /bin/sh is not bash (git fixes (block layer)). - Revert "dm: always call blk_queue_split() in dm_process_bio()" (git fixes (block layer)). - coresight: do not use the BIT() macro in the UAPI header (git fixes (block layer)). - pid: Improve the comment about waiting in zap_pid_ns_processes (git fixes (block layer)). - dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block layer)). - null_blk: Fix the null_add_dev() error path (git fixes (block layer)). - blk-mq: Keep set->nr_hw_queues and set->map[].nr_queues in sync (git fixes (block layer)). - dm: fix congested_fn for request-based device (git fixes (block layer)). - dm zoned: Fix reference counter initial value of chunk works (git fixes (block layer)). - dm writecache: verify watermark during resume (git fixes (block layer)). - dm: report suspended device during destroy (git fixes (block layer)). - dm cache: fix a crash due to incorrect work item cancelling (git fixes (block layer)). - dm integrity: fix invalid table returned due to argument count mismatch (git fixes (block layer)). - dm integrity: fix a deadlock due to offloading to an incorrect workqueue (git fixes (block layer)). - dm integrity: fix recalculation when moving from journal mode to bitmap mode (git fixes (block layer)). - lib/stackdepot.c: fix global out-of-bounds in stack_slabs (git fixes (block layer)). - drivers/block/zram/zram_drv.c: fix error return codes not being returned in writeback_store (git fixes (block layer)). - dm: fix potential for q->make_request_fn NULL pointer (git fixes (block layer)). - dm thin metadata: use pool locking at end of dm_pool_metadata_close (git fixes (block layer)). - dm writecache: fix incorrect flush sequence when doing SSD mode commit (git fixes (block layer)). - dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block layer)). - dm space map common: fix to ensure new block isn't already in use (git fixes (block layer)). - dm zoned: support zone sizes smaller than 128MiB (git fixes (block layer)). - padata: update documentation (git fixes (block layer)). - block: fix an integer overflow in logical block size (git fixes (block layer)). - compat_ioctl: block: handle Persistent Reservations (git fixes (block layer)). - dm thin: Flush data device before committing metadata (git fixes (block layer)). - dm thin metadata: Add support for a pre-commit callback (git fixes (block layer)). - dm btree: increase rebalance threshold in __rebalance2() (git fixes (block layer)). - dm mpath: remove harmful bio-based optimization (git fixes (block layer)). - block: fix memleak of bio integrity data (git fixes (block layer)). - block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block layer)). - block: sed-opal: fix sparse warning: obsolete array init (git fixes (block layer)). - commit 7a0b356 ++++ yast2: - Remove ip aliases that were marked to be deleted from the interface configuration files (bsc#1146020) - 4.2.82 ++++ zypper: - Reformat manpages to workaround asciidoctor shortcomings (bsc#1154803, bsc#1167122, bsc#1168990) - Remove undocumented rug legacy stuff. - Remove 'using namespace std;' (bsc#1166610) - patch table: Add 'Since' column if history data are available (jsc#SLE-5116) - version 1.14.36 ------------------------------------------------------------------ ------------------ 2020-4-12 - Apr 12 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - constrants: fix malformed XML Closing tag of an element is "", not "". Fixes: 8b37de2eb835 ("rpm/constraints.in: Increase memory for kernel-docs") - commit 4a8ca28 - Refresh patches.suse/ALSA-pcm-oss-Fix-regression-by-buffer-overflow-fix-a.patch Mark the upstream commit id to be ignored; the chery-picked patch supercedes it - commit 5705a3a ------------------------------------------------------------------ ------------------ 2020-4-11 - Apr 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ASoC: cs4270: pull reset GPIO low then high (git-fixes). - ASoC: rt5645: Add platform-data for Medion E1239T (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN MPWIN895CL tablet (git-fixes). - ASoC: Intel: atom: Fix uninitialized variable compiler warning (git-fixes). - ASoC: Intel: atom: Check drv->lock is locked in sst_fill_and_send_cmd_unlocked (git-fixes). - ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() (git-fixes). - ASoC: topology: use name_prefix for new kcontrol (git-fixes). - ASoC: rt5682: Fix build error without CONFIG_I2C (git-fixes). - ASoC: dpcm: allow start or stop during pause for backend (git-fixes). - ASoC: dapm: connect virtual mux with default value (git-fixes). - ASoC: Intel: bdw-rt5677: Remove ignore_suspend flag from SSP0 dai link (git-fixes). - ASoC: Intel: haswell: Remove ignore_suspend flag from SSP0 dai link (git-fixes). - ASoC: Intel: broadwell: Remove ignore_suspend flag from SSP0 dai link (git-fixes). - ASoC: fix regwmask (git-fixes). - ALSA: hda: Add driver blacklist (git-fixes). - ALSA: usb-audio: Add mixer workaround for TRX40 and co (git-fixes). - ALSA: hda/realtek - Add quirk for MSI GL63 (git-fixes). - ALSA: ice1724: Fix invalid access for enumerated ctl items (git-fixes). - ALSA: hda: Fix potential access overflow in beep helper (git-fixes). - ALSA: hda/realtek - Add HP new mute led supported for ALC236 (git-fixes). - ALSA: hda/realtek - Add supported new mute Led for HP (git-fixes). - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S (git-fixes). - ALSA: usb-audio: Add Pioneer DJ DJM-250MK2 quirk (git-fixes). - ALSA: pcm: oss: Fix regression by buffer overflow fix (again) (git-fixes). - ALSA: hda/realtek - Add quirk for Lenovo Carbon X1 8th gen (git-fixes). - commit fa71152 ------------------------------------------------------------------ ------------------ 2020-4-9 - Apr 9 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - crypto: arm/poly1305 - add artifact to .gitignore files (bsc#1169021 jsc#SLE-12250). - crypto: x86/curve25519 - leave r12 as spare register (bsc#1169021 jsc#SLE-12250). - crypto: x86/curve25519 - replace with formally verified implementation (bsc#1169021 jsc#SLE-12250). - crypto: arm64/chacha - correctly walk through blocks (bsc#1169021 jsc#SLE-12250). - crypto: x86/curve25519 - support assemblers with no adx support (bsc#1169021 jsc#SLE-12250). - crypto: chacha20poly1305 - prevent integer overflow on large input (bsc#1169021 jsc#SLE-12250). - icmp: introduce helper for nat'd source address in network device context (bsc#1169021 jsc#SLE-12250). - crypto: Kconfig - allow tests to be disabled when manager is disabled (bsc#1169021 jsc#SLE-12250). - wireguard: selftests: import harness makefile for test suite (bsc#1169021 jsc#SLE-12250). - net: WireGuard secure network tunnel (bsc#1169021 jsc#SLE-12250). - Update config files: enable WIREGUARD on all archs. - Update supported.conf: mark new drivers/net/wireguard as unsupported. - crypto: arm/chacha - fix build failured when kernel mode NEON is disabled (bsc#1169021 jsc#SLE-12250). - crypto: x86/poly1305 - emit does base conversion itself (bsc#1169021 jsc#SLE-12250). - crypto: chacha20poly1305 - add back missing test vectors and test chunking (bsc#1169021 jsc#SLE-12250). - crypto: x86/poly1305 - fix .gitignore typo (bsc#1169021 jsc#SLE-12250). - crypto: curve25519 - Fix selftest build error (bsc#1169021 jsc#SLE-12250). - Update supported.conf: mark new lib/crypto/libcurve25519-generic as unsupported. - crypto: {arm,arm64,mips}/poly1305 - remove redundant non-reduction from emit (bsc#1169021 jsc#SLE-12250). - crypto: x86/poly1305 - wire up faster implementations for kernel (bsc#1169021 jsc#SLE-12250). - Update config files: a value of 11 is now required for CRYPTO_LIB_POLY1305_RSIZE on x86_64. - crypto: x86/poly1305 - import unmodified cryptogams implementation (bsc#1169021 jsc#SLE-12250). - crypto: poly1305 - add new 32 and 64-bit generic versions (bsc#1169021 jsc#SLE-12250). - crypto: lib/curve25519 - re-add selftests (bsc#1169021 jsc#SLE-12250). - crypto: chacha - fix warning message in header file (bsc#1169021 jsc#SLE-12250). - crypto: arm/curve25519 - add arch-specific key generation function (bsc#1169021 jsc#SLE-12250). - crypto: arch - conditionalize crypto api in arch glue for lib code (bsc#1169021 jsc#SLE-12250). - crypto: lib/chacha20poly1305 - use chacha20_crypt() (bsc#1169021 jsc#SLE-12250). - crypto: x86/chacha - only unregister algorithms if registered (bsc#1169021 jsc#SLE-12250). - crypto: chacha_generic - remove unnecessary setkey() functions (bsc#1169021 jsc#SLE-12250). - crypto: lib/chacha20poly1305 - reimplement crypt_from_sg() routine (bsc#1169021 jsc#SLE-12250). - crypto: chacha20poly1305 - import construction and selftest from Zinc (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_LIB_CHACHA20POLY1305 on all archs. - Update supported.conf: mark new lib/crypto/libchacha20poly1305 as unsupported. - crypto: arm/curve25519 - wire up NEON implementation (bsc#1169021 jsc#SLE-12250). - crypto: arm/curve25519 - import Bernstein and Schwabe's Curve25519 ARM implementation (bsc#1169021 jsc#SLE-12250). - crypto: curve25519 - x86_64 library and KPP implementations (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_CURVE25519_X86 on x86_64, which in turn implies CRYPTO_ARCH_HAVE_LIB_CURVE25519. - Update supported.conf: mark new arch/x86/crypto/curve25519-x86_64 as unsupported. - crypto: lib/curve25519 - work around Clang stack spilling issue (bsc#1169021 jsc#SLE-12250). - crypto: curve25519 - implement generic KPP driver (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_CURVE25519 on all archs. - Update supported.conf: mark new crypto/curve25519-generic as unsupported. - crypto: curve25519 - add kpp selftest (bsc#1169021 jsc#SLE-12250). - crypto: curve25519 - generic C library implementations (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_LIB_CURVE25519 on all archs, which in turn implies CRYPTO_LIB_CURVE25519_GENERIC. - Update supported.conf: mark new lib/crypto/libcurve25519 as unsupported. - crypto: blake2s - x86_64 SIMD implementation (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_BLAKE2S_X86 on x86_64, which in turn implies CRYPTO_ARCH_HAVE_LIB_BLAKE2S. - Update supported.conf: mark new arch/x86/crypto/blake2s-x86_64 as unsupported. - crypto: blake2s - implement generic shash driver (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_BLAKE2S on all archs. - Update supported.conf: mark new crypto/blake2s_generic as unsupported. - crypto: testmgr - add test cases for Blake2s (bsc#1169021 jsc#SLE-12250). - crypto: blake2s - generic C library implementation and selftest (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_LIB_BLAKE2S on all archs, which in turn implies CRYPTO_LIB_BLAKE2S_GENERIC. - Update supported.conf: mark new lib/crypto/libblake2s and lib/crypto/libblake2s-generic as unsupported. - crypto: mips/poly1305 - incorporate OpenSSL/CRYPTOGAMS optimized implementation (bsc#1169021 jsc#SLE-12250). - crypto: arm/poly1305 - incorporate OpenSSL/CRYPTOGAMS NEON implementation (bsc#1169021 jsc#SLE-12250). - crypto: arm64/poly1305 - incorporate OpenSSL/CRYPTOGAMS NEON implementation (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_POLY1305_NEON on arm64, which in turn implies CRYPTO_ARCH_HAVE_LIB_POLY1305; a value of 9 is required for the internal CRYPTO_LIB_POLY1305_RSIZE on arm64. - Update supported.conf: mark new arch/arm64/crypto/poly1305-neon as unsupported. - crypto: x86/poly1305 - expose existing driver as poly1305 library (bsc#1169021 jsc#SLE-12250). - Update config files: CRYPTO_POLY1305_X86_64 implies CRYPTO_ARCH_HAVE_LIB_POLY1305 on x86_64 now; a value of 4 is required for the internal CRYPTO_LIB_POLY1305_RSIZE on x86_64. - crypto: x86/poly1305 - depend on generic library not generic shash (bsc#1169021 jsc#SLE-12250). - crypto: poly1305 - expose init/update/final library interface (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_LIB_POLY1305 on all archs and set the internal CRYPTO_LIB_POLY1305_RSIZE to 1 (the common default value among all archs for now). - crypto: x86/poly1305 - unify Poly1305 state struct with generic code (bsc#1169021 jsc#SLE-12250). - crypto: poly1305 - move core routines into a separate library (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_LIB_POLY1305_GENERIC on all archs. - Update supported.conf: mark new lib/crypto/libpoly1305 as supported. - crypto: chacha - unexport chacha_generic routines (bsc#1169021 jsc#SLE-12250). - crypto: mips/chacha - wire up accelerated 32r2 code from Zinc (bsc#1169021 jsc#SLE-12250). - crypto: mips/chacha - import 32r2 ChaCha code from Zinc (bsc#1169021 jsc#SLE-12250). - crypto: arm/chacha - expose ARM ChaCha routine as library function (bsc#1169021 jsc#SLE-12250). - crypto: arm/chacha - remove dependency on generic ChaCha driver (bsc#1169021 jsc#SLE-12250). - crypto: arm/chacha - import Eric Biggers's scalar accelerated ChaCha code (bsc#1169021 jsc#SLE-12250). - crypto: arm64/chacha - expose arm64 ChaCha routine as library function (bsc#1169021 jsc#SLE-12250). - Update config files: CRYPTO_CHACHA20_NEON implies CRYPTO_ARCH_HAVE_LIB_CHACHA on arm64 now. - crypto: arm64/chacha - depend on generic chacha library instead of crypto driver (bsc#1169021 jsc#SLE-12250). - crypto: x86/chacha - expose SIMD ChaCha routine as library function (bsc#1169021 jsc#SLE-12250). - Update config files: CRYPTO_CHACHA20_X86_64 implies CRYPTO_ARCH_HAVE_LIB_CHACHA on x86_64 now. - crypto: x86/chacha - depend on generic chacha library instead of crypto driver (bsc#1169021 jsc#SLE-12250). - crypto: chacha - move existing library code into lib/crypto (bsc#1169021 jsc#SLE-12250). - Update config files: enable CRYPTO_LIB_CHACHA_GENERIC and CRYPTO_LIB_CHACHA on all archs. - Update supported.conf: mark new lib/crypto/libchacha as unsupported. - crypto: lib - tidy up lib/crypto Kconfig and Makefile (bsc#1169021 jsc#SLE-12250). - commit 121a35e - cgroup, rstat: Revert "cgroup: Add memory barriers to plug cgroup_rstat_updated() race window" (bsc#1158748). - commit f88fb2e - Refresh patches.suse/0001-kABI-more-hooks-for-PCI-changes.patch. (bsc#1168999) For some unknown reason (likely a macro), changing struct pci_fixup breaks things left and right. Removing the padding - commit bbd0eda - ipvlan: do not add hardware address of master to its unicast filter list (bsc#1137325). - commit 51a58f4 - cifs: ignore cached share root handle closing errors (bsc#1166780). - commit 1f63b4d - Update config files to disable CONFIG_TRACE_IRQFLAGS (bsc#1169078). - commit 35b5c01 - kabi: drop kabi reference files (stop checking kabi) After the SLE15 SP2 release schedule update, it's too early to enforce kabi and there are some upcoming requests which either cannot be implemented without kabi change or would require too complicated hacks. Drop kabi reference files so that kabi won't be checked until they are added back again. - commit 16aa8e7 - lpfc: nvmet: Add Send LS Request and Abort LS Request support (bsc#1169045). - lpfc: nvmet: Add support for NVME LS request hosthandle (bsc#1169045). - lpfc: nvme: Add Receive LS Request and Send LS Response (bsc#1169045). - lpfc: Refactor Send LS Response support (bsc#1169045). - lpfc: Refactor Send LS Abort support (bsc#1169045). - lpfc: Refactor Send LS Request support (bsc#1169045). - lpfc: Refactor NVME LS receive handling (bsc#1169045). - lpfc: Commonize lpfc_async_xchg_ctx state and flag (bsc#1169045). - lpfc: Refactor nvmet_rcv_ctx to create lpfc_async_xchg_ctx (bsc#1169045). - lpfc: Refactor lpfc nvme headers (bsc#1169045). - nvme-fcloop: add target to host LS request support (bsc#1169045). - nvme-fcloop: refactor to enable target to host LS (bsc#1169045). - nvmet-fc: Add Disconnect Association Xmt support (bsc#1169045). - nvmet-fc: rename ls_list to ls_rcv_list (bsc#1169045). - nvmet-fc: track hostport handle for associations (bsc#1169045). - nvmet-fc: perform small cleanups on unneeded checks (bsc#1169045). - nvmet-fc: add LS failure messages (bsc#1169045). - nvme-fc: Add Disconnect Association Rcv support (bsc#1169045). - nvmet-fc: Update target for common definitions for LS (bsc#1169045). - nvme-fc: Update header and host for common definitions for LS (bsc#1169045). - nvme-fc: convert assoc_active flag to bit op (bsc#1169045). - nvme-fc: Ensure private pointers are NULL if no data (bsc#1169045). - nvmet-fc: Better size LS buffers (bsc#1169045). - nvme-fc nvmet-fc: refactor for common LS definitions (bsc#1169045). - nvme-fc and nvmet-fc: revise LLDD api for LS reception and LS (bsc#1169045). - nvme-fc: Sync header to FC-NVME-2 rev 1.08 (bsc#1169045). - nvme-fc: Revert "add module to ops template to allow module (bsc#1169045). - nvme: fix deadlock caused by ANA update wrong locking (bsc#1169045). - nvmet-rdma: fix bonding failover possible NULL deref (bsc#1169045). - nvmet: fix NULL dereference when removing a referral (bsc#1169045). - nvme: inherit stable pages constraint in the mpath stack (bsc#1169045). - nvmet-fc: fix typo in comment (bsc#1169045). - nvme-rdma: Replace comma with a semicolon (bsc#1169045). - nvme-fcloop: fix deallocation of working context (bsc#1169045). - commit afa84e7 - scripts/git_sort/git_sort.py: Update nvme repositories - commit 45cef90 - nvme-fabrics: Use scnprintf() for avoiding potential buffer overflow (bsc#1161930). - nvme-multipath: do not reset on unknown status (bsc#1161930). - nvme: Check for readiness more quickly, to speed up boot time (bsc#1161930). - nvme: log additional message for controller status (bsc#1161930). - nvme: code cleanup nvme_identify_ns_desc() (bsc#1161930). - nvmet-tcp: set MSG_MORE only if we actually have more to send (bsc#1161930). - commit 0215ed6 - rpm/constraints.in: Increase memory for kernel-docs References: https://build.opensuse.org/request/show/792664 - commit 8b37de2 - nvmet-tcp: set SO_PRIORITY for accepted sockets (bsc#1169045). - nvme-tcp: Set SO_PRIORITY for all host sockets (bsc#1169045). - nvmet: check sscanf value for subsys serial attr (bsc#1169045). - nvmet: make ctrl model configurable (bsc#1169045). - nvmet: make ctrl-id configurable (bsc#1169045). - nvmet: configfs code cleanup (bsc#1169045). - nvme: remove unused return code from nvme_alloc_ns (bsc#1169045). - nvme-rdma: Avoid double freeing of async event data (bsc#1169045). - nvme-pci: Hold cq_poll_lock while completing CQEs (bsc#1169045). - nvme-multipath: Fix memory leak with ana_log_buf (bsc#1169045). - nvme: Fix uninitialized-variable warning (bsc#1169045). - nvme-pci: Use single IRQ vector for old Apple models (bsc#1169045). - nvme/pci: Add sleep quirk for Samsung and Toshiba drives (bsc#1169045). - nvme/pci: move cqe check after device shutdown (bsc#1169045). - nvme: prevent warning triggered by nvme_stop_keep_alive (bsc#1169045). - nvme/tcp: fix bug on double requeue when send fails (bsc#1169045). - nvmet: update AEN list and array at one place (bsc#1169045). - nvmet: Fix controller use after free (bsc#1169045). - nvmet: Fix error print message at nvmet_install_queue (bsc#1169045). - nvme-pci: remove nvmeq->tags (bsc#1169045). - nvmet: fix dsm failure when payload does not match sgl (bsc#1169045). - nvmet: fix per feat data len for get_feature (bsc#1169045). - nvme/pci: Fix read queue count (bsc#1169045). - nvme/pci Limit write queue sizes to possible cpus (bsc#1169045). - nvme/pci: Fix write and poll queue types (bsc#1169045). - nvme/pci: Remove last_cq_head (bsc#1169045). - nvme: Namepace identification descriptor list is optional (bsc#1169045). - commit 583ef0e - PCI: pciehp: Fix MSI interrupt race (bsc#1159037). - commit 41635b6 - Fix mmc CMD6 timeout spams (bsc#1169056) The patch patches.suse/mmc-core-Default-to-generic_cmd6_time-as-timeout-in-.patch. triggers spamming wrt MMC CMD6 timeout default. This has been already reverted in stable queue, too, so let's kill it. This also requires the refresh of patches.suse/mmc-core-Allow-host-controllers-to-require-R1B-for-C.patch. - commit d264c89 - nvme-fc: fix double-free scenarios on hw queues (bsc#1169045). - nvme: else following return is not needed (bsc#1169045). - nvme: add error message on mismatching controller ids (bsc#1169045). - nvme_fc: add module to ops template to allow module (bsc#1169045). - nvme-fc: Avoid preallocating big SGL for data (bsc#1169045). - nvme-rdma: Avoid preallocating big SGL for data (bsc#1169045). - nvme: hwmon: add quirk to avoid changing temperature (bsc#1169045). - nvme: hwmon: provide temperature min and max values for each (bsc#1169045). - nvme: Discard workaround for non-conformant devices (bsc#1169045). - commit ad5c1b6 - nvme: Add hardware monitoring support (bsc#1169045). - Update config files. - commit 7065393 - nvmet: Introduce common execute function for get_log_page and identify (bsc#1169045). - commit 9f41df0 - iommu/virtio: Fix freeing of incomplete domains (bsc#1169049). - iommu/vt-d: Fix mm reference leak (bsc#1169050). - iommu/amd: Fix the configuration of GCR3 table root pointer (bsc#1169048). - iommu/vt-d: Fix page request descriptor size (bsc#1169051). - KVM: x86: Fix CPUID range checks for Hypervisor and Centaur classes (bsc#1169052). - KVM: x86: Trace the original requested CPUID function in kvm_cpuid() (bsc#1169053). - commit 02f2b47 - nvmet: stop using bio_set_op_attrs (bsc#1169045). - nvmet: add plugging for read/write when ns is bdev (bsc#1169045). - nvmet: clean up command parsing a bit (bsc#1169045). - nvmet: fill discovery controller sn, fr and mn correctly (bsc#1169045). - nvmet: Open code nvmet_req_execute() (bsc#1169045). - nvmet: Remove the data_len field from the nvmet_req struct (bsc#1169045). - nvmet: Introduce nvmet_dsm_len() helper (bsc#1169045). - nvmet: Cleanup discovery execute handlers (bsc#1169045). - nvmet-tcp: Don't set the request's data_len (bsc#1169045). - nvmet-tcp: Don't check data_len in nvmet_tcp_map_data() (bsc#1169045). - nvme: Introduce nvme_lba_to_sect() (bsc#1169045). - nvme: Cleanup and rename nvme_block_nr() (bsc#1169045). - nvme: move common call to nvme_cleanup_cmd to core layer (bsc#1169045). - nvme: introduce "Command Aborted By host" status code (bsc#1169045). - nvmet-rdma: add unlikely check at nvmet_rdma_map_sgl_keyed (bsc#1169045). - nvmet: add unlikely check at nvmet_req_alloc_sgl (bsc#1169045). - nvmet: use bio_io_error instead of duplicating it (bsc#1169045). - nvme: introduce nvme_is_aen_req function (bsc#1169045). - nvme-fc: ensure association_id is cleared regardless of a Disconnet LS (bsc#1169045). - nvme-fc: clarify error messages (bsc#1169045). - nvme-fc: Set new cmd set indicator in nvme-fc cmnd iu (bsc#1169045). - nvme-fc and nvmet-fc: sync with FC-NVME-2 header changes (bsc#1169045). - nvme-fc: Sync nvme-fc header to FC-NVME-2 (bsc#1169045). - commit 2d3a577 - nvme-multipath: remove unused groups_only mode in ana log (bsc#1169045). - nvme: Wait for reset state when required (bsc#1169045). - nvme: Prevent resets during paused controller state (bsc#1169045). - nvme: Restart request timers in resetting state (bsc#1169045). - nvme: Remove ADMIN_ONLY state (bsc#1169045). - nvme-pci: Free tagset if no IO queues (bsc#1169045). - nvme: retain split access workaround for capability reads (bsc#1169045). - nvme: fix possible deadlock when nvme_update_formats fails (bsc#1169045). - commit a98e6f9 - scsi: core: avoid repetitive logging of device offline messages (bsc#1145929). - commit 4217986 - btrfs: qgroup: Mark qgroup inconsistent if we're inherting snapshot to a new qgroup (bsc#1165823). - commit f82cb6e - SUNRPC: fix krb5p mount to provide large enough buffer in rq_rcvsize (bsc#1168236). - commit 973a971 ++++ libvirt: - api: Disallow virDomainAgentSetResponseTimeout on read-only connections. CVE-2020-10701 4cc90c2e-CVE-2020-10701.patch bsc#1168680 - libxl: Add support for max event channels with maxEventChannel attribute on the xenbus controller 8e669b38-conf-add-event-channels.patch, a93f55c5-libxl-add-event-channels.patch, 967f4eeb-xenconfig-event-channels.patch bsc#1168767 ++++ libzypp: - Get retracted patch status from updateinfo data (jsc#SLE-8770) libsolv injects the indicator provides into packages only. - remove 'using namespace std;' (bsc#1166610, fixes #218) - Online doc: add 'Hardware (modalias) dependencies' page (fixes #216) - version 17.23.4 (22) ------------------------------------------------------------------ ------------------ 2020-4-8 - Apr 8 2020 ------------------- ------------------------------------------------------------------ ++++ iproute2: - Move arpd into own subpackage to avoid libdb dependency [jsc#SLE-12189] ++++ kernel-default: - config: refresh - commit 60a481d - cpufreq: arm64: prevent module unload (bsc#1168476). - commit 59dc6e3 - misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices (git-fixes). - pinctrl: sprd: Use the correct pin output configuration (git-fixes). - pxa168fb: fix release function mismatch in probe failure (git-fixes). - mt76: remove variable 'val' set but not used (git-fixes). - irqchip/bcm2835: Quiesce IRQs left enabled by bootloader (git-fixes). - iio: potentiostat: lmp9100: fix iio_triggered_buffer_{predisable,postenable} positions (git-fixes). - iio: si1133: read 24-bit signed integer for measurement (git-fixes). - staging: kpc2000: prevent underflow in cpld_reconfigure() (git-fixes). - pstore: pstore_ftrace_seq_next should increase position index (git-fixes). - libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() (git-fixes). - r8169: fix PHY driver check on platforms w/o module softdeps (git-fixes). - i2c: nvidia-gpu: Handle timeout correctly in gpu_i2c_check_status() (git-fixes). - geneve: move debug check after netdev unregister (git-fixes). - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() (git-fixes). - lib/ubsan: don't serialize UBSAN report (git-fixes). - commit a79673f - drm/vc4: Fix HDMI mode validation (git-fixes). - drm: amd/acp: fix broken menu structure (git-fixes). - drm/v3d: Replace wait_for macros to remove use of msleep (git-fixes). - drm/amd/display: Fix wrongly passed static prefix (git-fixes). - drm: Remove PageReserved manipulation from drm_pci_alloc (git-fixes). - drm/crc: Actually allow to change the crc source (git-fixes). - drm/drm_dp_mst:remove set but not used variable 'origlen' (git-fixes). - drm/amdgpu: fix typo for vcn1 idle check (git-fixes). - drm/amd/display: Add link_rate quirk for Apple 15" MBP 2017 (git-fixes). - drm/bochs: downgrade pci_request_region failure from error to warning (git-fixes). - drm/amdgpu: correct ROM_INDEX/DATA offset for VEGA20 (git-fixes). - commit 3d01994 - series.conf: cleanup - update upstream reference and resort: patches.suse/slcan-Don-t-transmit-uninitialized-stack-data-in-pad.patch - commit 26aaf48 - thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n (git-fixes). - thermal: qoriq: Fix a compiling issue (git-fixes). - mfd: dln2: Fix sanity checking for endpoints (git-fixes). - tun: Don't put_page() for all negative return values from XDP program (git-fixes). - PCI/ERR: Update error status after reset_link() (git-fixes). - PCI/ERR: Combine pci_channel_io_frozen cases (git-fixes). - mei: me: add cedar fork device ids (git-fixes). - extcon: axp288: Add wakeup support (git-fixes). - fbdev: potential information leak in do_fb_ioctl() (git-fixes). - watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (git-fixes). - watchdog: iTCO_wdt: Export vendorsupport (git-fixes). - fat: fix uninit-memory access for partial initialized inode (git-fixes). - commit 58be4d2 - x86, sched: Account for CPUs with less than 4 cores in freq. invariance (boo#1166664). - commit 949f5c1 - x86, sched: Bail out of frequency invariance if base frequency is unknown (bsc#1167878). - commit f094f17 ++++ gcc10: - Update to master head (13e41d8b9d3d7598c72c38acc86a3), git175688. ++++ parted: - fix null pointer dereference (bsc#1168756) - change: parted-print-max-partitions-for-yast.patch ++++ raspberrypi-firmware: - Add cma-default option to vc4-kms-v3d overlay to mimic the previous default behaviour, which used the kernel's default size. For now we still set the CMA trough the kernel command line, that will change in the future. (bsc#1167761) ++++ raspberrypi-firmware-config: - Add cma-default option to vc4-kms-v3d overlay to mimic the previous default behaviour, which used the kernel's default size. For now we still set the CMA trough the kernel command line, that will change in the future. (bsc#1167761) ++++ rpm: - Fix verification of DSA2 signatures with libgrcypt [bnc#1165731] * new patch: gcryptdsa2.diff ------------------------------------------------------------------ ------------------ 2020-4-7 - Apr 7 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Updated service_del_preun and service_del_postun for iscsi and iscsiuio packges in SPEC file, so that services get started/ stopped in the correct order, and changed systemd macros so that iscsi login service iscsi.service is not restarted during package upgrade (bsc#1166650) ++++ kernel-default: - Refresh patches.suse/powerpc-pseries-Fix-MCE-handling-on-pseries.patch. - commit 901c022 - s390x: zfcpdump: disable CONFIG_RELOCATABLE (bsc#1168847). - commit 77366c6 - series.conf: cleanup - move into sorted section: patches.suse/slcan-Don-t-transmit-uninitialized-stack-data-in-pad.patch - commit 6de7fc6 - fix patch metadata - fix Patch-mainline: patches.suse/btrfs-qgroup-ensure-qgroup_rescan_running-is-only-se.patch - commit 5232dd1 - Update config files to disable CONFIG_UCLAMP_TASK (bsc#1168888). - commit 00c1c4e - series.conf: cleanup - move unsortable patches out of sorted section - commit 362f0b0 - Update patches.suse/media-ov519-add-missing-endpoint-sanity-checks.patch (CVE-2020-11608 bsc#1168829). Added cve number - commit a2db40e - series.conf: cleanup - update upstream references and resort: patches.suse/Documentation-ABI-Add-ABI-documentation-for-sys-kern.patch patches.suse/Documentation-ABI-Mark-sys-kernel-fadump_-sysfs-file.patch patches.suse/cpufreq-powernv-Fix-unsafe-notifiers.patch patches.suse/cpufreq-powernv-Fix-use-after-free.patch patches.suse/powerpc-64-Prevent-stack-protection-in-early-boot.patch patches.suse/powerpc-64-Setup-a-paca-before-parsing-device-tree-e.patch patches.suse/powerpc-64-tm-Don-t-let-userspace-set-regs-trap-via-.patch patches.suse/powerpc-64s-Fix-section-mismatch-warnings-from-boot-.patch patches.suse/powerpc-book3s64-Fix-error-handling-in-mm_iommu_do_a.patch patches.suse/powerpc-drmem-avoid-NULL-pointer-dereference-when-dr.patch patches.suse/powerpc-fadump-Reorganize-sys-kernel-fadump_-sysfs-f.patch patches.suse/powerpc-fadump-sysfs-for-fadump-memory-reservation.patch patches.suse/powerpc-powernv-Move-core-and-fadump_release_opalcor.patch patches.suse/powerpc-pseries-Fix-of_read_drc_info_cell-to-point-a.patch patches.suse/powerpc-pseries-Handle-UE-event-for-memcpy_mcsafe.patch patches.suse/powerpc-smp-Use-nid-as-fallback-for-package_id.patch patches.suse/powerpc-vmlinux.lds-Explicitly-retain-.gnu.hash.patch patches.suse/powerpc-xive-Use-XIVE_BAD_IRQ-instead-of-zero-to-cat.patch patches.suse/sysfs-Wrap-__compat_only_sysfs_link_entry_to_kobj-fu.patch - commit 895f36d - supported.conf: Mark mali-dp as supported References: bsc#1168596 Used on NXP LS1028A devices. - commit 3682c9a - bpf: Verifier, do_refine_retval_range may clamp umin to 0 incorrectly (bsc#1155518). - bpf: Explicitly memset some bpf info structures declared on the stack (bsc#1155518). - bpf: Explicitly memset the bpf_attr structure (bsc#1155518). - commit b866c91 - MM: replace PF_LESS_THROTTLE with PF_LOCAL_THROTTLE (bsc#1163403). - Deprecate NR_UNSTABLE_NFS, use NR_WRITEBACK (bsc#1163403). - commit 73cedab ++++ gnutls: - Backport AES XTS support (bsc#1168835) * add 0001-Vendor-in-XTS-functionality-from-Nettle.patch * add gnutls-fips_XTS_key_check.patch ++++ salt: - Update to Salt version 3000 See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.html - Do not make file.recurse state to fail when msgpack 0.5.4 (bsc#1167437) - Fixes status attribute issue in aptpkg test - Make setup.py script not to require setuptools greater than 9.1 loop: fix variable names for until_no_eval - Drop conflictive module.run state patch (bsc#1167437) - Update patches after rebase with upstream v3000 tag (bsc#1167437) - Fix some requirements issues depending on Python3 versions - Removes obsolete patch - Fix for low rpm_lowpkg unit test - Add python-singledispatch as dependency for python2-salt - Fix for temp folder definition in loader unit test - Make "salt.ext.tornado.gen" to use "salt.ext.backports_abc" on Python 2 - Fix regression in service states with reload argument - Fix integration test failure for test_mod_del_repo_multiline_values - Fix for unless requisite when pip is not installed - Fix errors from unit tests due NO_MOCK and NO_MOCK_REASON deprecation - Fix tornado imports and missing _utils after rebasing patches - Removes unresolved merge conflict in yumpkg module - Added: * make-setup.py-script-to-not-require-setuptools-9.1.patch * opensuse-3000-virt-defined-states-222.patch * fix-for-unless-requisite-when-pip-is-not-installed.patch * fix-typo-on-msgpack-version-when-sanitizing-msgpack-.patch * fix-regression-in-service-states-with-reload-argumen.patch * batch_async-avoid-using-fnmatch-to-match-event-217.patch * make-salt.ext.tornado.gen-to-use-salt.ext.backports_.patch * virt._get_domain-don-t-raise-an-exception-if-there-i.patch * loop-fix-variable-names-for-until_no_eval.patch * removes-unresolved-merge-conflict-in-yumpkg-module.patch * add-missing-_utils-at-loader-grains_func.patch * changed-imports-to-vendored-tornado.patch * sanitize-grains-loaded-from-roster_grains.json.patch * fix-for-temp-folder-definition-in-loader-unit-test.patch * remove-deprecated-usage-of-no_mock-and-no_mock_reaso.patch * reintroducing-reverted-changes.patch * adds-explicit-type-cast-for-port.patch * fix-wrong-test_mod_del_repo_multiline_values-test-af.patch * re-adding-function-to-test-for-root.patch - Modified: * move-server_id-deprecation-warning-to-reduce-log-spa.patch * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch * strip-trailing-from-repo.uri-when-comparing-repos-in.patch * prevent-test_mod_del_repo_multiline_values-to-fail.patch * prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch * async-batch-implementation.patch * add-hold-unhold-functions.patch * add-all_versions-parameter-to-include-all-installed-.patch * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch * fix-for-log-checking-in-x509-test.patch * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch * add-multi-file-support-and-globbing-to-the-filetree-.patch * remove-unnecessary-yield-causing-badyielderror-bsc-1.patch * fix-bsc-1065792.patch * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch * return-the-expected-powerpc-os-arch-bsc-1117995.patch * fixes-cve-2018-15750-cve-2018-15751.patch * add-cpe_name-for-osversion-grain-parsing-u-49946.patch * fix-failing-unit-tests-for-batch-async.patch * decide-if-the-source-should-be-actually-skipped.patch * allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch * add-batch_presence_ping_timeout-and-batch_presence_p.patch * run-salt-master-as-dedicated-salt-user.patch * use-current-ioloop-for-the-localclient-instance-of-b.patch * integration-of-msi-authentication-with-azurearm-clou.patch * temporary-fix-extend-the-whitelist-of-allowed-comman.patch * improve-batch_async-to-release-consumed-memory-bsc-1.patch * fix-unit-test-for-grains-core.patch * add-supportconfig-module-for-remote-calls-and-saltss.patch * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch * debian-info_installed-compatibility-50453.patch * include-aliases-in-the-fqdns-grains.patch * implement-network.fqdns-module-function-bsc-1134860-.patch * fix-async-batch-multiple-done-events.patch * support-config-non-root-permission-issues-fixes-u-50.patch * fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch * activate-all-beacons-sources-config-pillar-grains.patch * avoid-traceback-when-http.query-request-cannot-be-pe.patch * fix-aptpkg-systemd-call-bsc-1143301.patch * use-adler32-algorithm-to-compute-string-checksums.patch * do-not-break-repo-files-with-multiple-line-values-on.patch * fix-batch_async-obsolete-test.patch * provide-the-missing-features-required-for-yomi-yet-o.patch * fall-back-to-pymysql.patch * xfs-do-not-fails-if-type-is-not-present.patch * restore-default-behaviour-of-pkg-list-return.patch * add-missing-fun-for-returns-from-wfunc-executions.patch * virt-adding-kernel-boot-parameters-to-libvirt-xml-55.patch * run-salt-api-as-user-salt-bsc-1064520.patch * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch * support-for-btrfs-and-xfs-in-parted-and-mkfs.patch * fixing-streamclosed-issue.patch * do-not-crash-when-there-are-ipv6-established-connect.patch * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch * fix-async-batch-race-conditions.patch * fix-issue-2068-test.patch * fix-a-wrong-rebase-in-test_core.py-180.patch * fix-for-suse-expanded-support-detection.patch * add-environment-variable-to-know-if-yum-is-invoked-f.patch * add-standalone-configuration-file-for-enabling-packa.patch * switch-firewalld-state-to-use-change_interface.patch * do-not-make-ansiblegate-to-crash-on-python3-minions.patch * make-aptpkg.list_repos-compatible-on-enabled-disable.patch * add-custom-suse-capabilities-as-grains.patch * accumulated-changes-from-yomi-167.patch * get-os_arch-also-without-rpm-package-installed.patch * fix-git_pillar-merging-across-multiple-__env__-repos.patch * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch * add-saltssh-multi-version-support-across-python-inte.patch * early-feature-support-config.patch * add-virt.all_capabilities.patch * accumulated-changes-required-for-yomi-165.patch * fix-memory-leak-produced-by-batch-async-find_jobs-me.patch * fix-ipv6-scope-bsc-1108557.patch * prevent-systemd-run-description-issue-when-running-a.patch * make-profiles-a-package.patch * don-t-call-zypper-with-more-than-one-no-refresh.patch * batch.py-avoid-exception-when-minion-does-not-respon.patch * read-repo-info-without-using-interpolation-bsc-11356.patch * x509-fixes-111.patch * do-not-report-patches-as-installed-when-not-all-the-.patch - Removed: * remove-virt.pool_delete-fast-parameter-178.patch * adds-the-possibility-to-also-use-downloadonly-in-kwa.patch * align-virt-full-info-fixes-with-upstream-192.patch * take-checksums-arg-into-account-for-postgres.datadir.patch * virt-1.volume_infos-fix-for-single-vm.patch * virt.volume_infos-needs-to-ignore-inactive-pools-174.patch * preserve-already-defined-destructive_tests-and-expen.patch * list_downloaded-for-apt-module.patch * fix-virt-states-to-not-fail-on-vms-already-stopped.-.patch * virt.volume_infos-fix-for-single-vm.patch * restrict-the-start_event_grains-only-to-the-start-ev.patch * fix-virt.full_info-176.patch * preserving-signature-in-module.run-state-u-50049.patch * checking-for-jid-before-returning-data.patch * virt.volume_infos-silence-libvirt-error-message-175.patch * add-virt.volume_infos-and-virt.volume_delete.patch * add-virt.network_get_xml-function.patch * virt.network_define-allow-adding-ip-configuration.patch * add-ppc64le-as-a-valid-rpm-package-architecture.patch * bugfix-any-unicode-string-of-length-16-will-raise-ty.patch * fix-for-older-mock-module.patch * fix-virt.get_hypervisor-188.patch * 2019.2.0-pr-54196-backport-173.patch * enable-passing-grains-to-start-event-based-on-start_.patch * fix-load-cached-grain-osrelease_info.patch * open-suse-2019.2.3-virt-defined-states-219.patch * backport-saltutil-state-module-to-2019.2-codebase.patch ++++ yast2: - Retranslate wizard help button in NCurses UI (bsc#1167224) - 4.2.81 ------------------------------------------------------------------ ------------------ 2020-4-6 - Apr 6 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/irq: Use current_stack_pointer in do_IRQ() (bsc#1156395). - powerpc/irq: Use current_stack_pointer in check_stack_overflow() (bsc#1156395). - powerpc: Add current_stack_pointer as a register global (bsc#1156395). - powerpc: Rename current_stack_pointer() to current_stack_frame() (bsc#1156395). - commit dfb328d - blacklist.conf: Blacklist 1ac994525b9d - commit 536164b - mm/filemap.c: don't bother dropping mmap_sem for zero size readahead (bsc#1168768). - commit 73bb347 - blacklist.conf: Blacklist 780f66e59231 - commit f5700fa - ext4: fix incorrect group count in ext4_fill_super error message (bsc#1168765). - commit fe1e977 - ext4: fix incorrect inodes per group in error message (bsc#1168764). - commit 30375fd - Move merged patches to sorted section. - commit cd90775 patches.suse/ext4-Avoid-ENOSPC-when-avoiding-to-reuse-recently-de.patch, patches.suse/ext4-Unregister-sysfs-path-before-destroying-jbd2-journal.patch, patches.suse/ext4-do-not-commit-super-on-read-only-bdev.patch: Update tags - commit 9574818 - patches.suse/ext4-Check-for-non-zero-journal-inum-in-ext4_calculate_overhead.patches: Update patch tags - commit 2c9a584 - partitions/efi: Fix partition name parsing in GUID partition entry (bsc#1168763). - commit 0cdb51e - block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices (bsc#1168762). - commit bab38c6 - blacklist.conf: Blacklist f01b411f41f9 - commit a9128f0 - block/diskstats: more accurate approximation of io_ticks for slow disks (bsc#1168761). - commit fbbe9dc - block, bfq: fix use-after-free in bfq_idle_slice_timer_body (bsc#1168760). - commit 1b05c31 - ASoC: jz4740-i2s: Fix divider written at incorrect offset in register (git-fixes). - commit 8642419 - xarray: Fix early termination of xas_for_each_marked (git-fixes). - XArray: Fix xas_pause for large multi-index entries (git-fixes). - XArray: Fix xa_find_next for large multi-index entries (git-fixes). - commit b6feec2 - media: imx: Propagate quantization and encoding in CSI (git-fixes). - blacklist.conf: - commit 43a1dba - tty: evh_bytechan: Fix out of bounds accesses (git-fixes). - rtc: imx-sc: Align imx sc msg structs to 4 (git-fixes). - rtc: cmos: Use spin_lock_irqsave() in cmos_interrupt() (git-fixes). - rtc: zynqmp: Clear alarm interrupt status before interrupt enable (git-fixes). - gpio: siox: use raw spinlock for irq related locking (git-fixes). - soc: mediatek: knows_txdone needs to be set in Mediatek CMDQ helper (git-fixes). - PCI: qcom: Fix the fixup of PCI_VENDOR_ID_QCOM (git-fixes). - PCI: endpoint: Fix clearing start entry in configfs (git-fixes). - PCI: pciehp: Fix indefinite wait on sysfs requests (git-fixes). - PCI/ASPM: Clear the correct bits when enabling L1 substates (git-fixes). - misc: rtsx: set correct pcr_ops for rts522A (git-fixes). - PCI/switchtec: Fix init_completion race condition with poll_wait() (git-fixes). - PM / Domains: Allow no domain-idle-states DT property in genpd when parsing (git-fixes). - PM: sleep: wakeup: Skip wakeup_source_sysfs_remove() if device is not there (git-fixes). - phy: ti: gmii-sel: do not fail in case of gmii (git-fixes). - phy: ti: gmii-sel: fix set of copy-paste errors (git-fixes). - commit b2ac503 - clk: imx: clk-gate2: Pass the device to the register function (git-fixes). - clk: imx8mm: Fix the CLKO1 source select list (git-fixes). - clk: qcom: clk-rpmh: Wait for completion when enabling clocks (git-fixes). - clk: sprd: fix to get a correct ibias of pll (git-fixes). - clk: at91: usb: use proper usbs_mask (git-fixes). - clk: at91: sam9x60: fix usb clock parents (git-fixes). - clk: at91: sam9x60: Don't use audio PLL (git-fixes). - clk: ingenic/jz4770: Exit with error if CGU init failed (git-fixes). - clk: sunxi-ng: sun8i-de2: Add rotation core clocks and reset for A83T (git-fixes). - clk: sunxi-ng: sun8i-de2: H6 doesn't have rotate core (git-fixes). - clk: sunxi-ng: sun8i-de2: Add rotation core clocks and reset for A64 (git-fixes). - clk: sunxi-ng: sun8i-de2: Split out H5 definitions (git-fixes). - clk: ti: Fix dm814x clkctrl for ethernet (git-fixes). - clk: imx: Align imx sc clock parent msg structs to 4 (git-fixes). - clk: imx: Align imx sc clock msg structs to 4 (git-fixes). - clk: ti: am43xx: Fix clock parent for RTC clock (git-fixes). - commit 2f7671e - powerpc: define helpers to get L1 icache sizes (bsc#1156395). - commit 780726d - powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries (bsc#1156395). - commit 86ebd4a - powerpc/kprobes: Ignore traps that happened in real mode (bsc#1065729). - commit fc55c00 - powerpc/mm: Fix missing KUAP disable in flush_coherent_icache() (bsc#1156395). - powerpc: Convert flush_icache_range & friends to C (bsc#1156395). - powerpc/32: don't use CPU_FTR_COHERENT_ICACHE (bsc#1156395). - commit 9ea5bb3 - ftrace/kprobe: Show the maxactive number on kprobe_events (git-fixes). - commit 090d00e - powerpc: Make setjmp/longjmp signature standard (bsc#1156395). - powerpc: Add attributes for setjmp/longjmp (bsc#1156395). - commit 918fd5d - PM / QoS: Redefine FREQ_QOS_MAX_DEFAULT_VALUE to S32_MAX (bsc#1168476). - ACPI: processor: Add QoS requests for all CPUs (bsc#1168476). - commit d3f0646 - cpufreq: Fix policy initialization for internal governor drivers (bsc#1168476). - cpufreq: Avoid creating excessively large stack frames (bsc#1168476). - cpufreq: Avoid leaving stale IRQ work items during CPU offline (bsc#1168476). - cpufreq: Register drivers only after CPU devices have been registered (bsc#1168476). - cpufreq: Clarify the comment in cpufreq_set_policy() (bsc#1168476). - PM: QoS: Invalidate frequency QoS requests after removal (bsc#1168476). - PM: QoS: Drop frequency QoS types from device PM QoS (bsc#1168476). - cpufreq: Use per-policy frequency QoS (bsc#1168476). - PM: QoS: Introduce frequency QoS (bsc#1168476). - ACPI: processor: Avoid NULL pointer dereferences at init time (bsc#1168476). - Documentation: cpufreq: Update policy notifier documentation (bsc#1168476). - cpufreq: Remove CPUFREQ_ADJUST and CPUFREQ_NOTIFY policy notifier events (bsc#1168476). - ACPI: cpufreq: Switch to QoS requests instead of cpufreq notifier (bsc#1168476). - video: pxafb: Remove cpufreq policy notifier (bsc#1168476). - video: sa1100fb: Remove cpufreq policy notifier (bsc#1168476). - arch_topology: Use CPUFREQ_CREATE_POLICY instead of CPUFREQ_NOTIFY (bsc#1168476). - cpufreq: powerpc_cbe: Switch to QoS requests for freq limits (bsc#1168476). - cpufreq: powerpc: macintosh: Switch to QoS requests for freq limits (bsc#1168476). - thermal: cpu_cooling: Switch to QoS requests for freq limits (bsc#1168476). - cpufreq: Add policy create/remove notifiers back (bsc#1168476). - cpufreq: intel_pstate: Implement QoS supported freq constraints (bsc#1168476). - commit 9298b0f - s390/pci: Fix unexpected write combine on resource (bsc#1168553 LTC#184760). - commit 0e9a5c8 - powerpc/pseries/ddw: Extend upper limit for huge DMA window for persistent memory (FATE#327775 bsc#1142685 ltc#179509). - commit 0b3bfc8 - scsi: qla2xxx: Fix I/Os being passed down when FC device is being deleted (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit a560046 - blacklist.conf: already done in 045706bff837ee89c13f1ace173db71922c1c40b - commit 255a9d4 - blacklist.conf: already done in b32196e35bd7bbc8038db1aba1fbf022dc469b6a - commit c52adb6 - s390/mm: fix panic in gup_fast on large pud (bsc#1167197 LTC#184507). - commit a8ed0dc - blacklist.conf: fixes only logged messages - commit 8266fdf - btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued (bsc#1168670). - Delete patches.suse/btrfs-qgroups-fix-rescan-worker-running-races.patch. - commit acca6e8 - nfsd: remove read permission bit for ctl sysctl (git-fixes). - commit 6b806f6 ++++ mozilla-nss: - nss-fips-detect-fips-mode-fixes.patch: Use secure_getenv() to avoid PR_GetEnvSecure() being called when NSPR is unavailable, resulting in an abort (bsc#1168669). ++++ gcc10: - Update to master head (c72a1b6f8b26de37d1a922a8af143), git175641. ++++ snapper: - updated translations (bsc#1149754) - generate dsc file for Ubuntu 19.10 ++++ libssh: - Fix possible Denial of Service attack when using AES-CTR ciphers; (bsc#1168699) * Add 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch ++++ systemd: - Import commit c5aa158173ced05201182d1cc18632a25cf43b94 (merge v245.4) - Add 0001-meson-fix-build-of-udev-path_id_compat-builtin-with-.patch ++++ qemu: - One more fix is needed for: s390x Protected Virtualization support - start and control guest in secure mode (bsc#1167075 jsc#SLE-7407) s390x-s390-virtio-ccw-Fix-build-on-syste.patch ++++ raspberrypi-firmware: - Get rid of rpi4-thermal overlay, not needed anymore - Get rid of rpi4-firmware-dma-ranges overlay, not needed anymore - Get rid of rpi4-gpio-names overlay, not needed anymore ++++ raspberrypi-firmware-config: - Get rid of rpi4-thermal overlay, not needed anymore - Get rid of rpi4-firmware-dma-ranges overlay, not needed anymore - Get rid of rpi4-gpio-names overlay, not needed anymore ++++ raspberrypi-firmware-dt: - Update to b08ce72793b5 (2020-04-02) (bsc#1167761) * Based on v5.6.y * Uses upstream's CMA handling * Introduces GPIO labels * Fixes DMA issues with firmware DT node * Introduces thermal nodes - Remove rpi4-thermal.dts as it's now available in the stock device-tree. - Remove rpi4-gpio-names-overlay.dts as it's now available in the stock device-tree. - Remove rpi4-firmware-dma-ranges-overlay.dts as it's now available in the stock device-tree. - Remove upstream-cma.patch as it's now available in the stock device-tree. - Remove upstream-pcie-dma-ranges.patch as it's now available in the stock device-tree. - Refresh upstream-emmc2bus.patch so it applies on v5.6.y ++++ transactional-update: - Version 2.21.1 - Rework error messages on failing umount [boo#1168389] ++++ u-boot-rpiarm64: - Build odroid-n2 version ------------------------------------------------------------------ ------------------ 2020-4-5 - Apr 5 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix patch metadata - fix Patch-mainline: patches.suse/0001-kvm-s390-disallow-invalid-bits-in-kvm_valid_regs-and-kvm_dirty_regs patches.suse/0002-kvm-s390-mark-_insn32_query-as-_always_inline patches.suse/0003-kvm-s390-cleanup-kvm_arch_init-error-path patches.suse/0004-kvm-s390-cleanup-initial-cpu-reset patches.suse/0005-kvm-s390-add-new-reset-vcpu-api - commit e3cd9b7 - Update kabi files. - commit 038f102 ------------------------------------------------------------------ ------------------ 2020-4-4 - Apr 4 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: fix use-after-free when aborting corrupt attr inactivation (git-fixes). - commit bef8807 ------------------------------------------------------------------ ------------------ 2020-4-3 - Apr 3 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Enable support for journald logging (bsc#1162432) - Update to v2.0.15 - store status while waiting for pid ++++ fcoe-utils: - Change use of "ifconfig" to "ip", since ifconfig is no longer around (bsc#1073886), adding: * fcoe-utils-stop-using-ifconfig.patch ++++ kernel-default: - KVM: s390: protvirt: Add initial vm and cpu lifecycle handling (jsc#SLE-7512 bsc#1165545). - Update kabi files. - commit f7edc36 - KVM: s390: protvirt: Implement interrupt injection (jsc#SLE-7512 bsc#1165545). - Update kabi files. - commit 992821a - KVM: s390: protvirt: Instruction emulation (jsc#SLE-7512 bsc#1165545). - commit 19e482f - mm/gup/writeback: add callbacks for inaccessible pages (jsc#SLE-7512 bsc#1165545). - commit 2700b97 - scsi: ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551). - commit 8a47623 - powerpc/pseries: Fix MCE handling on pseries (bsc#1168575 ltc#183501). - commit ef26231 - scsi: lpfc: Change default SCSI LUN QD to 64 (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). Patch split off patches.suse/scsi-lpfc-Fix-erroneous-cpu-limit-of-128-on-I-O-stat.patch in upstream repository. - Refresh patches.suse/scsi-lpfc-Fix-erroneous-cpu-limit-of-128-on-I-O-stat.patch. - Refresh patches.suse/scsi-lpfc-Make-debugfs-ktime-stats-generic-for-NVME-.patch. - Refresh patches.suse/scsi-lpfc-Remove-prototype-FIPS-DSS-options-from-SLI.patch. - Refresh patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.0.patch. - commit a4a3d20 - config: arm64: enable cpufreq driver for Jetson Nano and TX1 References: jsc#SLE-9391 - commit 57d2fdd - Update kabi files. Update to Snapshot 10 submission (commit c4804773a3be). - commit 46da16d - series.conf: refresh - update upstream references and resort: patches.suse/pinctrl-bcm2835-add-support-for-all-gpios-on-bcm2711.patch patches.suse/pinctrl-bcm2835-drop-unused-define.patch patches.suse/pinctrl-bcm2835-refactor-platform-data.patch patches.suse/scsi-fc-Update-Descriptor-definition-and-add-RDF-and.patch patches.suse/scsi-ibmvfc-Avoid-loss-of-all-paths-during-SVC-node-.patch patches.suse/scsi-lpfc-Clean-up-hba-max_lun_queue_depth-checks.patch patches.suse/scsi-lpfc-Fix-RQ-buffer-leakage-when-no-IOCBs-availa.patch patches.suse/scsi-lpfc-Fix-broken-Credit-Recovery-after-driver-lo.patch patches.suse/scsi-lpfc-Fix-compiler-warning-on-frame-size.patch patches.suse/scsi-lpfc-Fix-coverity-errors-in-fmdi-attribute-hand.patch patches.suse/scsi-lpfc-Fix-lpfc_io_buf-resource-leak-in-lpfc_get_.patch patches.suse/scsi-lpfc-Fix-registration-of-ELS-type-support-in-fd.patch patches.suse/scsi-lpfc-Fix-release-of-hwq-to-clear-the-eq-relatio.patch patches.suse/scsi-lpfc-Remove-handler-for-obsolete-ELS-Read-Port-.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.6.0.4.patch patches.suse/scsi-lpfc-add-RDF-registration-and-Link-Integrity-FP.patch patches.suse/scsi-lpfc-fix-spelling-mistake-Notication-Notificati.patch patches.suse/scsi-qla2xxx-Add-16.0GT-for-PCI-String.patch patches.suse/scsi-qla2xxx-Add-beacon-LED-config-sysfs-interface.patch patches.suse/scsi-qla2xxx-Add-changes-in-preparation-for-vendor-e.patch patches.suse/scsi-qla2xxx-Add-deferred-queue-for-processing-ABTS-.patch patches.suse/scsi-qla2xxx-Add-endianizer-macro-calls-to-fc-host-s.patch patches.suse/scsi-qla2xxx-Add-fixes-for-mailbox-command.patch patches.suse/scsi-qla2xxx-Add-ql2xrdpenable-module-parameter-for-.patch patches.suse/scsi-qla2xxx-Add-sysfs-node-for-D-Port-Diagnostics-A.patch patches.suse/scsi-qla2xxx-Add-vendor-extended-FDMI-commands.patch patches.suse/scsi-qla2xxx-Add-vendor-extended-RDP-additions-and-a.patch patches.suse/scsi-qla2xxx-Avoid-setting-firmware-options-twice-in.patch patches.suse/scsi-qla2xxx-Check-locking-assumptions-at-runtime-in.patch patches.suse/scsi-qla2xxx-Cleanup-ELS-PUREX-iocb-fields.patch patches.suse/scsi-qla2xxx-Convert-MAKE_HANDLE-from-a-define-into-.patch patches.suse/scsi-qla2xxx-Correction-to-selection-of-loopback-ech.patch patches.suse/scsi-qla2xxx-Display-message-for-FCE-enabled.patch patches.suse/scsi-qla2xxx-Fix-FCP-SCSI-FC4-flag-passing-error.patch patches.suse/scsi-qla2xxx-Fix-NPIV-instantiation-after-FW-dump.patch patches.suse/scsi-qla2xxx-Fix-RDP-respond-data-format.patch patches.suse/scsi-qla2xxx-Fix-RDP-response-size.patch patches.suse/scsi-qla2xxx-Fix-control-flags-for-login-logout-IOCB.patch patches.suse/scsi-qla2xxx-Fix-qla2x00_echo_test-based-on-ISP-type.patch patches.suse/scsi-qla2xxx-Fix-sparse-warning-reported-by-kbuild-b.patch patches.suse/scsi-qla2xxx-Fix-sparse-warnings-triggered-by-the-PC.patch patches.suse/scsi-qla2xxx-Force-semaphore-on-flash-validation-fai.patch patches.suse/scsi-qla2xxx-Handle-NVME-status-iocb-correctly.patch patches.suse/scsi-qla2xxx-Handle-cases-for-limiting-RDP-response-.patch patches.suse/scsi-qla2xxx-Improved-secure-flash-support-messages.patch patches.suse/scsi-qla2xxx-Move-free-of-fcport-out-of-interrupt-co.patch patches.suse/scsi-qla2xxx-Print-portname-for-logging-in-qla24xx_l.patch patches.suse/scsi-qla2xxx-Remove-restriction-of-FC-T10-PI-and-FC-.patch patches.suse/scsi-qla2xxx-Return-appropriate-failure-through-BSG-.patch patches.suse/scsi-qla2xxx-Save-rscn_gen-for-new-fcport.patch patches.suse/scsi-qla2xxx-Serialize-fc_port-alloc-in-N2N.patch patches.suse/scsi-qla2xxx-Set-Nport-ID-for-N2N.patch patches.suse/scsi-qla2xxx-Show-correct-port-speed-capabilities-fo.patch patches.suse/scsi-qla2xxx-Simplify-the-code-for-aborting-SCSI-com.patch patches.suse/scsi-qla2xxx-Suppress-endianness-complaints-in-qla2x.patch patches.suse/scsi-qla2xxx-Update-BPM-enablement-semantics.patch patches.suse/scsi-qla2xxx-Update-driver-version-to-10.01.00.24-k.patch patches.suse/scsi-qla2xxx-Update-driver-version-to-10.01.00.25-k.patch patches.suse/scsi-qla2xxx-Use-FC-generic-update-firmware-options-.patch patches.suse/scsi-qla2xxx-Use-QLA_FW_STOPPED-macro-to-propagate-f.patch patches.suse/scsi-qla2xxx-Use-a-dedicated-interrupt-handler-for-h.patch patches.suse/scsi-qla2xxx-Use-correct-ISP28xx-active-FW-region.patch patches.suse/scsi-qla2xxx-Use-endian-macros-to-assign-static-fiel.patch patches.suse/scsi-qla2xxx-add-more-FW-debug-information.patch patches.suse/scsi-qla2xxx-fix-FW-resource-count-values.patch patches.suse/scsi-target-convert-boolean-se_dev_attrib-types-to-b.patch patches.suse/scsi-target-fix-unmap_zeroes_data-boolean-initialisa.patch patches.suse/scsi-target-use-an-enum-to-track-emulate_ua_intlck_c.patch patches.suse/scsi-tcm_qla2xxx-Make-qlt_alloc_qfull_cmd-set-cmd-se.patch - commit e921d75 - mtd: spinand: Do not erase the block before writing a bad block marker (git-fixes). - mtd: spinand: Explicitly use MTD_OPS_RAW to write the bad block marker to OOB (git-fixes). - mtd: spinand: Stop using spinand->oobbuf for buffering bad block markers (git-fixes). - mtd: rawnand: free the nand_device object (git-fixes). - mtd: phram: fix a double free issue in error path (git-fixes). - mtd: lpddr: Fix a double free in probe() (git-fixes). - i2c: smbus: remove outdated references to irq level triggers (git-fixes). - ASoC: Intel: mrfld: fix incorrect check on p->sink (git-fixes). - ASoC: sun8i-codec: Remove unused dev from codec struct (git-fixes). - ASoC: Intel: mrfld: return error codes when an error occurs (git-fixes). - ASoC: stm32: spdifrx: fix regmap status check (git-fixes). - pinctrl: actions: Fix functions groups names for S700 SoC (git-fixes). - remoteproc: Fix NULL pointer dereference in rproc_virtio_notify (git-fixes). - remoteproc: qcom_q6v5_mss: Reload the mba region on coredump (git-fixes). - remoteproc: qcom_q6v5_mss: Don't reassign mpss region on shutdown (git-fixes). - include/bitmap.h: add missing parameter in docs (git-fixes). - mac80211: fix authentication with iwlwifi/mvm (git-fixes). - mac80211: Check port authorization in the ieee80211_tx_dequeue() case (git-fixes). - nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type (git-fixes). - slcan: not call free_netdev before rtnl_unlock in slcan_open (git-fixes). - commit 784cfac - ALSA: pcm.h: add for_each_pcm_streams() (git-fixes). - commit 03a4da5 - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor (git-fixes). - ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups (git-fixes). - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 (git-fixes). - ALSA: usx2y: use for_each_pcm_streams() macro (git-fixes). - ALSA: hda: default enable CA0132 DSP support (git-fixes). - ALSA: usb-audio: Inform devices that need delayed registration (git-fixes). - ALSA: usb-audio: Add delayed_register option (git-fixes). - ALSA: usb-audio: Rewrite registration quirk handling (git-fixes). - ALSA: core: Add snd_device_get_state() helper (git-fixes). - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) (git-fixes). - ALSA: usb-audio: Fix mixer controls' USB interface for Kingston HyperX Amp (0951:16d8) (git-fixes). - ALSA: hda: Use scnprintf() for string truncation (git-fixes). - ALSA: pcm: Fix superfluous snprintf() usage (git-fixes). - ALSA: pcm: oss: Simplify plugin frame size calculations (git-fixes). - ALSA: usb-audio: Fix missing braces in some struct inits (git-fixes). - ALSA: usb-audio: Add support for MOTU MicroBook IIc (git-fixes). - ALSA: korg1212: fix if-statement empty body warnings (git-fixes). - ALSA: usb-audio: Parse source ID of UAC2 effect unit (git-fixes). - usb: audio-v2: Add uac2_effect_unit_descriptor definition (git-fixes). - ALSA: usb-audio: Add support for Presonus Studio 1810c (git-fixes). - ALSA: pcm: oss: Unlock mutex temporarily for sleeping at read/write (git-fixes). - ALSA: usb-audio: Don't create a mixer element with bogus volume range (git-fixes). - ALSA: hda_codec: Replace zero-length array with flexible-array member (git-fixes). - ALSA: hda/ca0132 - Replace zero-length array with flexible-array member (git-fixes). - ALSA: usb-midi: Replace zero-length array with flexible-array member (git-fixes). - ALSA: core: Replace zero-length array with flexible-array member (git-fixes). - ALSA: info: remove redundant assignment to variable c (git-fixes). - ALSA: ali5451: remove redundant variable capture_flag (git-fixes). - ALSA: hda: remove redundant assignment to variable timeout (git-fixes). - ALSA: hdsp: remove redundant assignment to variable err (git-fixes). - ALSA: pcm: Use a macro for parameter masks to reduce the needed cast (git-fixes). - ALSA: pcm: Use standard macros for fixing PCM format cast (git-fixes). - ALSA: usb-audio: Use pcm_for_each_format() macro for PCM format iterations (git-fixes). - ALSA: pcm: More helper macros for reducing snd_pcm_format_t cast (git-fixes). - ALSA: emu10k1: Fix endianness annotations (git-fixes). - ALSA: via82xx: Fix endianness annotations (git-fixes). - ALSA: hda/hdmi: Move ELD parse and jack reporting into update_eld() (git-fixes). - ALSA: hda/hdmi: Move runtime PM resume into hdmi_present_sense_via_verbs() (git-fixes). - ALSA: hda/hdmi: Don't use standard hda_jack for generic HDMI jacks (git-fixes). - ALSA: hda/hdmi: Reduce hda_jack_tbl lookup at unsol event handling (git-fixes). - ALSA: hda/realtek - a fake key event is triggered by running shutup (git-fixes). - ALSA: hda/realtek: Enable mute LED on an HP system (git-fixes). - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard (git-fixes). - commit f898dc5 - slcan: Don't transmit uninitialized stack data in padding (CVE-2020-11494 bsc#1168424). - commit 246f367 - btrfs: do not zero f_bavail if we have available space (bsc#1168081). - commit 77d5937 ++++ kexec-tools: - kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch: s390: Reset kernel command line on syscall fallback (bsc#1167868). ++++ makedumpfile: - Add -fcommon in order to fix boo#1160282. ++++ podman: - Add "systemd" BUILDFLAGS to build with support for journald logging (bsc#1162432) ++++ python-PyYAML: - Add patch pyyaml-5.1.2.patch (bsc#1165439 CVE-2020-1747) Prevents arbitrary code execution during python/object/* constructors (This patch contains the git commits 8c5e47f and 5080ba5 applied to the 5.1.2 release) ++++ yast2: - Modify the way YaST detects whether systemd is running or not (bsc#1168307) - 4.2.80 ------------------------------------------------------------------ ------------------ 2020-4-2 - Apr 2 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL (git-fixes). - Refresh patches.suse/USB-cdc-acm-fix-rounding-error-in-TIOCSSERIAL.patch. - commit 8731e73 - USB: cdc-acm: restore capability check order (git-fixes). - usb: gadget: f_fs: Fix use after free issue as part of queue failure (git-fixes). - USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback (git-fixes). - USB: serial: option: add Wistron Neweb D19Q1 (git-fixes). - USB: serial: option: add BroadMobi BM806U (git-fixes). - USB: serial: option: add support for ASKEY WWHC050 (git-fixes). - usb: musb: fix crash with highmen PIO and usbmon (git-fixes). - usb: gadget: composite: Inform controller driver of self-powered (git-fixes). - usb: dwc3: gadget: Wrap around when skip TRBs (git-fixes). - usb: dwc3: gadget: Don't clear flags before transfer ended (git-fixes). - seccomp: Add missing compat_ioctl for notify (git-fixes). - tpm: ibmvtpm: Wait for buffer to be set before proceeding (git-fixes). - tpm: tpm2_bios_measurements_next should increase position index (git-fixes). - tpm: tpm1_bios_measurements_next should increase position index (git-fixes). - vti6: Fix memory leak of skb if input policy check fails (git-fixes). - USB: serial: pl2303: add device-id for HP LD381 (git-fixes). - USB: serial: option: add ME910G1 ECM composition 0x110b (git-fixes). - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters (git-fixes). - usb: host: xhci-plat: add a shutdown (git-fixes). - USB: Disable LPM on WD19's Realtek Hub (git-fixes). - usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c (git-fixes). - tty: fix compat TIOCGSERIAL checking wrong function ptr (git-fixes). - tty: fix compat TIOCGSERIAL leaking uninitialized memory (git-fixes). - seccomp: Check that seccomp_notif is zeroed out by the user (git-fixes). - commit 6e62c53 - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for eMMC sleep command (git-fixes). - mmc: sdhci-tegra: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY (git-fixes). - mmc: sdhci-omap: Fix busy detection by enabling MMC_CAP_NEED_RSP_BUSY (git-fixes). - mmc: core: Respect MMC_CAP_NEED_RSP_BUSY for erase/trim/discard (git-fixes). - mmc: core: Allow host controllers to require R1B for CMD6 (git-fixes). - mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch() (git-fixes). - commit a7a7a34 - media: i2c: video-i2c: fix build errors due to 'imply hwmon' (git-fixes). - media: vivid: fix incorrect PA assignment to HDMI outputs (git-fixes). - media: imx: imx7-media-csi: Fix video field handling (git-fixes). - media: imx: imx7-media-csi: Remove unneeded register read (git-fixes). - media: imx: imx7_mipi_csis: Power off the source when stopping streaming (git-fixes). - media: xirlink_cit: add missing descriptor sanity checks (git-fixes). - media: stv06xx: add missing descriptor sanity checks (git-fixes). - media: ov519: add missing endpoint sanity checks (git-fixes). - media: v4l2-fwnode: fix v4l2_fwnode_parse_link handling (git-fixes). - media: ti-vpe: cal: fix a kernel oops when unloading module (git-fixes). - media: tda10071: fix unsigned sign extension overflow (git-fixes). - media: v4l2-core: fix entity initialization in device_register_subdev (git-fixes). - media: v4l2-core: fix a use-after-free bug of sd->devnode (git-fixes). - media: vsp1: tidyup VI6_HGT_LBn_H() macro (git-fixes). - media: staging/imx: Missing assignment in imx_media_capture_device_register() (git-fixes). - media: hantro: Read be32 words starting at every fourth byte (git-fixes). - media: dib0700: fix rc endpoint lookup (git-fixes). - media: flexcop-usb: fix endpoint sanity check (git-fixes). - media: usbtv: fix control-message timeouts (git-fixes). - commit 80da5af - ionic: print data for unknown xcvr type (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - commit e353704 - ionic: remove lifs on fw reset (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: disable the queues on link down (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: check for queues before deleting (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: clean tx queue of unfinished requests (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: move irq request to qcq alloc (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: move debugfs add/delete to match alloc/free (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: check for linkup in watchdog (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: decouple link message from netdev state (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: check for NULL structs on teardown (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: clean irq affinity on queue deinit (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: ignore eexist on rx filter add (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: only save good lif dentry (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: leave dev cmd request contents alone on FW timeout (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add timeout error checking for queue disable (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add decode for IONIC_RC_ENOSUPP (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: remove adminq napi instance (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: deinit rss only if selected (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: stop devlink warn on mgmt device (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add support for device id 0x1004 (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: print pci bus lane info (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: support ethtool rxhash disable (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: clean up bitflag usage (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: improve irq numa locality (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: remove pragma packed (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: keep ionic dev on lif init fail (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ice: add additional E810 device id (jsc#SLE-7966 bsc#1157177). - ionic: make spdxcheck.py happy (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - net: ionic: Use scnprintf() for avoiding potential buffer overflow (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - commit dca9c4d - USB: serial: pl2303: add device-id for HP LD381 (git-fixes). - commit f358c73 - KVM: S390: protvirt: Introduce instruction data area bounce buffer (jsc#SLE-7512 bsc#1165545). - Update kabi files. - commit fb23a46 - USB: serial: option: add ME910G1 ECM composition 0x110b (git-fixes). - commit d394d40 - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters (git-fixes). - commit 4366db0 - usb: host: xhci-plat: add a shutdown (git-fixes). - commit d6ce28e - staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback (git-fixes). - staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb (git-fixes). - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table (git-fixes). - net: qmi_wwan: add support for ASKEY WWHC050 (git-fixes). - commit cae14b2 - USB: Disable LPM on WD19's Realtek Hub (git-fixes). - commit 545e2ba - maillbox: bcm-flexrm-mailbox: handle cmpl_pool dma allocation failure (git-fixes). - HID: fix Kconfig word ordering (git-fixes). - hwrng: imx-rngc - fix an error path (git-fixes). - mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX (git-fixes). - mac80211: mark station unauthorized before key removal (git-fixes). - mac80211: drop data frames without key on encrypted links (git-fixes). - i2c: hix5hd2: add missed clk_disable_unprepare in remove (git-fixes). - Input: synaptics - enable RMI on HP Envy 13-ad105ng (git-fixes). - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled (git-fixes). - commit 1a471a8 - usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c (git-fixes). - commit 84b09ec - crypto: caam - update xts sector size for large input length (git-fixes). - crypto: caam/qi2 - fix chacha20 data size error (git-fixes). - crypto: mxs-dcp - fix scatterlist linearization for hash (git-fixes). - crypto: arm64/sha-ce - implement export/import (git-fixes). - crypto: tcrypt - fix printed skcipher [a]sync mode (git-fixes). - crypto: rng - Fix a refcounting bug in crypto_rng_reset() (git-fixes). - ahci: Add Intel Comet Lake H RAID PCI ID (git-fixes). - commit c24e76c - xhci: Do not open code __print_symbolic() in xhci trace events (git-fixes). - commit fed4fc3 - KVM: s390: protvirt: Add SCLP interrupt handling (jsc#SLE-7512 bsc#1165545). - Update kabi files. - commit 4f3b7b8 - s390/mm: provide memory management functions for protected KVM guests (jsc#SLE-7512 bsc#1165545). - Update kabi files. - commit 9c9391b - blacklist.conf: code cleanup that breaks kABI - commit 0354bc9 - KVM: s390: protvirt: Add KVM api documentation (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: introduce and enable KVM_CAP_S390_PROTECTED (jsc#SLE-7512 bsc#1165545). - DOCUMENTATION: Protected virtual machine introduction and IPL (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Add UV cpu reset calls (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: do not inject interrupts after start (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Mask PSW interrupt bits for interception 104 and 112 (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Support cmd 5 operation state (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Report CPU state to Ultravisor (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: UV calls in support of diag308 0, 1 (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Add program exception injection (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Only sync fmt4 registers (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Do only reset registers that are accessible (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: disallow one_reg (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: STSI handling (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Write sthyi data to instruction data area (jsc#SLE-7512 bsc#1165545). - KVM: s390/mm: handle guest unpin events (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: handle secure guest prefix pages (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Add new gprs location handling (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Handle spec exception loops (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Handle SE notification interceptions (jsc#SLE-7512 bsc#1165545). - KVM: s390/mm: Make pages accessible before destroying the guest (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Secure memory is not mergeable (jsc#SLE-7512 bsc#1165545). - KVM: s390: add new variants of UV CALL (jsc#SLE-7512 bsc#1165545). - KVM: s390: protvirt: Add UV debug trace (jsc#SLE-7512 bsc#1165545). - KVM: s390/interrupt: do not pin adapter interrupt pages (jsc#SLE-7512 bsc#1165545). - s390/protvirt: Add sysfs firmware interface for Ultravisor information (jsc#SLE-7512 bsc#1165545). - s390/mm: add (non)secure page access exceptions handlers (jsc#SLE-7512 bsc#1165545). - s390/protvirt: add ultravisor initialization (jsc#SLE-7512 bsc#1165545). - s390/protvirt: introduce host side setup (jsc#SLE-7512 bsc#1165545). - KVM: s390: Also reset registers in sync regs for initial cpu reset (jsc#SLE-7512 bsc#1165545). - KVM: s390: Add new reset vcpu API (jsc#SLE-7512 bsc#1165545). - KVM: s390: Cleanup initial cpu reset (jsc#SLE-7512 bsc#1165545). - KVM: s390: Cleanup kvm_arch_init error path (jsc#SLE-7512 bsc#1165545). - KVM: s390: mark __insn32_query() as __always_inline (jsc#SLE-7512 bsc#1165545). - KVM: s390: Disallow invalid bits in kvm_valid_regs and kvm_dirty_regs (jsc#SLE-7512 bsc#1165545). - commit 8e1956a - char/random: silence a lockdep splat with printk() (git-fixes). - commit dce5b06 ++++ gnutls: - Fix zero random value in DTLS client hello (CVE-2020-11501, bsc#1168345) * add gnutls-CVE-2020-11501.patch ++++ permissions: - correct spelling of icinga group (icingagmd -> icingacmd, bsc#1168364) ++++ salt: - Enable building and installation for Fedora - Disable python2 build on Tumbleweed We are removing the python2 interpreter from openSUSE (SLE16). As such disable salt building for python2 there. - Sanitize grains loaded from roster_grains.json cache during "state.pkg" - Added: * fix-load-cached-grain-osrelease_info.patch ------------------------------------------------------------------ ------------------ 2020-4-1 - Apr 1 2020 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Update with two upstream commits: * Fix issue where "iscsi-iname -p" core dumps. (found upstream) * Fix iscsi.service so it handles restarts better (bsc#1163499) * Add Wants=remote-fs-pre.target for sequencing. (bsc#1158536) updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - powerpc/vmlinux.lds: Explicitly retain .gnu.hash (bsc#1148868). - commit 0843abc - powerpc/64/tm: Don't let userspace set regs->trap via sigreturn (bsc#1118338 ltc#173734). - commit 3d1d975 - powerpc/pseries: Handle UE event for memcpy_mcsafe (jsc#SLE-7730 jsc#SLE-8330). - commit 823260c - powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs (bsc#1085030). - commit e5b59c4 - Update config files to disable CONFIG_KERNEL_HEADER_TEST (bsc#1168354). - commit bc323e4 - powerpc/64: Prevent stack protection in early boot (bsc#1156395). - powerpc/64: Setup a paca before parsing device tree etc (bsc#1156395). - commit 196aec2 - fix patch metadata - fix Patch-mainline tag: patches.suse/sched-core-Don-t-skip-remote-tick-for-idle-CPUs.patch patches.suse/timers-nohz-Update-NOHZ-load-in-remote-tick.patch - commit 41bab0e - update patch metadata - update upstream reference: patches.suse/net-bpfilter-remove-superfluous-testing-message.patch - commit 9f9b3f8 - series.conf: cleanup - update upstream references and resort: patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch patches.suse/mmc-sdhci-introduce-sdhci_set_power_and_bus_voltage.patch patches.suse/mmc-sdhci-iproc-add-custom-set_power-callback-for-bcm2711.patch - commit 69e3868 - ext4: Avoid ENOSPC when avoiding to reuse recently deleted inodes (bsc#1165019). - commit ac99ab8 - Delete patches.suse/i2c-i801-Do-not-add-ICH_RES_IO_SMI-for-the-iTCO_wdt-.patch (bsc#1168297) The patch caused a regression on DNV board. - commit e88f35c - ceph: fix memory leak in ceph_cleanup_snapid_map() (jsc#SES-1134). - libceph: fix alloc_msg_with_page_vector() memory leaks (jsc#SES-1134). - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL (jsc#SES-1134). - commit c22ae0e - net/bpfilter: remove superfluous testing message (bsc#1155518). - commit 8cf8e50 - vti: fix packet tx through bpf_redirect() in XinY cases (bsc#1154353). - RDMA/core: Ensure security pkey modify is not lost (jsc#SLE-8449). - net/mlx5e: Do not recover from a non-fatal syndrome (jsc#SLE-8464). - net/mlx5e: Fix ICOSQ recovery flow with Striding RQ (jsc#SLE-8464). - net/mlx5e: Fix missing reset of SW metadata in Striding RQ reset (jsc#SLE-8464). - net/mlx5e: Enhance ICOSQ WQE info fields (jsc#SLE-8464). - net/mlx5e: kTLS, Fix TCP seq off-by-1 issue in TX resync flow (jsc#SLE-8464). - net/mlx5: DR, Fix postsend actions write length (jsc#SLE-8464). - cxgb4: fix throughput drop during Tx backpressure (jsc#SLE-8389 bnc#1151927 5.3.10). - mlxsw: pci: Only issue reset when system is ready (bsc#1154488). - net: ena: fix incorrect setting of the number of msix vectors (bsc#1154492). - cxgb4: fix delete filter entry fail in unload path (jsc#SLE-8389). - net_sched: keep alloc_hash updated after hash allocation (bsc#1154353). - bpf/btf: Fix BTF verification of enum members in struct/union (bsc#1154353). - bpf: Initialize storage pointers to NULL to prevent freeing garbage pointer (bsc#1154353). - commit f057e20 - bpf: Simplify reg_set_min_max_inv handling (bsc#1167722, CVE-2020-8835). - bpf: Fix tnum constraints for 32-bit comparisons (bsc#1167722, CVE-2020-8835). - bpf: Reliably preserve btf_trace_xxx types (bsc#1155518). - commit 0eb8897 - Crypto: chelsio - Fixes a deadlock between rtnl_lock and uld_mutex (git-fixes). - Crypto: chelsio - Fixes a hang issue during driver registration (git-fixes). - ath9k: Handle txpower changes even when TPC is disabled (git-fixes). - mwifiex: set needed_headroom, not hard_header_len (git-fixes). - brcmfmac: abort and release host after error (git-fixes). - platform/x86: asus_wmi: Fix return value of fan_boost_mode_store (git-fixes). - platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table (git-fixes). - serial: sprd: Fix a dereference warning (git-fixes). - firmware: arm_sdei: fix possible double-lock on hibernate error path (git-fixes). - firmware: arm_sdei: fix double-lock on hibernate with shared events (git-fixes). - fbdev/g364fb: Fix build failure (git-fixes). - commit 342cd4b - fix patch metadata - fix Patch-mainline tag: patches.suse/modpost-move-the-namespace-field-in-Module.symvers-last.patch - commit af8306c - series.conf: refresh - update upstream reference and resort: patches.suse/ethtool-Factored-out-similar-ethtool-link-settings-f.patch patches.suse/modpost-return-error-if-module-is-missing-ns-imports.patch patches.suse/net-ethtool-Introduce-link_ksettings-API-for-virtual.patch - commit 177866a ++++ makedumpfile: - Refresh patch with upstream version - makedumpfile-arm64-VA-range-SUSE.patch + makedumpfile-arm64-Align-PMD_SECTION_MASK-with-PHYS_MASK.patch - makedumpfile-Fix-cd_header-offset-overflow-with-large-pfn.patch: Fix integer overflow with large memory configuration (bsc#1168234). ++++ raspberrypi-firmware: - Drop Supplements for extra and extra-pi4 ++++ raspberrypi-firmware-config: - Drop Supplements for extra and extra-pi4 ------------------------------------------------------------------ ------------------ 2020-3-31 - Mar 31 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kthread: Do not preempt current task if it is going to call schedule() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Improve spreading of utilization (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Avoid scale real weight down to zero (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Distribute tasks within affinity masks (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix enqueue_task_fair warning (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Remove duplicate assignment in sched_tick_remote() (bnc#1155798 (CPU scheduler functional and performance backports)). - timers/nohz: Update NOHZ load in remote tick (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Don't skip remote tick for idle CPUs (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 1264b2f - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/sched-fair-Fix-kernel-build-warning-in-test_idle_cores-for-SMT-NUMA.patch. patches.suse/sched-fair-Fix-reordering-of-enqueue-dequeue_task_fair.patch. patches.suse/sched-fair-Fix-runnable_avg-for-throttled-cfs.patch. patches.suse/sched-fair-Optimize-select_idle_core.patch. patches.suse/sched-fair-Take-into-account-runnable_avg-to-classify-group.patch. patches.suse/sched-fair-fix-condition-of-avg_load-calculation.patch. patches.suse/sched-fair-fix-statistics-for-find_idlest_group.patch. patches.suse/sched-fair-reorder-enqueue-dequeue_task_fair-path.patch. patches.suse/sched-numa-Acquire-RCU-lock-for-checking-idle-cores-during-NUMA-balancing.patch. patches.suse/sched-numa-Bias-swapping-tasks-based-on-their-preferred-node.patch. patches.suse/sched-numa-Distinguish-between-the-different-task_numa_migrate-failure-cases.patch. patches.suse/sched-numa-Find-an-alternative-idle-CPU-if-the-CPU-is-part-of-an-active-NUMA-balance.patch. patches.suse/sched-numa-Prefer-using-an-idle-cpu-as-a-migration-target-instead-of-comparing-tasks.patch. patches.suse/sched-numa-Stop-an-exhastive-search-if-a-reasonable-swap-candidate-or-idle-CPU-is-found.patch. patches.suse/sched-numa-Trace-when-no-candidate-CPU-was-found-on-the-preferred-node.patch. patches.suse/sched-numa-Use-similar-logic-to-the-load-balancer-for-moving-between-domains-with-spare-capacity.patch. patches.suse/sched-numa-replace-runnable_load_avg-by-load_avg.patch. patches.suse/sched-pelt-Add-a-new-runnable-average-signal.patch. patches.suse/sched-pelt-Remove-unused-runnable-load-average.patch. patches.suse/sched-topology-Don-t-enable-EAS-on-SMT-systems.patch. - commit ecd3b4e - clocksource/drivers/hyper-v: Make sched clock return nanoseconds correctly (git-fixes). - commit 5751e50 - thermal: Add a sanity check for invalid state at stats update (bsc#1166535). - commit c368806 - bpf: Undo incorrect __reg_bound_offset32 handling (bsc#1167722, CVE-2020-8835). - commit ef6c245 ++++ raspberrypi-firmware: - Use proper quoting for the modalias Supplements (see also https://github.com/openSUSE/libzypp/issues/216). ++++ raspberrypi-firmware-config: - Use proper quoting for the modalias Supplements (see also https://github.com/openSUSE/libzypp/issues/216). ++++ raspberrypi-firmware-dt: - Use proper quoting for the modalias Supplements (see also https://github.com/openSUSE/libzypp/issues/216). ++++ u-boot-rpiarm64: - Use proper quoting for the modalias Supplements (see also https://github.com/openSUSE/libzypp/issues/216). ------------------------------------------------------------------ ------------------ 2020-3-30 - Mar 30 2020 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version up to 9.20.5 This version upgrade includes several fixes: * Fixed result map for OEM pxe install Fixes bsc#1165578 * Add SECURE_BOOT parameter for grub2 in efi mode This commit adds the SECURE_BOOT parameter on bootloader sysconfig for grub2. Fixes bsc#1167746 * Fix order in fstab Any mount point directly under / should be just right after the root mountpoint and before the custom mountpoints based on user's subvolume configuration. Fixes #1349 and bsc#1164310 * Fixed handling of fillup templates Systems using a template tool to generate config files might not be effective when they see the intermediate config files we need from the host to let certain package managers work correctly. Therefore the cleanup code in kiwi takes care to restore from an optionally existing template file if no other custom variant is present. This Fixes bsc#1163978 * Start using tftp system user package With this commit we start requiring tftp system user package. This user was created and managed by multiple packages before, with the risk of having inconsistent criteria on its defaults. Now there there a system user package so whatever package that requries this user should just require this package and do not create or modify the tftp user. Related with bsc#1143454 ++++ kdump: - kdump-make-sure-that-the-udev-runtime-directory-exists.patch: Make sure that the udev runtime directory exists (bsc#1164713). ++++ kernel-default: - net/mlx5_core: Set IB capability mask1 to fix ib_srpt connection failure (bsc#1167903) - commit b92b72c - kabi/severities: Exempt IBM z/Architecture internal symbols. - commit 61f446e - kABI: shield fsnotify.h #include in libfs.c from kABI checker (bsc#1159198). - commit c381542 - s390/dasd: fix data corruption for thin provisioned devices (bsc#1167201 LTC#184504). - Delete patches.suse/s390-dasd-disable-ese-support-due-to-possible-data-c.patch. - commit 5c48dc0 - Update patches.suse/modpost-move-the-namespace-field-in-Module.symvers-last.patch. - update patch metadata/upstream references and move into the sorted section. - commit 678cbc3 - usb: host: xhci-tegra: Implement basic ELPG support (bsc#1167765). - usb: host: xhci-tegra: Add XUSB controller context (bsc#1167765). - usb: host: xhci-tegra: Add support for XUSB context save/restore (bsc#1167765). - usb: host: xhci-tegra: Enable runtime PM as late as possible (bsc#1167765). - usb: host: xhci-tegra: Reuse stored register base address (bsc#1167765). - usb: host: xhci-tegra: Extract firmware enable helper (bsc#1167765). - usb: host: xhci-tegra: Use CNR as firmware ready indicator (bsc#1167765). - usb: host: xhci-tegra: Avoid a fixed duration sleep (bsc#1167765). - usb: host: xhci-tegra: Separate firmware request and load (bsc#1167765). - usb: host: xhci-tegra: Fix "tega" -> "tegra" typo (bsc#1167765). - commit da4b20d - net/bpfilter: fix dprintf usage for /dev/kmsg (bsc#1155518). - bpf/btf: Fix BTF verification of enum members in struct/union (bsc#1155518). - bpf: Fix cgroup ref leak in cgroup_bpf_inherit on out-of-memory (bsc#1155518). - bpf: Initialize storage pointers to NULL to prevent freeing garbage pointer (bsc#1155518). - commit 0e26614 ++++ libgcrypt: - FIPS: Switch the PCT to use the new signature operation [bsc#1165539] * Patches for DSA, RSA and ECDSA test_keys functions: - libgcrypt-PCT-DSA.patch - libgcrypt-PCT-RSA.patch - libgcrypt-PCT-ECC.patch - Update patch: libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch ++++ gnutls: - Split off FIPS checksums into a separate libgnutls30-hmac subpackage (bsc#1152692) * update baselibs.conf ++++ transactional-update: - Update to version 2.21 - Use slave mounts for /proc, /sys & /dev ------------------------------------------------------------------ ------------------ 2020-3-29 - Mar 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Disable hibernation on s390x (bsc#1167650). - [mkubecek] update s390x kabi reference files (incompatible): CONFIG_HIBERNATION y->n, CONFIG_PM y->n - commit f392251 - series.conf: whitespace cleanup - commit 963e602 ------------------------------------------------------------------ ------------------ 2020-3-28 - Mar 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blacklist.conf: add git-fixes that are in perf userspace package - commit 4dabd66 - perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map (git-fixes). - perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes). - perf/x86/intel/uncore: Fix missing marker for snr_uncore_imc_freerunning_events (git-fixes). - perf/x86/intel: Fix PT PMI handling (git-fixes). - perf/x86/intel/bts: Fix the use of page_private() (git-fixes). - perf/x86/cstate: Update C-state counters for Ice Lake (git-fixes). - commit c1a8c50 ------------------------------------------------------------------ ------------------ 2020-3-27 - Mar 27 2020 ------------------- ------------------------------------------------------------------ ++++ chrony: - Read runtime servers from /var/run/netconfig/chrony.servers to fix bsc#1099272 and bsc#1161119. - Move chrony-helper to /usr/lib/chrony/helper, because there should be no executables in /usr/share. - Add chrony-pool-suse and chrony-pool-openSUSE subpackages that preconfigure chrony to use NTP servers from the respective pools for SUSE and openSUSE (bsc#1156884, SLE-11424). - Add chrony-pool-empty to still allow installing chrony without preconfigured servers. ++++ e2fsprogs: - e2fsck-clarify-overflow-link-count-error-message.patch: e2fsck: clarify overflow link count error message (bsc#1160979) - ext2fs-update-allocation-info-earlier-in-ext2fs_mkdi.patch: ext2fs: update allocation info earlier in ext2fs_mkdir() (bsc#1160979) - ext2fs-implement-dir-entry-creation-in-htree-directo.patch: ext2fs: implement dir entry creation in htree directories (bsc#1160979) - tests-add-test-to-excercise-indexed-directories-with.patch: tests: add test to excercise indexed directories with metadata_csum (bsc#1160979) - tune2fs-update-dir-checksums-when-clearing-dir_index.patch: tune2fs: update dir checksums when clearing dir_index feature (bsc#1160979) ++++ kernel-default: - vhost: Check docket sk_family instead of call getname (bsc#1167629 CVE-2020-10942). - commit b04a498 - powerpc/64s: Fix section mismatch warnings from boot code (bsc#1148868). - commit 74f4898 - net: ena: Add PCI shutdown handler to allow safe kexec (bsc#1167421, bsc#1167423). - commit 9ba04ea - lpfc kABI fixes for 12.8.0.0 (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.8.0.0 (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Remove prototype FIPS/DSS options from SLI-3 (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Make debugfs ktime stats generic for NVME and SCSI (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix erroneous cpu limit of 128 on I/O statistics (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix update of wq consumer index in lpfc_sli4_wq_release (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix crash after handling a pci error (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix scsi host template for SLI3 vports (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix lpfc overwrite of sg_cnt field in nvmefc_tgt_fcp_req (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix lockdep error - register non-static key (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: fix spelling mistake "Notication" -> "Notification" (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: lpfc: add RDF registration and Link Integrity FPIN logging (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - scsi: fc: Update Descriptor definition and add RDF and Link Integrity FPINs (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). - commit 8ee63af - Refresh series.conf - patches.suse/scsi-target-convert-boolean-se_dev_attrib-types-to-b.patch - patches.suse/scsi-target-fix-unmap_zeroes_data-boolean-initialisa.patch - patches.suse/scsi-target-use-an-enum-to-track-emulate_ua_intlck_c.patch - commit ee2196b - Input: avoid BIT() macro usage in the serio.h UAPI header (git-fixes). - Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger() (git-fixes). - commit 6acc495 - net/mlx5: Add stub for mlx5_eswitch_mode (jsc#SLE-8464). - commit 154e4ec - sched/fair: Fix negative imbalance in imbalance calculation (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 4f5edea ++++ gcc10: - Update to master head (038769535a8cbdd3dd3e100bde314), git175499. ++++ podman: - Use infra_image pause:3.2 - Fix dependency on slirp4netns. We need at least 0.4.0 now (bsc#1167850) ++++ salt: - Build: Buildequire pkgconfig(systemd) instead of systemd ++++ raspberrypi-firmware: - Add a modalias Supplements, so the package gets selected automatically on a Raspberry Pi. ++++ raspberrypi-firmware-config: - Add a modalias Supplements, so the package gets selected automatically on a Raspberry Pi. ++++ raspberrypi-firmware-dt: - Add a modalias Supplements, so the package gets selected automatically on a Raspberry Pi. ++++ slirp4netns: - Update to 0.4.4 (bsc#1167850) * libslirp: Update to v4.2.0: * New API function slirp_add_unix: add a forward rule to a Unix socket. * New API function slirp_remove_guestfwd: remove a forward rule previously added by slirp_add_exec, slirp_add_unix or slirp_add_guestfwd * New SlirpConfig.outbound_addr{,6} fields to bind output socket to a specific address * socket: do not fallback on host loopback if get_dns_addr() failed or the address is in slirp network * ncsi: fix checksum OOB memory access * tcp_emu(): fix OOB accesses * tftp: restrict relative path access * state: fix loading of guestfwd state ++++ u-boot-rpiarm64: - Add a modalias Supplements to u-boot-rpiarm64, so the package gets selected automatically on a Raspberry Pi. ++++ yast2: - Reread network interfaces configuration after writing it avoiding wrong values when reopen network configuration dialog during an installation (bsc#1166778) - 4.2.79 ------------------------------------------------------------------ ------------------ 2020-3-26 - Mar 26 2020 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - also run update-ca-certificates in %posttrans ++++ open-iscsi: - Update SPEC file to work around issue with installcheck SUSE script. Update the SPEC file while there. ++++ kernel-default: - perf/x86/amd: Add support for Large Increment per Cycle Events (jsc#SLE-11831). - commit 43457d3 - s390/setup: Fix secure ipl message (bsc#1163524 LTC#183960). - commit dea2aed - blacklist.conf: bdd68860a044 is a dup of 17df5ae1b3e1 - commit d81f030 - Documentation: networking: device drivers: Remove stray asterisks (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - Doc: networking/device_drivers/pensando: fix ionic.rst warnings (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: select CONFIG_NET_DEVLINK (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - commit 4199ffe - ionic: fix vf op lock usage (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: fix fw_status read (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: fix rxq comp packet type mask (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: clear compiler warning on hb use before set (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: restrict received packets to mtu size (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add Rx dropped packet counter (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: drop use of subdevice tags (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: support sr-iov operations (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: ionic_if bits for sr-iov support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: keep users rss hash across lif reset (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Remove set but not used variable 'sg_desc' (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: update driver version (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: implement support for rx sgl (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add a watchdog timer to monitor heartbeat (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add heartbeat check (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: reverse an interrupt coalesce calculation (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: fix up struct name comments (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: add lif_quiesce to wait for queue activity to stop (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: implement ethtool set-fec (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: report users coalesce request (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: use wait_on_bit_lock() rather than open code (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: simplify returns in devlink info (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - dynamic_debug: provide dynamic_hex_dump stub (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: fix stats memory dereference (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Fix an error code in ionic_lif_alloc() (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Remove unnecessary ternary operator in ionic_debugfs_add_ident (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Remove unused including (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add coalesce and other features (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add RSS support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add driver stats (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add netdev-event handling (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add Tx and Rx handling (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add initial ethtool support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add async link status check and basic stats (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add Rx filter and rx_mode ndo support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add management of rx filters (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add the basic NDO callbacks for netdev support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add notifyq support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add adminq action (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add basic adminq support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add interrupts and doorbells (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add basic lif support (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add port management commands (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add hardware init and device commands (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - ionic: Add basic framework for IONIC Network device driver (bsc#1167773 jsc#PM-1588 jsc#ECO-1386). - Update config files. - supported.conf: mark ionic supported (bsc#1167773 jsc#PM-1588 jsc#ECO-1386) - commit 7927437 - update patch metadata and move it into sorted section Rename patches.suse/powerpc-pseries-fix-of_read_drc_info_cell-to-point-at-next-record.patch to patches.suse/powerpc-pseries-Fix-of_read_drc_info_cell-to-point-a.patch, update to upstream version, update upstream references and move into sorted section. - commit 58f6e72 - Revert "net: bcmgenet: use RGMII loopback for MAC reset" (bsc#1167769). - commit b9b9649 - ext4: Check for non-zero journal inum in ext4_calculate_overhead (bsc#1167288). - commit 4a32d11 - r8169: re-enable MSI on RTL8168c (git-fixes). - net: phy: mdio-bcm-unimac: Fix clock handling (git-fixes). - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch() (git-fixes). - vxlan: check return value of gro_cells_init() (git-fixes). - net: phy: mdio-mux-bcm-iproc: check clk_prepare_enable() return value (git-fixes). - iwlwifi: yoyo: don't add TLV offset when reading FIFOs (git-fixes). - iwlwifi: consider HE capability when setting LDPC (git-fixes). - gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model (git-fixes). - gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model (git-fixes). - gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option (git-fixes). - gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk (git-fixes). - gpiolib: Fix irq_disable() semantics (git-fixes). - intel_th: pci: Add Elkhart Lake CPU support (git-fixes). - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 (git-fixes). - staging/speakup: fix get_word non-space look-ahead (git-fixes). - drm/amd/amdgpu: Fix GPR read from debugfs (v2) (git-fixes). - drm/lease: fix WARNING in idr_destroy (git-fixes). - mmc: rtsx_pci: Fix support for speed-modes that relies on tuning (git-fixes). - mmc: sdhci-cadence: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN for UniPhier (git-fixes). - altera-stapl: altera_get_note: prevent write beyond end of 'key' (git-fixes). - spi: spi_register_controller(): free bus id on error paths (git-fixes). - spi/zynqmp: remove entry that causes a cs glitch (git-fixes). - spi: pxa2xx: Add CS control clock quirk (git-fixes). - spi: qup: call spi_qup_pm_resume_runtime before suspending (git-fixes). - spi: spi-omap2-mcspi: Support probe deferral for DMA channels (git-fixes). - drm/amd/display: fix dcc swath size calculations on dcn1 (git-fixes). - drm/amd/display: Clear link settings on MST disable connector (git-fixes). - drm/amdgpu: clean wptr on wb when gpu recovery (git-fixes). - drm/mediatek: Find the cursor plane instead of hard coding it (git-fixes). - drm/exynos: hdmi: don't leak enable HDMI_EN regulator if probe fails (git-fixes). - drm/exynos: dsi: fix workaround for the legacy clock name (git-fixes). - drm/exynos: dsi: propagate error value and silence meaningless warning (git-fixes). - mmc: sdhci-cadence: use struct_size() helper (git-fixes). - commit 963c6b7 - selftests: vm: drop dependencies on page flags from mlock2 tests (bnc#1167384). - commit 93ec8db - Update kabi files. Update from RC2 kernel submission (commit 2cc5c6f40e3f). - commit bc36e97 ++++ libgcrypt: - FIPS: Fix drbg to be threadsafe [bsc#1167674] * Detect fork and re-open devices in_gcry_rndlinux_gather_random * libgcrypt-check-re-open-dev_random-after-fork.patch - FIPS: Run self-tests from constructor during power-on [bsc#1166748] * Set up global_init as the constructor function: - libgcrypt-global_init-constructor.patch * Relax the entropy requirements on selftest. This is especially important for virtual machines to boot properly before the RNG is available: - libgcrypt-random_selftests-testentropy.patch - libgcrypt-rsa-no-blinding.patch - libgcrypt-ecc-ecdsa-no-blinding.patch * Fix benchmark regression test in FIPS mode: - libgcrypt-FIPS-GMAC_AES-benckmark.patch ++++ libselinux: - Added skip_cycles.patch to skip directory cycles and not error out ++++ salt: - Backport saltutil state module to 2019.2 codebase (bsc#1167556) - Add new custom SUSE capability for saltutil state module - Added: * backport-saltutil-state-module-to-2019.2-codebase.patch * add-new-custom-suse-capability-for-saltutil-state-mo.patch ++++ qemu: - Include upstream patches targeted for the next stable release (bug fixes only) block-Avoid-memleak-on-qcow2-image-info-.patch block-bdrv_set_backing_bs-fix-use-after-.patch hmp-vnc-Fix-info-vnc-list-leak.patch migration-colo-fix-use-after-free-of-loc.patch migration-ram-fix-use-after-free-of-loca.patch ppc-ppc405_boards-Remove-unnecessary-NUL.patch qcow2-List-autoclear-bit-names-in-header.patch scsi-qemu-pr-helper-Fix-out-of-bounds-ac.patch sheepdog-Consistently-set-bdrv_has_zero_.patch ++++ raspberrypi-firmware: - Remove rpi4-cma overlay, not needed anymore (bsc#1167761) ++++ raspberrypi-firmware-config: - Remove rpi4-cma overlay, not needed anymore (bsc#1167761) ++++ raspberrypi-firmware-dt: - Add upstream-cma.patch unifying CMA handling on all RPis (bsc#1167761) - Remove rpi4-cma-overlay.dts since not needed anymore (bsc#1167761) - Rename emmc2bus.patch to upstream-emmc2bus.patch to mark this is a reality upstream - Rename pcie-dma-ranges.patch to upstream-pcie-dma-ranges.patch to mark this is a reality upstream ++++ selinux-policy: - Added module for rtorrent - Enable snapper module in minimum policy to reduce issues on BTRFS Updated fix_snapper.patch to prevent relabling of snapshot ++++ transactional-update: - Update to version 2.20.4 - Mount efivarfs on EFI systems to make sure the bootloader will be installed correctly [boo#1162320] - Fix removal of existing overlay directories ++++ wpa_supplicant: - With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331) - Change wpa_supplicant.service to ensure wpa_supplicant gets started before network. Fix WLAN config on boot with wicked. (boo#1166933) ++++ xfsprogs: - xfs_quota: reformat commands in the manpage so that fstest can check that each command is actually documented (bsc#1167206) * Add xfsprogs-man-reformat-xfs_quota-commands-in-the-manpage-for-t.patch - xfs_db: document some missing commands ('attr_set', 'attr_remove', 'logformat') in the manpage (bsc#1167205) * Add xfsprogs-man-document-some-missing-xfs_db-commands.patch - xfs_io: allow size to be suffixed by k,m,g for kilobytes, megabytes or gigabytes respectively for the copy_range command (bsc#1158630) * Add xfsprogs-xfs_io-Make-copy_range-arguments-understand-iB-values.patch ++++ yast2: - Remove no longer needed multi status selector since it does not work as expected (bsc#1167523). - 4.2.78 ------------------------------------------------------------------ ------------------ 2020-3-25 - Mar 25 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Update to v2.0.14 - drop usage of splice(2) - avoid hanging on stdin - stdio: sometimes quit main loop after io is done - ignore sigpipe ++++ glibc: - glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414) ++++ ignition: - Update to version 2.2.1: * news: add notes for 2.2.1 * providers/qemu: fix default to fwcfg * doc/development: remember to bump Accept header during spec bumps - Remove 0001-Support-more-architectures.patch: Patch added upstream ++++ kernel-default: - ext4: do not commit super on read-only bdev (bsc#1167288 bsc#1167338). - commit 3e272f3 - ext4: Unregister sysfs path before destroying jbd2 journal (bsc#1167338 bsc#1167288). - commit 536d85c - struct phy_device kABI compatibility workaround (git-fixes). - commit feeaa43 - net: phy: fix MDIO bus PM PHY resuming (git-fixes). - commit d42c758 - net: phy: Avoid multiple suspends (git-fixes). - commit c95182b - drm/bridge: dw-hdmi: fix AVI frame colorimetry (git-fixes). - alarmtimer: Make alarmtimer platform device child of RTC device (git-fixes). - commit ba8679d - virtio-blk: improve virtqueue error to BLK_STS (bsc#1167649). - commit 0db14dd - mm, slub: prevent kmalloc_node crashes and memory leaks (bsc#1167657, VM functionality). - commit 4697f85 - mm: slub: be more careful about the double cmpxchg of freelist (bsc#1167657, VM functionality). - commit e8bce3b - mm: slub: add missing TID bump in kmem_cache_alloc_bulk() (bsc#1167657, VM functionality). - commit 0108e02 - fix patch metadata - fix wrong Patch-mainline: patches.suse/0001-Revert-serial-uartlite-Add-runtime-support.patch patches.suse/0001-Revert-serial-uartlite-Do-not-use-static-struct-uart.patch patches.suse/0001-Revert-serial-uartlite-Move-the-uart-register.patch patches.suse/0001-pinctrl-baytrail-Really-serialize-all-register-acces.patch - commit a449950 - pinctrl: baytrail: Really serialize all register accesses (git-fixes). - Refresh patches.suse/pinctrl-baytrail-Do-not-clear-IRQ-flags-on-direct-ir.patch. - commit 3060b4c - Revert "serial-uartlite: Move the uart register" (git-fixes). - commit 7d98e39 - Revert "serial-uartlite: Do not use static struct uart_driver out of probe()" (git-fixes). - commit 053f110 - Revert "serial-uartlite: Add runtime support" (git-fixes). - commit 869ee8e ++++ parted: - print maximum number of partitions for yast (bsc#1161783) - add: parted-print-max-partitions-for-yast.patch ++++ libzypp: - Add HistoryLogReader actionFilter to parse only specific HistoryActionIDs. - version 17.23.3 (22) ++++ system-users: - Use test -x instead of -f ++++ toolbox: - Update to version 1.0+git20200324.dd047bc: * fix entering a toolbox if something changed in /dev since creation ------------------------------------------------------------------ ------------------ 2020-3-24 - Mar 24 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix GCC 10 build fail (bsc#1158189) * 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch * 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch ++++ hwinfo: - merge gh#openSUSE/hwinfo#85 - fix xen detection (bsc#1167561) - add link to cpuid doc - 21.69 ++++ ignition: - Add 0001-Support-more-architectures.patch: Allow builing on i586 (and other architectures) again - Update to version 2.2.0: * news: add notes for 2.2.0 * Fix ignition config for the instantiated unit test * Fix enabling systemd instantiated services * providers/qemu: support Ignition block device on s390x and ppc64le * blkid: Explicitly use C int variable for numParts * tests: don't panic after failing to run Ignition * platform: sort providers * ci: migrate to new coreos-ci project * OWNERS: add OWNERS file * Add Exoscale provider * docs: minor fixes to platforms page * ci: hook up to CoreOS CI * providers/vultr: Add Vultr provider * Throw error if SSH keys could not be written * stages/files: don't relabel /home and /root symlinks - Drop 0001-Throw-error-if-SSH-keys-could-not-be-written.patch - Added explicit Recommends for helper applications [boo#1167289] ++++ kernel-default: - update patch metadata - improve Patch-mainline tag: patches.suse/rcuwait-Let-rcuwait_wake_up-return-whether-or-not-a-.patch - commit f21d25e - rcuwait: Let rcuwait_wake_up() return whether or not a task was awoken (bsc#1167594). - commit e399edf - Update config files: Increase NR_CPUS to 768 on arm64 to support the extra cores on a Marvell ThunderX3 SoC (jsc#SLE-9971). - [mkubecek] update kabi reference files (incompatible): NR_CPUS raised from 480 to 768 on aarch64 - commit d52fc74 - x86/MCE/AMD, EDAC/mce_amd: Add new Load Store unit McaType (jsc#SLE-11833). - commit a9c59e2 - md: rename wb stuffs (bsc#1166003). - Update with kabi fix for the above change, patches.kabi/md-backport-kabi.patch. - Refresh for the above change, patches.suse/md-display-timeout-error.patch. - commit eabced8 - raid5: remove worker_cnt_per_group argument from alloc_thread_groups (bsc#1166003). - commit ffebcdb - KEYS: reaching the keys quotas correctly (bsc#1167517). - commit 39a6103 - kABI: more hooks for PCI changes (bsc#1141558). - [mkubecek] update kabi reference files (incompatible): SUSE kabi padding added to some PCI related structures - commit 29f5545 - net: hns3: fix RMW issue for VLAN filter switch (bsc#1154353). - netfilter: nf_tables: fix infinite loop when expr is not available (bsc#1154353). - bnxt_en: fix error handling when flashing from file (sc#SLE-8371 bsc#1153274 bsc#1163419). - bnxt_en: reinitialize IRQs when MTU is modified (sc#SLE-8371 bsc#1153274 bsc#1163419). - bnxt_en: add newline to netdev_*() format strings (sc#SLE-8371 bsc#1153274 bsc#1163419). - bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs (sc#SLE-8371 bsc#1153274 bsc#1163419). - bnxt_en: Improve device shutdown method (sc#SLE-8371 bsc#1153274 bsc#1163419). - commit 6ec4eab - btrfs: add enospc debug messages for ticket failure (bsc#1141456). - Refresh patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch. - commit b0b4b45 - btrfs: do not account global reserve in can_overcommit (bsc#1141456). - commit cbebbcb - supported.conf: mark synopsys_edac as supported. Used in Xilinx ZynqMP devices. - commit 8d84988 - btrfs: use btrfs_try_granting_tickets in update_global_rsv (bsc#1141456). - commit 2c7e1da - btrfs: always reserve our entire size for the global reserve (bsc#1141456). - commit 0ded727 - btrfs: change the minimum global reserve size (bsc#1141456). - commit 20a34ab - tracing: Add 'hist:' to hist trigger error log error string (bsc#1164917). - commit c0e7e4a - tracing: Add hist trigger error messages for sort specification (bsc#1164917). - commit 9b80622 - btrfs: unexport the temporary exported functions (bsc#1162831). - commit 795367d - btrfs: migrate the block group cleanup code (bsc#1162831). - Refresh patches.suse/0001-btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - Refresh patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch. - commit b3b0455 - btrfs: migrate the alloc_profile helpers (bsc#1162831). - commit d4eb35f - btrfs: migrate the chunk allocation code (bsc#1162831). - commit 2694f31 - btrfs: migrate the block group space accounting helpers (bsc#1162831). - commit cfbc882 - btrfs: export block group accounting helpers (bsc#1162831). - commit 1701266 - btrfs: migrate the dirty bg writeout code (bsc#1162831). - commit e9dcb00 - btrfs: migrate inc/dec_block_group_ro code (bsc#1162831). - Refresh patches.suse/0001-btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - commit abe1d44 - btrfs: temporarily export btrfs_get_restripe_target (bsc#1162831). - commit dcd4303 - btrfs: migrate the block group read/creation code (bsc#1162831). - Refresh patches.suse/0001-btrfs-block-group-Fix-a-memory-leak-due-to-missing-b.patch. - commit 4cffeef - btrfs: migrate the block group removal code (bsc#1162831). - commit 313711e - btrfs: temporarily export inc_block_group_ro (bsc#1162831). - commit 9260ebc - btrfs: migrate the block group caching code (bsc#1162831). - commit 610d6da - btrfs: make caching_thread use btrfs_find_next_key (bsc#1162831). - commit 32ee695 - btrfs: temporarily export fragment_free_space (bsc#1162831). - commit b52844f - btrfs: export the caching control helpers (bsc#1162831). - commit 96ba87a - btrfs: export the excluded extents helpers (bsc#1162831). - commit 0c5df27 - btrfs: export the block group caching helpers (bsc#1162831). - commit 01de231 - btrfs: migrate nocow and reservation helpers (bsc#1162831). - commit e4a70ac - btrfs: migrate the block group ref counting stuff (bsc#1162831). - commit 81d13e7 - btrfs: migrate the block group lookup code (bsc#1162831). - commit fe38e12 - btrfs: move basic block_group definitions to their own header (bsc#1162831). - commit a828471 - btrfs: move btrfs_add_free_space out of a header file (bsc#1162831). - commit c5144d6 ++++ gcc10: - Update to master head (75c24a08d697d6442fe6c26142f05), git175422. ++++ openslp: - Add missing group(daemon) prerequires to the openslp-server package [bnc#1165050] - Add missing openslp requires to the openslp-server package [bnc#1165121] ++++ permissions: - whitelist s390-tools setgid bit on log directory (bsc#1167163) ++++ qemu: - Note The previous set of s390x patches also includes the fix for: bsc#1167445 ++++ yast2: - Fixed alignment in the multi selection CWM widget (part of bsc#1167523) - 4.2.77 ------------------------------------------------------------------ ------------------ 2020-3-23 - Mar 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - USB: cdc-acm: fix rounding error in TIOCSSERIAL (git-fixes). - usb: typec: ucsi: displayport: Fix a potential race during registration (git-fixes). - usb: typec: ucsi: displayport: Fix NULL pointer dereference (git-fixes). - commit 864c13e - rtc: max8907: add missing select REGMAP_IRQ (git-fixes). - serial: 8250_exar: add support for ACCES cards (git-fixes). - serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE (git-fixes). - commit ae8a796 - net: phy: bcm63xx: fix OOPS due to missing driver name (git-fixes). - net: phy: avoid clearing PHY interrupts twice in irq handler (git-fixes). - net: phy: mscc: fix firmware paths (git-fixes). - net: phy: restore mdio regs in the iproc mdio driver (git-fixes). - net: phy: fixed_phy: fix use-after-free when checking link GPIO (git-fixes). - commit 9488907 - intel_th: Fix user-visible error codes (git-fixes). - iio: chemical: sps30: fix missing triggered buffer dependency (git-fixes). - iio: st_sensors: remap SMO8840 to LIS2DH12 (git-fixes). - iio: light: vcnl4000: update sampling periods for vcnl4040 (git-fixes). - iio: light: vcnl4000: update sampling periods for vcnl4200 (git-fixes). - iio: accel: adxl372: Set iio_chan BE (git-fixes). - iio: magnetometer: ak8974: Fix negative raw values in sysfs (git-fixes). - iio: trigger: stm32-timer: disable master mode when stopping (git-fixes). - iio: adc: stm32-dfsdm: fix sleep in atomic context (git-fixes). - iio: adc: at91-sama5d2_adc: fix differential channels in triggered mode (git-fixes). - mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2 (git-fixes). - mac80211: rx: avoid RCU list traversal under mutex (git-fixes). - commit 9bd80d9 - HID: add ALWAYS_POLL quirk to lenovo pixart mouse (git-fixes). - HID: google: add moonball USB id (git-fixes). - HID: hid-bigbenff: fix race condition for scheduled work during removal (git-fixes). - HID: hid-bigbenff: call hid_hw_stop() in case of error (git-fixes). - HID: hid-bigbenff: fix general protection fault caused by double kfree (git-fixes). - HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override (git-fixes). - HID: apple: Add support for recent firmware on Magic Keyboards (git-fixes). - commit 5f6c3d6 - Fix patches.suse/btrfs-8888-add-allow_unsupported-module-parameter.patch Fix earlier refresh. - commit 479cae8 - Revert sgi_iodev for kabi break (bsc#1166547). - commit 1393f42 - apei/ghes: Do not delay GHES polling (bsc#1166982). - commit b9901b6 - net: dsa: tag_qca: Make sure there is headroom for tag (networking-stable-20_02_19). - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS (networking-stable-20_02_19). - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS (networking-stable-20_02_19). - net/smc: fix leak of kernel memory to user space (networking-stable-20_02_19). - core: Don't skip generic XDP program execution for cloned SKBs (networking-stable-20_02_19). - commit f564699 - Refresh patches.suse/x86-mm-split-vmalloc_sync_all.patch. - commit 52f4443 - blacklist.conf: Add 02d715b4a818 iommu/vt-d: Fix RCU list debugging warnings - commit edb9131 - fix patch metadata - fix Patch-mainline: patches.suse/signal-avoid-double-atomic-counter-increments-for-user-accounting.patch - commit 4c51946 - sched/fair: Clear SMT siblings after determining the core is not idle (bnc#1155798 (CPU scheduler functional and performance backports)). - commit fafc10a - sched/fair: fix condition of avg_load calculation (bnc#1155798 (CPU scheduler functional and performance backports)). - commit db78afd - signal: avoid double atomic counter increments for user accounting (bnc#1167415 (Kernel core performance backports)). - commit 6ff4a7e - fix patch metadata - fix Patch-mainline: patches.suse/cgroup-iterate-tasks-that-did-not-finish-do_exit.patch - commit 5b30728 - EDAC/synopsys: Do not print an error with back-to-back snprintf() calls (bsc#1152489). - commit 3d8b07b - perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag (bsc#1152489). - commit 509a4ff - x86/mce: Fix logic and comments around MSR_PPIN_CTL (bsc#1152489). - commit c2e64b7 - x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes (bsc#1152489). - commit 062e80e - KVM: arm/arm64: vgic: Use a single IO device per redistributor (bsc#1166547). - commit 0aaedec ++++ gnutls: - bsc#1166881 - FIPS: gnutls: cfb8 decryption issue * No longer truncate output IV if input is shorter than block size. * Added gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch - bsc#1155327 jira#SLE-9518 - FIPS: add DH key test * Added Diffie Hellman public key verification test. * gnutls-3.6.7-fips_DH_ECDH_key_tests.patch ++++ systemd-presets-branding-MicroOS: - Enable kubelet by default (as expected by kubeadm) [boo#1167369] ++++ yast2: - Add Popup#SuppressFeedback to allow to hide feedback for certain actions (needed for bsc#1165705) - 4.2.76 ------------------------------------------------------------------ ------------------ 2020-3-22 - Mar 22 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+git138.9068a629: * systemd: install systemd-tty-ask-password-agent systemd-ask-password * Mark interface setup after dhcp (bsc#1167161) * Store nameserver received from wicked dhcp lease (bsc#1167161) ++++ kernel-default: - efi/x86: Add TPM related EFI tables to unencrypted mapping checks (bsc#1159816). - commit 0d7e2e6 ------------------------------------------------------------------ ------------------ 2020-3-21 - Mar 21 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662 (git-fixes). - ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662 (git-fixes). - ALSA: seq: oss: Fix running status after receiving sysex (git-fixes). - ALSA: seq: virmidi: Fix running status after receiving sysex (git-fixes). - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks (git-fixes). - ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes). - ALSA: line6: Fix endless MIDI read loop (git-fixes). - ALSA: pcm: oss: Avoid plugin buffer overflow (git-fixes). - commit ed262e3 ++++ yast2: - Force a reset of the firewalld API instance before reading the firewalld configuration (bsc#1166698) - 4.2.75 ------------------------------------------------------------------ ------------------ 2020-3-20 - Mar 20 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Backport to support searching for specific config files for netboot (bsc#1166409) * 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch * 0002-kern-Add-X-option-to-printf-functions.patch * 0003-normal-main-Search-for-specific-config-files-for-net.patch * 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch ++++ kernel-default: - s390/pci: Fix possible deadlock in recover_store() (bsc#1165187 LTC#184105). - commit 121df27 - s390/pci: Recover handle in clp_set_pci_fn() (bsc#1165187 LTC#184105). - commit 5d2c6ee - s390/pkey: fix missing length of protected key on return (git-fixes). - s390/zcrypt: Fix CCA cipher key gen with clear key value function (git-fixes). - commit 6bb7487 - s390/mm: fix dynamic pagetable upgrade for hugetlbfs (bsc#1165181 LTC#184104). - commit 5c2c836 - module: avoid setting info->name early in case we can fall back to info->mod->name (git-fixes). - commit eebf8d1 - blacklist.conf: blacklist f6d061d61712 - commit 72a83b2 - cgroup: memcg: net: do not associate sock with unrelated cgroup (bsc#1167241). - commit 844ea7f - md: fix a typo s/creat/create (bsc#1166003). - commit 5717a6b - md/raid6: fix algorithm choice under larger PAGE_SIZE (bsc#1166003). - raid6/test: fix a compilation warning (bsc#1166003). - raid6/test: fix a compilation error (bsc#1166003). - commit b4c3abd - md-bitmap: small cleanups (bsc#1166003). - md: make sure desc_nr less than MD_SB_DISKS (bsc#1166003). - md: raid1: check rdev before reference in raid1_sync_request func (bsc#1166003). - drivers/md/raid5.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET (bsc#1166003). - md: avoid invalid memory access for array sb->dev_roles (bsc#1166003). - md/raid1: avoid soft lockup under high load (bsc#1166003). - commit f5e32ec - md: no longer compare spare disk superblock events in super_load (bsc#1166003). - commit ac7ff9d - md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit (bsc#1166003). - commit 1195535 ++++ gcc10: - Update to master head (7d4549b2cd209eb621453ce13be7f), git175366. ++++ openssl-1_1: - openssl dgst: default to SHA256 only when called without a digest, not when it couldn't be found (bsc#1166189) * add openssl-unknown_dgst.patch ++++ libzypp: - RepoVariables: Add safe guard in case the caller does not own a zypp instance. - Enable c++17. Define libyzpp CXX_STANDARD in ZyppCommon.cmake. - version 17.23.2 (22) ++++ pam: - Moved pam_userdb to a separate package pam-extra. [bsc#1166510, pam.spec] ++++ podman: - Update podman to v1.8.2: * Features - Initial support for automatically updating containers managed via Systemd unit files has been merged. This allows containers to automatically upgrade if a newer version of their image becomes available * Bugfixes - Fixed a bug where unit files generated by podman generate systemd --new would not force containers to detach, causing the unit to time out when trying to start - Fixed a bug where podman system reset could delete important system directories if run as rootless on installations created by older Podman (#4831) - Fixed a bug where image built by podman build would not properly set the OS and Architecture they were built with (#5503) - Fixed a bug where attached podman run with --sig-proxy enabled (the default), when built with Go 1.14, would repeatedly send signal 23 to the process in the container and could generate errors when the container stopped (#5483) - Fixed a bug where rootless podman run commands could hang when forwarding ports - Fixed a bug where rootless Podman would not work when /proc was mounted with the hidepid option set - Fixed a bug where the podman system service command would use large amounts of CPU when --timeout was set to 0 (#5531) * HTTP API - Initial support for Libpod endpoints related to creating and operating on image manifest lists has been added - The Libpod Healthcheck and Events API endpoints are now supported - The Swagger endpoint can now handle cases where no Swagger documentation has been generated * Misc - Updated Buildah to v1.14.3 - Updated containers/storage to v1.16.5 - Several performance improvements have been made to creating containers, which should somewhat improve the performance of podman create and podman run ++++ qemu: - Include upstream patches targeted for the next stable release (bug fixes only) block-io-fix-bdrv_co_do_copy_on_readv.patch compat-disable-edid-on-correct-virtio-gp.patch target-ppc-Fix-rlwinm-on-ppc64.patch vhost-correctly-turn-on-VIRTIO_F_IOMMU_P.patch - s390x Protected Virtualization support - start and control guest in secure mode. (note: binary patch from patch series dropped since for s390x we rebuild the patched binary anyways) (bsc#1167075 jsc#SLE-7407) s390-sclp-improve-special-wait-psw-logic.patch s390x-Add-missing-vcpu-reset-functions.patch s390x-Add-SIDA-memory-ops.patch s390x-Add-unpack-facility-feature-to-GA1.patch s390x-Beautify-diag308-handling.patch s390x-Don-t-do-a-normal-reset-on-the-ini.patch s390x-ipl-Consolidate-iplb-validity-chec.patch s390x-kvm-Make-kvm_sclp_service_call-voi.patch s390x-Move-clear-reset.patch s390x-Move-diagnose-308-subcodes-and-rcs.patch s390x-Move-initial-reset.patch s390x-Move-reset-normal-to-shared-reset-.patch s390x-protvirt-Add-migration-blocker.patch s390x-protvirt-Disable-address-checks-fo.patch s390x-protvirt-Handle-SIGP-store-status-.patch s390x-protvirt-Inhibit-balloon-when-swit.patch s390x-protvirt-KVM-intercept-changes.patch s390x-protvirt-Move-diag-308-data-over-S.patch s390x-protvirt-Move-IO-control-structure.patch s390x-protvirt-Move-STSI-data-over-SIDAD.patch s390x-protvirt-SCLP-interpretation.patch s390x-protvirt-Set-guest-IPL-PSW.patch s390x-protvirt-Support-unpack-facility.patch Sync-pv.patch - Fix the issue that s390x could not read IPL channel program when using dasd as boot device (bsc#1163140) pc-bios-s390x-Save-iplb-location-in-lowc.patch ++++ raspberrypi-firmware: - Add rpi4-firmware-dma-ranges overaly which fixes touch input on the official 7" display (bsc#1167147) ++++ raspberrypi-firmware-config: - Add rpi4-firmware-dma-ranges overaly which fixes touch input on the official 7" display (bsc#1167147) ++++ raspberrypi-firmware-dt: - Add rpi4-firware-dma-ranges-overlay.dts which fixes touch input on the official 7" display (bsc#1167147) ++++ system-users: - Call usermod only if installed ++++ zypper: - Tag 'retracted' patch status in info and list-patches (jsc#SLE-8770) - Tag 'R'etracted items in search tabes status columns (jsc#SLE-8770) - Relax 'Do not allow the abbreviation of cli arguments' in legacy distibutions (bsc#1164543) - Correctly detect ambigous switch abbreviations (bsc#1165573) - zypper-aptitude: don't supplement zypper. supplementing zypper means zypper-aptitude gets installed by default and pulls in perl. Neither is desired on small systems. - BuildRequires: libzypp-devel >= 17.23.2. - version 1.14.35 ------------------------------------------------------------------ ------------------ 2020-3-19 - Mar 19 2020 ------------------- ------------------------------------------------------------------ ++++ boost-base: - libreoffice_compat_backports.patch: add a backport of Boost.Optional::has_value() for LibreOffice ++++ dracut: - Changed scheme to 049.1+suse.139.g8a7d3d9e to match systemd package * Scheme pattern> +suse..g * No functional change ++++ libguestfs: - bsc#1167131 - virt-v2v fails importing ubuntu 18.04 LTS ova 500acb15-v2v-linux-fix-kernel-detection-when-split-in-different-packages.patch ++++ kernel-default: - cgroup: Iterate tasks that did not finish do_exit() (bsc#1167151). - commit 16348dc - arm64: fix config and supported.conf for MTD devices on NXP boards References: bsc#1167137 Get rid of CONFIG_MTD_PHYSMAP_COMPAT and enable CONFIG_MTD_PHYSMAP_OF. Compat maps of zero length (CONFIG_MTD_PHYSMAP_LEN=0x0) doesn't make sense and driver initialization is bound to fail. Update supported.conf to include required modules. - commit c23c1f0 - modpost: return error if module is missing ns imports and MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS=n (jsc#SLE-10158). - Refresh patches.suse/supported-flag. - Refresh patches.suse/supported-flag-modverdir. - commit 686d15e - cpufreq: powernv: Fix unsafe notifiers (bsc#1065729). - cpufreq: powernv: Fix use-after-free (bsc#1065729). - powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems (bsc#1056686). - commit c0f95eb ++++ gcc10: - Update to master head (c7e9019681857b329bbe4c1e7ec8d), git175348. - Package arm_mve.h for arm. ++++ systemd: - Import commit 31f82b39c811b4f731c80c2c2e7c56a0ca924a5b (merge v245.2) d1d3f2aa15 docs: Add syntax for templated units to systemd.preset man page 3c69813c69 man: add a tiny bit of markup bf595e788c home: fix segfault when parsing arguments in PAM module e110f4dacb test: wait a bit after starting the test service e8df08cfdb fix journalctl regression (#15099) eb3a38cc23 NEWS: add late note about job trimming issue 405f0fcfdd systemctl: hide the 'glyph' column when --no-legend is requested 1c7de81f89 format-table: allow hiding a specific column b7f2308bda core: transition to FINAL_SIGTERM state after ExecStopPost= 2867dfbf70 journalctl: show duplicate entries if they are from the same file (#14898) [...] ++++ libvirt: - libxl: Bump minimum supported Xen version to 4.9, allowing use of newer libxl APIs for retrieving memory statistics suse-bump-xen-version.patch bsc#1157490, bsc#1167007 ++++ u-boot-rpiarm64: Fix BTRFS access with LZO compression enabled (bsc#1166468) Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2020.01 * Patches added: 0019-uboot-fs-btrfs-Use-LZO_LEN-to-repla.patch 0020-uboot-fs-btrfs-Fix-LZO-false-decomp.patch ------------------------------------------------------------------ ------------------ 2020-3-18 - Mar 18 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Btrfs: fix race leading to metadata space leak after task received signal (bsc#1141456). - Refresh patches.suse/btrfs-run-btrfs_try_granting_tickets-if-a-priority-ticket-fails.patch. - commit 0d2889a - raid5: use bio_end_sector in r5_next_bio (bsc#1166003). - raid5: remove STRIPE_OPS_REQ_PENDING (bsc#1166003). - md: add feature flag MD_FEATURE_RAID0_LAYOUT (bsc#1166003). - md/raid5: use bio_end_sector to calculate last_sector (bsc#1166003). - commit 7e33890 - md raid0/linear: Mark array as 'broken' and fail BIOs if a member is gone (bsc#1166003). - Refresh for the above change, patches.suse/md-raid0-avoid-RAID0-data-corruption-due-to-layout-c.patch. - commit a563707 - raid5 improve too many read errors msg by adding limits (bsc#1166003). - raid1: factor out a common routine to handle the completion of sync write (bsc#1166003). - md: allow last device to be forcibly removed from RAID1/RAID10 (bsc#1166003). - Update with kabi fix for the above change, patches.kabi/md-backport-kabi.patch - md: Convert to use int_pow() (bsc#1166003). - commit aa334d3 - nvme: Translate more status codes to blk_status_t (bsc#1156510). - nvme: Fix parsing of ANA log page (bsc#1166658). - nvme: resync include/linux/nvme.h with nvmecli (bsc#1156510). - commit 672f1cb - md/raid10: end bio when the device faulty (bsc#1166003). - Refresh for the above change, patches.suse/md-display-timeout-error.patch. - commit 760aa49 - raid1: use an int as the return value of raise_barrier() (bsc#1166003). - commit 5ac4a79 - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() (bsc#1166940). - commit a1c176a - ARM: 8961/2: Fix Kbuild issue caused by per-task stack protector GCC plugin (git-fixes). - ARM: 8958/1: rename missed uaccess .fixup section (git-fixes). - ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional() (git-fixes). - efi: Add a sanity check to efivar_store_raw() (git-fixes). - drm/i915: be more solid in checking the alignment (git-fixes). - mt76: fix array overflow on receiving too many fragments for a packet (git-fixes). - ARM: imx: build v7_cpu_resume() unconditionally (git-fixes). - drm/amd/display: remove duplicated assignment to grph_obj_type (git-fixes). - commit 7fe5a8f - blacklist.conf: Add a reverted amdgpu entry - commit 916aa15 ++++ bluez: - Add HOGP-must-only-accept-data-from-bonded-devices.patch HOGP 1.0 Section 6.1 establishes that the HOGP must require bonding.(bsc#1166751)(CVE-2020-0556) HID-accepts-bonded-device-connections-only.patch This change adds a configuration for platforms to choose a more secure posture for the HID profile.(bsc#1166751)(CVE-2020-0556) input-hog-Attempt-to-set-security-level-if-not-bonde.patch Attempt to set security level if not bonded. (bsc#1166751)(CVE-2020-0556) input-Add-LEAutoSecurity-setting-to-input.conf.patch Add LEAutoSecurity setting to input.conf. (bsc#1166751)(CVE-2020-0556) ++++ mozilla-nss: - Added patches related to FIPS certification: * nss-fips-use-getrandom.patch: Use getrandom() to obtain entropy where possible. * nss-fips-dsa-kat.patch: Make DSA KAT FIPS compliant. * nss-fips-pairwise-consistency-check.patch: Use FIPS compliant hash when validating keypair. * nss-fips-rsa-keygen-strictness.patch: Enforce FIPS requirements on RSA key generation. * nss-fips-cavs-keywrap.patch, nss-fips-cavs-kas-ffc.patch, nss-fips-cavs-kas-ecc.patch, nss-fips-cavs-general.patch, nss-fips-cavs-dsa-fixes.patch, nss-fips-cavs-rsa-fixes.patch: Miscellaneous fixes to CAVS tests. * nss-fips-gcm-ctr.patch: Enforce FIPS limits on how much data can be processed without rekeying. * nss-fips-constructor-self-tests.patch: Run self tests on library initialization in FIPS mode. * nss-fips-approved-crypto-non-ec.patch: Disable non-compliant algorithms in FIPS mode (hashes and the SEED cipher). * nss-fips-zeroization.patch: Clear various temporary variables after use. * nss-fips-tls-allow-md5-prf.patch: Allow MD5 to be used in TLS PRF. * nss-fips-use-strong-random-pool.patch: Preferentially gather entropy from /dev/random over /dev/urandom. * nss-fips-detect-fips-mode-fixes.patch: Allow enabling FIPS mode consistently with NSS_FIPS environment variable. * nss-unit-test-fixes.patch: Fix argument parsing bug in lowhashtest. ++++ gcc10: - Update to master head (4e3d3e40726e1b68bf52fa205c68495124ea60b8). - libgphobos and libgdruntime SONAME versions were reset to 1. ++++ systemd: - Upgrade to v245 (commit 74e2e834b4282c9bbdc12014f6ccf8d86e542b8d) See https://github.com/openSUSE/systemd/blob/SUSE/v245/NEWS for details. This includes the following bug fixes: - upstream commit 7f56982289275ce84e20f0554475864953e6aaab (CVE-2020-1712) - upstream commit 66a19d85a533b15ed32f4066ec880b5a8c06babd (bsc#1157315) - upstream commit 7f56982289275ce84e20f0554475864953e6aaab (bsc#1162108) The new tools provided by systemd repart, userdb, homed, fdisk, pwquality, p11kit feature have been disabled for now as they require reviews first. Default to the "unified" cgroup hierarchy. Indeed most prominent users of cgroup (such as libvirt, kubic) should be ready for such change. It's still possible to switch back to the old "hybrid" hierarchy by passing "systemd.unified_cgroup_hierarchy=0" option to the kernel command line though. Added 0001-Revert-job-Don-t-mark-as-redundant-if-deps-are-relev.patch: upstream commit 097537f07a2fab3cb73aef7bc59f2a66aa93f533 has been reverted for now on as it introduced a behavior change which has impacted plymouth at least. ++++ runc: - Added fix for bsc#1149954 * 0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch ------------------------------------------------------------------ ------------------ 2020-3-17 - Mar 17 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Update to v2.0.12 - oom: fix potential race between verification steps ++++ fuse-overlayfs: - Update to v0.7.8 - report correctly the number of links for a directory also for subsequent stat calls - stop looking up the ino in the lower layers if the file could not be opened ++++ kernel-default: - blktrace: fix dereference after null check (bsc#1159285). - commit df5056f - blacklist.conf: Blacklist d87683620489 - commit 87e4a94 - jbd2: fix ocfs2 corrupt when clearing block group bits (bsc#1166878). - commit 4ccf692 - io_uring: fix __io_iopoll_check deadlock in io_sq_thread (bsc#1166876). - commit 47c1bb0 - io_uring: prevent sq_thread from spinning when it should stop (bsc#1166875). - commit 59a5904 - ecryptfs: replace BUG_ON with error handling code (bsc#1166874). - commit 7eb7c45 - ecryptfs: fix a memory leak bug in ecryptfs_init_messaging() (bsc#1166872). - commit 58a8bc1 - ecryptfs: fix a memory leak bug in parse_tag_1_packet() (bsc#1166871). - commit c7ebfb4 - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL (bsc#1166870). - commit d4cc10a - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem (bsc#1166868). - commit 3fea683 - ext4: fix potential race between s_flex_groups online resizing and access (bsc#1166867). - commit 8b31558 - ext4: fix potential race between s_group_info online resizing and access (bsc#1166866). - commit 8fec0cb - ext4: fix potential race between online resizing and write operations (bsc#1166864). - commit 8ac7c77 - ext4: add cond_resched() to __ext4_find_entry() (bsc#1166862). - commit 098ad12 - ext4: fix a data race in EXT4_I(inode)->i_disksize (bsc#1166861). - commit ff7b112 - ext4: don't assume that mmp_nodename/bdevname have NUL (bsc#1166860). - commit 26f5b12 - block, bfq: get a ref to a group when adding it to a service tree (bsc#1166859). - commit 0cc750a - blacklist.conf: Blacklist 4d8340d0d4d9 - commit a9eb92c - i2c: gpio: suppress error on probe defer (git-fixes). - i2c: i801: Do not add ICH_RES_IO_SMI for the iTCO_wdt device (git-fixes). - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices (bsc#1166632). - crypto: pcrypt - Fix user-after-free on module unload (git-fixes). - iwlwifi: mvm: fix NVM check for 3168 devices (git-fixes). - ASoC: pcm: update FE/BE trigger order based on the command (git-fixes). - commit 0ca34dd - x86/amd_nb, char/amd64-agp: Use amd_nb_num() accessor (bsc#1152489). - [mkubecek] update kabi files (incompatible): - drop amd_nb_misc_ids symbol (no longer exported so that we can add more device ids later) - commit bb3cbed ++++ libvirt: - qemu: Create multipath targets for PRs a30078cb-qemu-create-mp-target.patch, aeb909bf-qemu-multipath-fix.patch bsc#1161883 ++++ salt: - virt._get_domain: don't raise an exception if there is no VM - Added: * virt._get_domain-don-t-raise-an-exception-if-there-i.patch ++++ yast2: - Fixed CWM::MultiStatusSelector help text icons displayed during installation (related to bsc#1157780, bsc#1161308, bsc#1161200) - 4.2.74 ------------------------------------------------------------------ ------------------ 2020-3-16 - Mar 16 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - move *.module files to separate -debug subpackage (boo#1166578) ++++ kernel-default: - sys/sysinfo: Respect boottime inside time namespace (bsc#1164648,jsc#SLE-11493). - commit 695315f - btrfs: run btrfs_try_granting_tickets if a priority ticket fails (bsc#1141456). - btrfs: only check priority tickets for priority flushing (bsc#1141456). - btrfs: Account for trans_block_rsv in may_commit_transaction (bsc#1141456). - btrfs: allow us to use up to 90% of the global rsv for unlink (bsc#1141456). - btrfs: Improve global reserve stealing logic (bsc#1141456). - btrfs: force chunk allocation if our global rsv is larger than metadata (bsc#1141456). - commit 0e267e6 - drm/virtio: module_param_named() requires linux/moduleparam.h (bsc#1152489) - commit bbc436c - iommu/vt-d: Fix debugfs register reads (bsc#1166769). - commit acf3bd7 - Refresh patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch. - commit 867843d - drm/i915/gt: Close race between cacheline_retire and free (bsc#1152489) Additional changes: * Added i915_active_acquire_if_busy() to drivers/gpu/drm/i915/i915_active.{c,h}. See upstream commit b1e3177bd1d8f - commit 0111275 - drm/virtio: make resource id workaround runtime switchable. (bsc#1152489) - commit 370ca9c - x86/ioremap: Map EFI runtime services data as encrypted for SEV (bsc#1160508). - commit 27cbc80 - Add kabi reference files - import from KotD (commit 49476dcf3399) Enable kabi checking for -default and -preempt flavors. - commit fe7e9d8 - iommu/vt-d: Populate debugfs if IOMMUs are detected (bsc#1166728). - iommu/vt-d: Ignore devices with out-of-spec domain number (bsc#1166727). - iommu/vt-d: Fix the wrong printing in RHSA parsing (bsc#1166726). - iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint (bsc#1166729). - iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint (bsc#1166723). - iommu/vt-d: Fix RCU-list bugs in intel_iommu_init() (bsc#1166725). - iommu/dma: Fix MSI reservation allocation (bsc#1166722). - iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page (bsc#1166724). - commit eb2e9ee ++++ salt: - Adds test for zypper abbreviation fix - Improved storage pool or network handling - Better import cache handline - Added: * loader-invalidate-the-import-cachefor-extra-modules.patch * open-suse-2019.2.3-virt-defined-states-219.patch - Modified: * use-full-option-name-instead-of-undocumented-abbrevi.patch ++++ qemu: - Fix potential OOB accesses in slirp (CVE-2020-8608 bsc#1163018 bsc#1161066 CVE-2020-7039) slirp-use-correct-size-while-emulating-c.patch slirp-use-correct-size-while-emulating-I.patch tcp_emu-Fix-oob-access.patch tcp_emu-fix-unsafe-snprintf-usages.patch util-add-slirp_fmt-helpers.patch - Replace this patch with upstream version target-arm-monitor-query-cpu-model-expan.patch ------------------------------------------------------------------ ------------------ 2020-3-15 - Mar 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: report corruption only as a regular error (bsc#1166687). - commit abd2d39 - xfs: add a XFS_IS_CORRUPT macro (bsc#1166686). - commit 877ee95 - xfs: make the assertion message functions take a mount parameter (bsc#1166685). - commit 7bd7696 ------------------------------------------------------------------ ------------------ 2020-3-13 - Mar 13 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: check attribute leaf block structure (bsc#1166153). - commit 1008e2c - net: dsa: microchip: enable module autoprobe (networking-stable-20_02_09). - net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() (networking-stable-20_02_09). - net: stmmac: fix a possible endless loop (networking-stable-20_02_09). - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode (networking-stable-20_02_09). - net: mvneta: move rx_dropped and rx_errors in per-cpu stats (networking-stable-20_02_09). - qed: Fix timestamping issue for L2 unicast ptp packets (networking-stable-20_02_09). - net: macb: Limit maximum GEM TX length in TSO (networking-stable-20_02_09). - net: macb: Remove unnecessary alignment check for TSO (networking-stable-20_02_09). - bonding/alb: properly access headers in bond_alb_xmit() (networking-stable-20_02_09). - devlink: report 0 after hitting end in region read (networking-stable-20_02_09). - net_sched: fix a resource leak in tcindex_set_parms() (networking-stable-20_02_09). - commit c82701f - mmc: sdhci: iproc: Add custom set_power() callback for bcm2711 (bsc#1165954). - mmc: sdhci: Introduce sdhci_set_power_and_bus_voltage() (bsc#1165954). - commit a751850 - fs: add generic UNRESVSP and ZERO_RANGE ioctl handlers (bsc#1165806, bsc#1165807). - commit 59a3783 - xfs: don't implement XFS_IOC_RESVSP / XFS_IOC_RESVSP64 (bsc#1165806, bsc#1165807). - commit 17753e3 - crypto: arm{,64} neon: memzero_explicit aes-cbc key (bsc#1165167, FIPS). - commit cb788e3 - Refresh patches.suse/scsi-ibmvfc-Avoid-loss-of-all-paths-during-SVC-node-.patch. - commit bb81764 - drm/i915: Defer semaphore priority bumping to a workqueue (git-fixes). - drm/i915/gvt: Fix dma-buf display blur issue on CFL (git-fixes). - drm/i915/gvt: Fix unnecessary schedule timer when no vGPU exits (git-fixes). - nl80211: add missing attribute validation for channel switch (git-fixes). - nl80211: add missing attribute validation for beacon report scanning (git-fixes). - nl80211: add missing attribute validation for critical protocol indication (git-fixes). - batman-adv: Don't schedule OGM for disabled interface (git-fixes). - macvlan: add cond_resched() during multicast processing (git-fixes). - nfc: add missing attribute validation for vendor subcommand (git-fixes). - nfc: add missing attribute validation for deactivate target (git-fixes). - nfc: add missing attribute validation for SE API (git-fixes). - tipc: add missing attribute validation for MTU property (git-fixes). - team: add missing attribute validation for array index (git-fixes). - team: add missing attribute validation for port ifindex (git-fixes). - macsec: add missing attribute validation for port (git-fixes). - can: add missing attribute validation for termination (git-fixes). - nl802154: add missing attribute validation for dev_type (git-fixes). - nl802154: add missing attribute validation (git-fixes). - firmware: imx: Align imx_sc_msg_req_cpu_start to 4 (git-fixes). - firmware: imx: scu-pd: Align imx sc msg structs to 4 (git-fixes). - firmware: imx: misc: Align imx sc msg structs to 4 (git-fixes). - firmware: imx: scu: Ensure sequential TX (git-fixes). - tty:serial:mvebu-uart:fix a wrong return (git-fixes). - usb: dwc3: gadget: Update chain bit correctly when using sg list (git-fixes). - usb: storage: Add quirk for Samsung Fit flash (git-fixes). - usb: quirks: add NO_LPM quirk for Logitech Screen Share (git-fixes). - media: hantro: Fix broken media controller links (git-fixes). - media: mc-entity.c: use & to check pad flags, not == (git-fixes). - media: v4l2-mem2mem.c: fix broken links (git-fixes). - dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list (git-fixes). - dmaengine: tegra-apb: Fix use-after-free (git-fixes). - audit: always check the netlink payload length in audit_receive_msg() (git-fixes). - audit: fix error handling in audit_data_to_entry() (git-fixes). - watchdog: da9062: do not ping the hw during stop() (git-fixes). - habanalabs: patched cb equals user cb in device memset (git-fixes). - habanalabs: do not halt CoreSight during hard reset (git-fixes). - habanalabs: halt the engines before hard-reset (git-fixes). - usb: gadget: serial: fix Tx stall after buffer overflow (git-fixes). - usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags (git-fixes). - usb: gadget: composite: Support more than 500mA MaxPower (git-fixes). - drm/modes: Allow DRM_MODE_ROTATE_0 when applying video mode parameters (git-fixes). - drm/modes: Make sure to parse valid rotation value from cmdline (git-fixes). - drm/msm/dsi/pll: call vco set rate explicitly (git-fixes). - drm/msm/dsi: save pll state before dsi host is powered off (git-fixes). - drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI (git-fixes). - drm/msm/mdp5: rate limit pp done timeout warnings (git-fixes). - ALSA: hda: do not override bus codec_mask in link_get() (git-fixes). - vfio-ccw: Use the correct style for SPDX License Identifier (git-fixes). - commit d192c28 - fix patch metadata - fix Patch-mainline: patches.suse/0001-padata-initialize-pd-cpu-with-effective-cpumask.patch patches.suse/0001-padata-pcrypt-take-CPU-hotplug-lock-internally-in-pa.patch patches.suse/0001-padata-unbind-parallel-jobs-from-specific-CPUs.patch patches.suse/0001-padata-use-separate-workqueues-for-parallel-and-seri.patch patches.suse/0001-workqueue-unconfine-alloc-apply-free_workqueue_attrs.patch - commit c637d96 - series.conf: cleanup - update upstream reference and resort: patches.suse/ibmvnic-Do-not-process-device-remove-during-device-r.patch - commit aed6449 ++++ kexec-tools: - kexec-tools-reset-getopt-before-falling-back-to-legacy.patch: Reset getopt before falling back to legacy syscall (bsc#1166105). - kexec-tools-fix-kexec_file_load-error-handling.patch: Fix the error handling if kexec_file_load() fails (bsc#1166105). ++++ gcc10: - Update to master head (3604480a6fe493c51d6ebd53d9b1abeebbbb828f). ++++ systemd: - add systemd-network-generator.service file together with systemd-network-generator binary ++++ pam: - disable libdb usage and pam_userdb again, as this causes some license conflicts. (bsc#1166510) ++++ raspberrypi-firmware-dt: - Get rid of remove-vmmc-emmc2.patch now that the kernel supports it (bsc#1165954) ++++ supportutils: - Addition to version 3.1.9 + Changes affecting getappcore - Added core file validation (bsc#1166126) - Added -j to extract core from systemd journal - Capture coredumptctl info in getappcore.log + Changed filename prefixes from nts_ to scc_ (SLE-8702, SLE-6762) - The new prefix references SUSE Customer Center ++++ transactional-update: - Add dependencies to btrfsprogs, zypper and snapper - most of the functionality is not usable if those applications are not installed. [boo#1166502] ++++ yast2: - CWM::MultiStatusSelector minor improvements (related to bsc#1157780). - 4.2.73 ------------------------------------------------------------------ ------------------ 2020-3-12 - Mar 12 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - fix patch name typo - bug-1158628-04-pvmove-correcting-read_ahead-setting.patch + bug-1158628_04-pvmove-correcting-read_ahead-setting.patch ++++ grub2: - Fix EFI console detection to make it a runtime decision (bsc#1164385) * grub2-SUSE-Add-the-t-hotkey.patch ++++ kernel-default: - Move the upstreamed ipmi_si patch into sorted section - commit ca4ab45 - pid: Fix error return value in some cases (bsc#1164648,jsc#SLE-11493). - commit 2c02126 - blacklist.conf: expand wildcards. - commit 7232917 - arm64: dts: qcom: Add Lenovo Yoga C630 (jsc#SLE-9418). - commit 5c6966e - x86/intel: Disable HPET on Intel Ice Lake platforms (git-fixes). - x86/intel: Disable HPET on Intel Coffee Lake H platforms (git-fixes). - commit df3778b - pinctrl: core: Remove extra kref_get which blocks hogs being freed (git-fixes). - pinctrl: imx: scu: Align imx sc msg structs to 4 (git-fixes). - pinctrl: meson-gxl: fix GPIOX sdio pins (git-fixes). - virtio_balloon: Adjust label in virtballoon_probe (git-fixes). - virtio_ring: Fix mem leak with vring_new_virtqueue() (git-fixes). - Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs" (git-fixes). - nfc: pn544: Fix occasional HW initialization failure (git-fixes). - NFC: pn544: Fix a typo in a debug message (git-fixes). - gpio: xilinx: Fix bug where the wrong GPIO register is written to (git-fixes). - irqchip/gic-v3: Only provision redistributors that are enabled in ACPI (git-fixes). - virtio_balloon: prevent pfn array overflow (git-fixes). - clk: Use parent node pointer during registration if necessary (git-fixes). - gpu/drm: ingenic: Avoid null pointer deference in plane atomic update (git-fixes). - gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap() (git-fixes). - fore200e: Fix incorrect checks of NULL pointer dereference (git-fixes). - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu() (git-fixes). - irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems (git-fixes). - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 (git-fixes). - gpio: add gpiod_toggle_active_low() (git-fixes). - XArray: Fix xas_find returning too many entries (git-fixes). - XArray: Fix xa_find_after with multi-index entries (git-fixes). - XArray: Fix infinite loop with entry at ULONG_MAX (git-fixes). - XArray: Fix xas_pause at ULONG_MAX (git-fixes). - commit aac43c5 - Revert "tick/common: Make tick_periodic() check for missing ticks" This reverts commit 4d65090f1171433dc9438813b674f86d4925eb9c. Patch causes hard lockup. See [1] for details. Issue is fixed with Marvell frimware v7.4.1 [1]: https://lkml.org/lkml/2020/3/6/1245 - commit be5e348 - Enable CONFIG_KEXEC_SIG on s390x (jsc#SLE-8923). - commit 3dbf242 ++++ libapparmor: - update to AppArmor 2.13.4 - fix log parsing for logs with an embedded newline - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog ++++ libgcrypt: - Remove check not needed in _gcry_global_constructor [bsc#1164950] * Update libgcrypt-Restore-self-tests-from-constructor.patch ++++ lvm2: - fix patch name typo - bug-1158628-04-pvmove-correcting-read_ahead-setting.patch + bug-1158628_04-pvmove-correcting-read_ahead-setting.patch ++++ NetworkManager: - Update to version 1.22.10: + core: periodically cleanup stale device state files from /run. + dhcp: fix crash in nettools client. + bond: fixed the validation of the miimon option. + Various minor bug fixes and improvements. ++++ podman: - Update podman to v1.8.1: * Features - Many networking-related flags have been added to podman pod create to enable customization of pod networks, including - -add-host, --dns, --dns-opt, --dns-search, --ip, - -mac-address, --network, and --no-hosts - The podman ps --format=json command now includes the ID of the image containers were created with - The podman run and podman create commands now feature an - -rmi flag to remove the image the container was using after it exits (if no other containers are using said image) ([#4628](https://github.com/containers/libpod/issues/4628)) - The podman create and podman run commands now support the - -device-cgroup-rule flag (#4876) - While the HTTP API remains in alpha, many fixes and additions have landed. These are documented in a separate subsection below - The podman create and podman run commands now feature a - -no-healthcheck flag to disable healthchecks for a container (#5299) - Containers now recognize the io.containers.capabilities label, which specifies a list of capabilities required by the image to run. These capabilities will be used as long as they are more restrictive than the default capabilities used - YAML produced by the podman generate kube command now includes SELinux configuration passed into the container via - -security-opt label=... (#4950) * Bugfixes - Fixed CVE-2020-1726, a security issue where volumes manually populated before first being mounted into a container could have those contents overwritten on first being mounted into a container - Fixed a bug where Podman containers with user namespaces in CNI networks with the DNS plugin enabled would not have the DNS plugin's nameserver added to their resolv.conf ([#5256](https://github.com/containers/libpod/issues/5256)) - Fixed a bug where trailing / characters in image volume definitions could cause them to not be overridden by a user-specified mount at the same location ([#5219](https://github.com/containers/libpod/issues/5219)) - Fixed a bug where the label option in libpod.conf, used to disable SELinux by default, was not being respected (#5087) - Fixed a bug where the podman login and podman logout commands required the registry to log into be specified (#5146) - Fixed a bug where detached rootless Podman containers could not forward ports (#5167) - Fixed a bug where rootless Podman could fail to run if the pause process had died - Fixed a bug where Podman ignored labels that were specified with only a key and no value (#3854) - Fixed a bug where Podman would fail to create named volumes when the backing filesystem did not support SELinux labelling (#5200) - Fixed a bug where --detach-keys="" would not disable detaching from a container (#5166) - Fixed a bug where the podman ps command was too aggressive when filtering containers and would force --all on in too many situations - Fixed a bug where the podman play kube command was ignoring image configuration, including volumes, working directory, labels, and stop signal (#5174) - Fixed a bug where the Created and CreatedTime fields in podman images --format=json were misnamed, which also broke Go template output for those fields ([#5110](https://github.com/containers/libpod/issues/5110)) - Fixed a bug where rootless Podman containers with ports forwarded could hang when started (#5182) - Fixed a bug where podman pull could fail to parse registry names including port numbers - Fixed a bug where Podman would incorrectly attempt to validate image OS and architecture when starting containers - Fixed a bug where Bash completion for podman build -f would not list available files that could be built (#3878) - Fixed a bug where podman commit --change would perform incorrect validation, resulting in valid changes being rejected (#5148) - Fixed a bug where podman logs --tail could take large amounts of memory when the log file for a container was large (#5131) - Fixed a bug where Podman would sometimes incorrectly generate firewall rules on systems using firewalld - Fixed a bug where the podman inspect command would not display network information for containers properly if a container joined multiple CNI networks ([#4907](https://github.com/containers/libpod/issues/4907)) - Fixed a bug where the --uts flag to podman create and podman run would only allow specifying containers by full ID (#5289) - Fixed a bug where rootless Podman could segfault when passed a large number of file descriptors - Fixed a bug where the podman port command was incorrectly interpreting additional arguments as container names, instead of port numbers - Fixed a bug where units created by podman generate systemd did not depend on network targets, and so could start before the system network was ready (#4130) - Fixed a bug where exec sessions in containers which did not specify a user would not inherit supplemental groups added to the container via --group-add - Fixed a bug where Podman would not respect the $TMPDIR environment variable for placing large temporary files during some operations (e.g. podman pull) ([#5411](https://github.com/containers/libpod/issues/5411)) * HTTP API - Initial support for secure connections to servers via SSH tunneling has been added - Initial support for the libpod create and logs endpoints for containers has been added - Added a /swagger/ endpoint to serve API documentation - The json endpoint for containers has received many fixes - Filtering images and containers has been greatly improved, with many bugs fixed and documentation improved - Image creation endpoints (commit, pull, etc) have seen many fixes - Server timeout has been fixed so that long operations will no longer trigger the timeout and shut the server down - The stats endpoint for containers has seen major fixes and now provides accurate output - Handling the HTTP 304 status code has been fixed for all endpoints - Many fixes have been made to API documentation to ensure it matches the code * Misc - Updated vendored Buildah to v1.14.2 - Updated vendored containers/storage to v1.16.2 - The Created field to podman images --format=json has been renamed to CreatedSince as part of the fix for (#5110). Go templates using the old name shou ld still work - The CreatedTime field to podman images --format=json has been renamed to CreatedAt as part of the fix for (#5110). Go templates using the old name should still work - The before filter to podman images has been renamed to since for Docker compatibility. Using before will still work, but documentation has been changed to use the new since filter - Using the --password flag to podman login now warns that passwords are being passed in plaintext - Some common cases where Podman would deadlock have been fixed to warn the user that podman system renumber must be run to resolve the deadlock ++++ qemu: - Include upstream patches targeted for the next stable release (bug fixes only) audio-oss-fix-buffer-pos-calculation.patch blkdebug-Allow-taking-unsharing-permissi.patch block-Add-bdrv_qapi_perm_to_blk_perm.patch block-backup-top-fix-failure-path.patch block-block-copy-fix-progress-calculatio.patch block-fix-crash-on-zero-length-unaligned.patch block-fix-memleaks-in-bdrv_refresh_filen.patch block-Fix-VM-size-field-width-in-snapsho.patch block-nbd-extract-the-common-cleanup-cod.patch block-nbd-fix-memory-leak-in-nbd_open.patch block-qcow2-threads-fix-qcow2_decompress.patch hw-arm-cubieboard-use-ARM-Cortex-A8-as-t.patch hw-intc-arm_gicv3_kvm-Stop-wrongly-progr.patch iotests-add-test-for-backup-top-failure-.patch iotests-Fix-nonportable-use-of-od-endian.patch job-refactor-progress-to-separate-object.patch target-arm-Correct-definition-of-PMCRDP.patch target-arm-fix-TCG-leak-for-fcvt-half-do.patch tpm-ppi-page-align-PPI-RAM.patch vhost-user-blk-delete-virtioqueues-in-un.patch virtio-add-ability-to-delete-vq-through-.patch virtio-crypto-do-delete-ctrl_vq-in-virti.patch virtio-pmem-do-delete-rq_vq-in-virtio_pm.patch ++++ yast2: - Add the new CWM::MultiStatusSelector custom widget (related to bsc#1157780, bsc#1161308, bsc#1161200). - 4.2.72 - Do not remove the installation repositories in the "Previously Used Repositories" step (bsc#1163081) - 4.2.71 ------------------------------------------------------------------ ------------------ 2020-3-11 - Mar 11 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+git135.46dceb02: * 40network: Do not require hostname binary * suse.spec: add new modules 90nvdimm and 99suse-initrd * 95fcoe: default rd.nofcoe to false (bsc#1163343) * Add module "99suse-initrd" for parsing "SUSE INITRD" lines (bsc#1161343) Dependent commits: * Add module "90nvdimm" for NVDIMM support * 90kernel-modules: remove nfit from static module list ++++ kernel-default: - Update patch reference for console security fix (CVE-2020-8647 bsc#1162929 CVE-2020-8649 bsc#1162931) - commit 3e9c1d2 - padata, pcrypt: take CPU hotplug lock internally in padata_alloc_possible (git-fixes). - commit aad348d - x86/mm: Split vmalloc_sync_all() (bsc#1165741). - commit 6f59f79 - workqueue: unconfine alloc/apply/free_workqueue_attrs() (git-fixes). - commit 00cf9ef - crypto: pcrypt - Avoid deadlock by using per-instance padata queues (git-fixes). - commit 2487df7 - padata: unbind parallel jobs from specific CPUs (git-fixes). - Refresh patches.suse/0001-padata-Remove-broken-queue-flushing.patch. - commit f5446c1 - patch metadata cleanup - drop duplicate References line: patches.suse/sched-fair-fix-statistics-for-find_idlest_group.patch - commit d4e3168 - series.conf: tidy up - "inherited SP1 patches for review" section is emtpy, drop the header - drop a pointless comment - commit d5cfa09 - padata: use separate workqueues for parallel and serial work (git-fixes). - commit 93a8f87 - refresh and enable: patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch - commit 0883fb3 - refresh and enable: patches.suse/btrfs-8888-add-allow_unsupported-module-parameter.patch - commit e7ac692 - sched/fair: Fix reordering of enqueue/dequeue_task_fair() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix runnable_avg for throttled cfs (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/topology: Don't enable EAS on SMT systems (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Acquire RCU lock for checking idle cores during NUMA balancing (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix kernel build warning in test_idle_cores() for !SMT NUMA (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 54c1e7e - Refresh patches.suse/sched-fair-fix-statistics-for-find_idlest_group.patch. - commit 19f7ff2 - vt: selection, push sel_lock up (bnc#1162928 CVE-2020-8648). - vt: selection, push console lock down (bnc#1162928 CVE-2020-8648). - commit 826e708 - supported.conf: cleanup Remove entries for modules which are only built into vmlinuz image and no longer as a module on any supported architecture. - commit 442ceef - net: export netdev_next_lower_dev_rcu() (bsc#1154353). - commit 50e6fb7 - supported.conf: proper sort While having all modules belonging to internal KMPs (i.e. marked with "+foo-kmp" style guards) on top of supported.conf might seem intentional, it was in fact only a side effect of a bug in supported-conf-fixup which did not expect guards with a dash ('-'). Sort the file properly now to avoid potential mistakes resulting from wrong order of entries. - commit 26973fc - fix patch metadata - fix Patch-mainline: patches.suse/0001-crypto-pcrypt-remove-padata-cpumask-notifier.patch patches.suse/0001-padata-Replace-delayed-timer-with-immediate-workqueu.patch patches.suse/0001-padata-allocate-workqueue-internally.patch patches.suse/0001-padata-initialize-pd-cpu-with-effective-cpumask.patch patches.suse/0001-padata-make-padata_do_parallel-find-alternate-callba.patch patches.suse/0001-padata-purge-get_cpu-and-reorder_via_wq-from-padata_.patch patches.suse/0001-virtio-blk-fix-hw_queue-stopped-on-arbitrary-error.patch - commit bc937a8 - ibmvnic: Do not process device remove during device reset (bsc#1065729). - commit cc9dad3 ++++ NetworkManager: - Modify nfs script (boo#1164642) * Also mount nfs4 shares * Ignore nfs or nfs4 shares in case if the noauto option is set ++++ raspberrypi-firmware: - Add uboot-bcm2835-pl011 overlay, which fixes the serial port compatible name as expected by u-boot, relevant for RPi, RPi2 and RPi0 families (bsc#1166414) ++++ raspberrypi-firmware-config: - Add uboot-bcm2835-pl011 overlay, which fixes the serial port compatible name as expected by u-boot, relevant for RPi, RPi2 and RPi0 families (bsc#1166414) ++++ raspberrypi-firmware-dt: - Add uboot-bcm2835-pl011-overlay.dts which fixes booting in RPi, RPi2, RPi0 (bsc#1166414) ------------------------------------------------------------------ ------------------ 2020-3-10 - Mar 10 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+git129.0f19bbfd: * 35network-legacy: dhclient is optional (bsc#1166188) * suse.spec: Create -extra package (bsc#1166188) * suse.spec: Remove obsolete permission fixups * 00warpclock: Fix permissions in warpclock.sh ++++ glibc: - dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272) ++++ grub2: - Downgrade mtools to Suggests for consistency with xorriso (boo#1165839) - remove info requirements, file triggers are used now (boo#1152105) ++++ kernel-default: - ibmvnic: Warn unknown speed message only when carrier is present (bsc#1065729). - commit e9a3130 - arm64/spinlock: fix a -Wunused-function warning (bsc#1149032). - locking/rwsem: Fix kernel crash when spinning on RWSEM_OWNER_UNKNOWN (bsc#1149032). - futex: Fix kernel-doc notation warning (bsc#1149032). - commit 4912275 - Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()" (bsc#1159886). - powerpc/spinlocks: Fix oops in __spin_yield() on bare metal (bsc#1149032). - powerpc/spinlocks: Rename SPLPAR-only spinlocks (bsc#1149032). - commit 4b45f4c - padata: initialize pd->cpu with effective cpumask (git-fixes). - Refresh patches.suse/0001-padata-Remove-broken-queue-flushing.patch. - commit c8738d9 - padata: purge get_cpu and reorder_via_wq from padata_do_serial (git-fixes). - commit 32854ac - padata: Replace delayed timer with immediate workqueue in padata_reorder (git-fixes). - Refresh patches.suse/0001-padata-Remove-broken-queue-flushing.patch. - commit ab62460 - padata: Remove broken queue flushing (git-fixes). - commit feb9def - crypto: pcrypt - remove padata cpumask notifier (git-fixes). - commit 61ed2ae - padata: make padata_do_parallel find alternate callback CPU (git-fixes). - commit 1bf4612 - padata: allocate workqueue internally (git-fixes). - commit c16372d - RDMA/odp: Ensure the mm is still alive before creating an implicit child (jsc#SLE-8449). - IB/mlx5: Fix implicit ODP race (jsc#SLE-8446). - RDMA/core: Fix pkey and port assignment in get_new_pps (jsc#SLE-8449). - RDMA/rw: Fix error flow during RDMA context initialization (jsc#SLE-8449). - RDMA/core: Fix use of logical OR in get_new_pps (jsc#SLE-8449). - commit 76634af - virtio-blk: fix hw_queue stopped on arbitrary error (git-fixes). - commit 1b95f96 - i2c: exynos5: Remove IRQF_ONESHOT (bsc#1162702). - i2c: hix5hd2: Remove IRQF_ONESHOT (bsc#1162702). - commit b6d534c - xfs: constify the buffer pointer arguments to error functions (bsc#1166226). - commit a8f2d26 - Delete patches.suse/0057-acpi-Disable-APEI-error-injection-if-the-kernel-is-l.patch. Removed this patch because it was not sent to kernel mainline with other kernel lockdown patches. Maintainers didn't reponse for why this patch not be sent. So, I removed this patch to align mainline kernel. - commit cfa2dff - mmc: sdhci-pci-gli: Enable MSI interrupt for GL975x (git-fixes). - commit b05ab91 - drm/sun4i: Add separate DE3 VI layer formats (bsc#1152472) - commit 9c87cd6 - drm/virtio: fix resource id creation race (bsc#1152489) - commit 875669e - drm/radeon: Inline drm_get_pci_dev (bsc#1152472) - commit 27b152d - drm/i915: Update drm/i915 bug filing URL (bsc#1152489) - commit e0978de - Refresh: patches.suse/firmware-raspberrypi-introduce-vl805-init-routine.patch There is a missing inline in a function declaration. As this is a bug in the upstream submission, a subsequent series will be sent. - commit 24cdb0d - efi: fix a race and a buffer overflow while reading efivars via sysfs (bsc#1164893). - commit 57ac0e8 - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets (bsc#1152472) - commit 6746148 - drm/vgem: Close use-after-free race in vgem_gem_create (bsc#1152472) - commit 65490f2 - Revert "drm/amd/display: Don't skip link training for empty dongle" (bsc#1152489) - commit 62bee52 - vgacon: Fix a UAF in vgacon_invert_region (bsc#1152472) - commit b9949b5 - fix patch metadata - fix Patch-mainline: patches.suse/usercopy-Avoid-soft-lockups-in-test_check_nonzero_us.patch - commit 1ec8a33 - fix patch metadata - fix Patch-mainline: patches.suse/0001-iwlwifi-mvm-remove-d0i3_ap_sta_id.patch patches.suse/0001-iwlwifi-mvm-remove-last-leftovers-of-d0i3.patch patches.suse/0001-iwlwifi-mvm-remove-the-d0i3-entry-exit-flow.patch patches.suse/0001-iwlwifi-mvm-remove-the-tx-defer-for-d0i3.patch patches.suse/0001-iwlwifi-mvm-start-to-remove-the-code-for-d0i3.patch patches.suse/0001-iwlwifi-remove-all-the-d0i3-references.patch - commit c0e601f - series.conf: cleanup - move into sorted section patches.suse/scsi-target-fix-unmap_zeroes_data-boolean-initialisa.patch patches.suse/scsi-target-convert-boolean-se_dev_attrib-types-to-b.patch patches.suse/scsi-target-use-an-enum-to-track-emulate_ua_intlck_c.patch - commit 2ee4b82 ++++ python3-core: - Change name of idle3 icons to idle3.png to avoid collision with Python 2 version (bsc#1165894). ++++ python3: - Change name of idle3 icons to idle3.png to avoid collision with Python 2 version (bsc#1165894). ++++ python-six: - Do not cause buildcycle with previous change but rather install the egg-info prepared metadata from the tarball ------------------------------------------------------------------ ------------------ 2020-3-9 - Mar 9 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: fix attr leaf header freemap.size underflow (bsc#1166164). - commit 33188db - xfs: fix some memory leaks in log recovery (bsc#1166162). - commit 0fc66f0 - xfs: attach dquots before performing xfs_swap_extents (bsc#1166161). - commit 1da5af8 - xfs: range check ri_cnt when recovering log items (bsc#1166160). - commit 90b681f - xfs: always log corruption errors (bsc#1166158). - commit 4ceca97 - xfs: replace -EIO with -EFSCORRUPTED for corrupt metadata (bsc#1166156). - commit 8aae262 - xfs: namecheck directory entry names before listing them (bsc#1166155). - commit bd61b8e - xfs: namecheck attribute names before listing them (bsc#1166154). - commit eddc1b8 - xfs: cap longest free extent to maximum allocatable (bsc#1166152). - commit 9db4cae - xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename() (bsc#1166149). - commit 2f06de6 - xfs: check log iovec size to make sure it's plausibly a buffer log format (bsc#1166147). - commit 266b31b - xfs: convert EIO to EFSCORRUPTED when log contents are invalid (bsc#1166145). - commit 343511d - xfs: also call xfs_file_iomap_end_delalloc for zeroing operations (bsc#1166144). - commit 5e9fd03 - xfs: fix inode fork extent count overflow (bsc#1166143). - commit 016eaf4 - xfs: log proper length of superblock (bsc#1166140). - commit 3caa90e - xfs: convert inode to extent format after extent merge due to shift (bsc#1166136). - commit d852ad3 - xfs: Use WARN_ON_ONCE for bailout mount-operation (bsc#1166133). - commit cc00b41 - xfs: fix maxicount division by zero error (bsc#1166132). - commit d8d261a - rpm/kabi.pl: account for namespace field being moved last Upstream is moving the namespace field in Module.symvers last in order to preserve backwards compatibility with kmod tools (depmod, etc). Fix the kabi.pl script to expect the namespace field last. Since split() ignores trailing empty fields and delimeters, switch to using tr to count how many fields/tabs are in a line. Also, in load_symvers(), pass LIMIT of -1 to split() so it does not strip trailing empty fields, as namespace is an optional field. - commit a3bb253 - lib/vdso: Only read hrtimer_res when needed in __cvdso_clock_getres() (bsc#1164648,jsc#SLE-11493). - selftests/timens: Check for right timens offsets after fork and exec (bsc#1164648,jsc#SLE-11493). - selftests/timens: Add a simple perf test for clock_gettime() (bsc#1164648,jsc#SLE-11493). - selftests/timens: Add timer offsets test (bsc#1164648,jsc#SLE-11493). - selftests/timens: Add procfs selftest (bsc#1164648,jsc#SLE-11493). - selftests/timens: Add a test for clock_nanosleep() (bsc#1164648,jsc#SLE-11493). - selftests/timens: Add a test for timerfd (bsc#1164648,jsc#SLE-11493). - selftests/timens: Add Time Namespace test for supported clocks (bsc#1164648,jsc#SLE-11493). - fs/proc: Introduce /proc/pid/timens_offsets (bsc#1164648,jsc#SLE-11493). - x86/vdso: Zap vvar pages when switching to a time namespace (bsc#1164648,jsc#SLE-11493). - x86/vdso: On timens page fault prefault also VVAR page (bsc#1164648,jsc#SLE-11493). - x86/vdso: Handle faults on timens page (bsc#1164648,jsc#SLE-11493). - time: Allocate per-timens vvar page (bsc#1164648,jsc#SLE-11493). - x86/vdso: Add time napespace page (bsc#1164648,jsc#SLE-11493). - update x86_64 configs: GENERIC_VDSO_TIME_NS=y, TIME_NS=y - x86/vdso: Provide vdso_data offset on vvar_page (bsc#1164648,jsc#SLE-11493). - lib/vdso: Prepare for time namespace support (bsc#1164648,jsc#SLE-11493). - refresh config files (drop TIME_NS - no longer available) - x86/vdso: Restrict splitting VVAR VMA (bsc#1164648,jsc#SLE-11493). - fs/proc: Respect boottime inside time namespace for /proc/uptime (bsc#1164648,jsc#SLE-11493). - posix-timers: Make clock_nanosleep() time namespace aware (bsc#1164648,jsc#SLE-11493). - hrtimers: Prepare hrtimer_nanosleep() for time namespaces (bsc#1164648,jsc#SLE-11493). - alarmtimer: Make nanosleep() time namespace aware (bsc#1164648,jsc#SLE-11493). - posix-timers: Make timer_settime() time namespace aware (bsc#1164648,jsc#SLE-11493). - timerfd: Make timerfd_settime() time namespace aware (bsc#1164648,jsc#SLE-11493). - time: Add do_timens_ktime_to_host() helper (bsc#1164648,jsc#SLE-11493). - posix-clocks: Wire up clock_gettime() with timens offsets (bsc#1164648,jsc#SLE-11493). - posix-timers: Use clock_get_ktime() in common_timer_get() (bsc#1164648,jsc#SLE-11493). - posix-clocks: Introduce clock_get_ktime() callback (bsc#1164648,jsc#SLE-11493). - alarmtimer: Provide get_timespec() callback (bsc#1164648,jsc#SLE-11493). - alarmtimer: Rename gettime() callback to get_ktime() (bsc#1164648,jsc#SLE-11493). - posix-clocks: Rename .clock_get_timespec() callbacks accordingly (bsc#1164648,jsc#SLE-11493). - posix-clocks: Rename the clock_get() callback to clock_get_timespec() (bsc#1164648,jsc#SLE-11493). - time: Add timens_offsets to be used for tasks in time namespace (bsc#1164648,jsc#SLE-11493). - ns: Introduce Time Namespace (bsc#1164648,jsc#SLE-11493). - update config files: TIME_NS=y (=n in s390x/zfcpdump) - lib/vdso: Mark do_hres() and do_coarse() as __always_inline (bsc#1164648,jsc#SLE-11493). - lib/vdso: Add unlikely() hint into vdso_read_begin() (bsc#1164648,jsc#SLE-11493). - lib/vdso: Avoid duplication in __cvdso_clock_getres() (bsc#1164648,jsc#SLE-11493). - lib/vdso: Let do_coarse() return 0 to simplify the callsite (bsc#1164648,jsc#SLE-11493). - lib/vdso: Make __cvdso_clock_getres() static (bsc#1164648,jsc#SLE-11493). - clone3: ensure copy_thread_tls is implemented (bsc#1163988,bsc#1164648,jsc#SLE-11493). - ubsan, x86: Annotate and allow __ubsan_handle_shift_out_of_bounds() in uaccess regions (bsc#1164648,jsc#SLE-11493). - fork: extend clone3() to support setting a PID (bsc#1164648,jsc#SLE-11493). - clone3: add CLONE_CLEAR_SIGHAND (bsc#1164648,jsc#SLE-11493). - tools headers UAPI: Sync sched.h with the kernel (bsc#1164648,jsc#SLE-11493). - usercopy: Avoid soft lockups in test_check_nonzero_user() (bsc#1164648,jsc#SLE-11493). - lib: test_user_copy: style cleanup (bsc#1164648,jsc#SLE-11493). - usercopy: Add parentheses around assignment in test_copy_struct_from_user (bsc#1164648,jsc#SLE-11493). - clone3: switch to copy_struct_from_user() (bsc#1164648,jsc#SLE-11493). - lib: introduce copy_struct_from_user() helper (bsc#1164648,jsc#SLE-11493). - sched: add kernel-doc for struct clone_args (bsc#1164648,jsc#SLE-11493). - commit 992f679 - kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic (git-fixes). - commit d42d5d9 - Delete patches.suse/clone3-ensure-copy_thread_tls-is-implemented.patch. - commit 5c13d46 - usb: core: port: do error out if usb_autopm_get_interface() fails (git-fixes). - usb: core: hub: do error out if usb_autopm_get_interface() fails (git-fixes). - commit 011bc72 - Revert "drm/fbdev: Fallback to non tiled mode if all tiles not present" (bsc#1051510). - commit 07e015b - modpost: move the namespace field in Module.symvers last (jsc#SLE-10158). - Refresh patches.suse/supported-flag. - commit d026ef9 - USB: misc: iowarrior: add support for 2 OEMed devices (git-fixes). - commit e40d2a1 - USB: Fix novation SourceControl XL after suspend (git-fixes). - commit 25b0137 - KVM: VMX: check descriptor table exits on instruction emulation (bsc#1166091). - commit bf59879 - drm/i915/selftests: Fix return in assert_mmap_offset() (git-fixes). - drm/i915: Program MBUS with rmw during initialization (git-fixes). - drm/sun4i: Fix DE2 VI layer format support (git-fixes). - drm/sun4i: de2/de3: Remove unsupported VI layer formats (git-fixes). - drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime (git-fixes). - drm/i915/gvt: Separate display reset from ALL_ENGINES reset (git-fixes). - drm/amdgpu: Drop DRIVER_USE_AGP (git-fixes). - drm/i915: Wean off drm_pci_alloc/drm_pci_free (git-fixes). - drm/i915/gt: Protect defer_request() from new waiters (git-fixes). - drm/msm/dpu: fix BGR565 vs RGB565 confusion (git-fixes). - drm/amdgpu/gfx10: disable gfxoff when reading rlc clock (git-fixes). - drm/amdgpu/gfx9: disable gfxoff when reading rlc clock (git-fixes). - drm/amdgpu/soc15: fix xclk for raven (git-fixes). - drm/amd/display: Check engine is not NULL before acquiring (git-fixes). - drm/amd/display: Do not set optimized_require to false after plane disable (git-fixes). - drm/msm: Set dma maximum segment size for mdss (git-fixes). - drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_voltage (git-fixes). - drm/amdgpu/smu10: fix smu10_get_clock_by_type_with_latency (git-fixes). - drm/amdgpu/display: handle multiple numbers of fclks in dcn_calcs.c (v2) (git-fixes). - drm/amdkfd: Fix a bug in SDMA RLC queue counting under HWS mode (git-fixes). - drm/amd/display: do not allocate display_mode_lib unnecessarily (git-fixes). - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided (git-fixes). - drm/nouveau/mmu: fix comptag memory leak (git-fixes). - drm/amd/display: fixup DML dependencies (git-fixes). - drm/amd/display: Clear state after exiting fixed active VRR state (git-fixes). - drm/nouveau/fault/gv100-: fix memory leak on module unload (git-fixes). - drm/nouveau/drm/ttm: Remove set but not used variable 'mem' (git-fixes). - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw (git-fixes). - drm/mediatek: handle events when enabling/disabling crtc (git-fixes). - drm/amdkfd: Fix permissions of hang_hws (git-fixes). - drm/amdgpu: fix KIQ ring test fail in TDR of SRIOV (git-fixes). - drm: remove the newline for CRC source name (git-fixes). - drm/amdgpu: Ensure ret is always initialized when using SOC15_WAIT_ON_RREG (git-fixes). - drm/gma500: Fixup fbdev stolen size usage evaluation (git-fixes). - drm/fbdev: Fallback to non tiled mode if all tiles not present (git-fixes). - commit c42f713 - dma-buf: free dmabuf->name in dma_buf_release() (git-fixes). - dmaengine: imx-sdma: Fix the event id check to include RX event for UART6 (git-fixes). - dmaengine: imx-sdma: fix context cache (git-fixes). - dmaengine: coh901318: Fix a double lock bug in dma_tc_handle() (git-fixes). - clocksource: davinci: only enable clockevents once tim34 is initialized (git-fixes). - cmd64x: potential buffer overflow in cmd64x_program_timings() (git-fixes). - dmaengine: Store module owner in dma_device struct (git-fixes). - dmaengine: change alignment of mux_configure32 and fsl_edma_chan_mux (git-fixes). - commit b143f5d - net: bcmgenet: Clear ID_MODE_DIS in EXT_RGMII_OOB_CTRL when not needed (git-fixes). - dma-direct: relax addressability checks in dma_direct_supported (git-fixes). - kprobes: Set unoptimized flag after unoptimizing code (git-fixes). - dma-direct: don't check swiotlb=force in dma_direct_map_resource (git-fixes). - Refresh: patches.suse/dma-direct-exclude-dma_direct_map_resource-from-the-min_low_pfn-check.patch - dma/direct: turn ARCH_ZONE_DMA_BITS into a variable (git-fixes). - Refresh: patches.suse/dma-direct-avoid-a-forward-declaration-for-phys_to_dma.patch - Refresh: patches.suse/dma-mapping-treat-dev-bus_dma_mask-as-a-dma-limit.patch - Refresh: patches.suse/dma-mapping-treat-dev-bus_dma_mask-as-a-dma-limit.patch - commit ee87f08 - blacklist.conf: Add dma/imx-sdma entries that have been reverted - commit f53a68f - usb: core: hub: fix unhandled return by employing a void function (git-fixes). - commit 9ef677e - usb: core: port: do error out if usb_autopm_get_interface() fails (git-fixes). - usb: core: hub: do error out if usb_autopm_get_interface() fails (git-fixes). - staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi (git-fixes). - vt: vt_ioctl: fix race in VT_RESIZEX (git-fixes). - vt: fix scrollback flushing on background consoles (git-fixes). - USB: misc: iowarrior: add support for the 100 device (git-fixes). - usb: dwc2: Fix SET/CLEAR_FEATURE and GET_STATUS flows (git-fixes). - usb: dwc2: Fix in ISOC request length checking (git-fixes). - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus (git-fixes). - usb: dwc3: gadget: Check for IOC/LST bit in TRB->ctrl fields (git-fixes). - usb: gadget: udc-xilinx: Fix xudc_stop() kernel-doc format (git-fixes). - USB: misc: iowarrior: add support for the 28 and 28L devices (git-fixes). - USB: misc: iowarrior: add support for 2 OEMed devices (git-fixes). - USB: Fix novation SourceControl XL after suspend (git-fixes). - xhci: Fix memory leak when caching protocol extended capability PSI tables - take 2 (git-fixes). - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 (git-fixes). - USB: core: add endpoint-blacklist quirk (git-fixes). - usb: dwc3: debug: fix string position formatting mixup with ret and len (git-fixes). - USB: hub: Don't record a connect-change event during reset-resume (git-fixes). - usb: charger: assign specific number for enum value (git-fixes). - usb: uas: fix a plug & unplug racing (git-fixes). - USB: hub: Fix the broken detection of USB3 device in SMSC hub (git-fixes). - xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms (git-fixes). - xhci: fix runtime pm enabling for quirky Intel hosts (git-fixes). - xhci: Force Maximum Packet size for Full-speed bulk devices to valid range (git-fixes). - xprtrdma: Fix DMA scatter-gather list mapping imbalance (git-fixes). - uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol() (git-fixes). - usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue (git-fixes). - usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe() (git-fixes). - usb: dwc2: Fix IN FIFO allocation (git-fixes). - usbip: Fix unsafe unaligned pointer usage (git-fixes). - wan/hdlc_x25: fix skb handling (git-fixes). - wan: ixp4xx_hss: fix compile-testing on 64-bit (git-fixes). - watchdog/softlockup: Enforce that timestamp is valid on boot (git-fixes). - usb: dwc3: use proper initializers for property entries (git-fixes). - commit 7d830dc - tty: serial: fsl_lpuart: free IDs allocated by IDA (git-fixes). - spi: bcm63xx-hsspi: Really keep pll clk enabled (git-fixes). - spi: atmel-quadspi: fix possible MMIO window size overrun (git-fixes). - spi: spidev: Fix CS polarity if GPIO descriptors are used (git-fixes). - tty: serial: qcom_geni_serial: Fix RX cancel command failure (git-fixes). - tty: serial: imx: setup the correct sg entry for tx dma (git-fixes). - tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode (git-fixes). - thunderbolt: Prevent crash if non-active NVMem file is read (git-fixes). - tpm: Initialize crypto_id of allocated_banks to HASH_ALGO__LAST (git-fixes). - soc/tegra: fuse: Fix build with Tegra194 configuration (git-fixes). - tty: synclink_gt: Adjust indentation in several functions (git-fixes). - tty: synclinkmp: Adjust indentation in several functions (git-fixes). - commit f7b10ec - USB: pci-quirks: Add Raspberry Pi 4 quirk (bsc#1163560). - soc: bcm2835: Sync xHCI reset firmware property with downstream (bsc#1163560). - PCI: brcmstb: Wait for Raspberry Pi's firmware when present (bsc#1163560). - firmware: raspberrypi: Introduce vl805 init routine (bsc#1163560). - commit e30de5f - regulator: stm32-vrefbuf: fix a possible overshoot when re-enabling (git-fixes). - staging: rtl8723bs: Fix potential overuse of kernel memory (git-fixes). - staging: rtl8188eu: Fix potential overuse of kernel memory (git-fixes). - staging: rtl8723bs: Fix potential security hole (git-fixes). - staging: rtl8188eu: Fix potential security hole (git-fixes). - staging: rtl8723bs: fix copy of overlapping memory (git-fixes). - serial: 8250: Check UPF_IRQ_SHARED in advance (git-fixes). - serdev: ttyport: restore client ops on deregistration (git-fixes). - reset: uniphier: Add SCSSI reset control for each channel (git-fixes). - remoteproc: Initialize rproc_class before use (git-fixes). - staging: rtl8188: avoid excessive stack usage (git-fixes). - rtw88: fix rate mask for 1SS chip (git-fixes). - rtlwifi: rtl_pci: Fix -Wcast-function-type (git-fixes). - commit b3aad35 - phy: mapphone-mdm6600: Fix timeouts by adding wake-up handling (git-fixes). - phy: mapphone-mdm6600: Fix write timeouts with shorter GPIO toggle interval (git-fixes). - qmi_wwan: unconditionally reject 2 ep interfaces (git-fixes). - radeon: insert 10ms sleep in dce5_crtc_load_lut (git-fixes). - pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins (git-fixes). - pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs (git-fixes). - pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs (git-fixes). - r8169: check that Realtek PHY driver module is loaded (git-fixes). - commit 1f5e949 - PCI: Fix pci_add_dma_alias() bitmask size (git-fixes). - PCI: Increase D3 delay for AMD Ryzen5/7 XHCI controllers (git-fixes). - PCI: Add generic quirk for increasing D3hot delay (git-fixes). - PCI: iproc: Apply quirk_paxc_bridge() for module as well as built-in (git-fixes). - commit 124e17e - mac80211: Remove a redundant mutex unlock (git-fixes). - ipmi:ssif: Handle a possible NULL pointer reference (git-fixes). - mac80211: fix wrong 160/80+80 MHz setting (git-fixes). - mac80211: consider more elements in parsing CRC (git-fixes). - iwlwifi: mvm: Check the sta is not NULL in iwl_mvm_cfg_he_sta() (git-fixes). - iwlwifi: mvm: Fix thermal zone registration (git-fixes). - media: uvcvideo: Add a quirk to force GEO GC6500 Camera bits-per-pixel value (git-fixes). - media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run() (git-fixes). - media: i2c: mt9v032: fix enum mbus codes and frame sizes (git-fixes). - media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros (git-fixes). - media: cx23885: Add support for AVerMedia CE310B (git-fixes). - orinoco: avoid assertion in case of NULL pointer (git-fixes). - iwlegacy: Fix -Wcast-function-type (git-fixes). - ipw2x00: Fix -Wcast-function-type (git-fixes). - commit 57f0620 - PCI: brcmstb: Fix build on 32bit ARM platforms with older compilers (jsc#SLE-7772). - commit ca7a98f - delete: patches.suse/linux-log2-h-add-roundup-rounddown_pow_two64-family-of-functions.patch Not needed anymore - commit c7ab3e3 - update and move into sorted section: patches.suse/pci-brcmstb-add-msi-support.patch - commit 71e1948 - refresh and move into sorted section: patches.suse/pci-brcmstb-add-broadcom-stb-pcie-host-controller-driver.patch - commit b774a70 - drm/i915/execlists: Always force a context reload when rewinding RING_TAIL (bsc#1161207). - commit 8af101c - Refresh patches.suse/mm-hotplug-fix-page-online-with-debug_pagealloc-compiled-but-not-enabled.patch. - commit went mainline from a non-git maintainer repository, add proper metadata - commit e59a6b6 - blacklist.conf: Add input/rmi4 revert patch that was already blacklisted - commit 730af68 - i2c: altera: Fix potential integer overflow (git-fixes). - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list (git-fixes). - Input: synaptics - enable SMBus on ThinkPad L470 (git-fixes). - Input: synaptics - switch T470s to RMI4 by default (git-fixes). - Input: edt-ft5x06 - work around first register access error (git-fixes). - ide: serverworks: potential overflow in svwks_set_pio_mode() (git-fixes). - commit 99877db - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() (git-fixes). - HID: alps: Fix an error handling path in 'alps_input_configured()' (git-fixes). - HID: hiddev: Fix race in in hiddev_disconnect() (git-fixes). - HID: core: increase HID report buffer size to 8KiB (git-fixes). - HID: core: fix off-by-one memset in hid_report_raw_event() (git-fixes). - HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock (git-fixes). - commit 3cf2320 - floppy: check FDC index for errors before assigning it (CVE-2020-9383 bsc#1165111). - commit 47c6d94 - crypto: rename sm3-256 to sm3 in hash_algo_name (git-fixes). - driver core: platform: fix u32 greater or equal to zero comparison (git-fixes). - driver core: Print device when resources present in really_probe() (git-fixes). - driver core: platform: Prevent resouce overflow from causing infinite loops (git-fixes). - crypto: chtls - Fixed memory leak (git-fixes). - commit 934bfba - bus: ti-sysc: Fix 1-wire reset quirk (git-fixes). - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (git-fixes). - cfg80211: check wiphy driver existence for drvinfo report (git-fixes). - commit 518082f - ACPI: watchdog: Fix gas->access_width usage (git-fixes). - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro (git-fixes). - b43legacy: Fix -Wcast-function-type (git-fixes). - ACPI: button: Add DMI quirk for Razer Blade Stealth 13 late 2019 lid switch (git-fixes). - commit d4fdd22 - amdgpu/gmc_v9: save/restore sdpif regs during S3 (git-fixes). - ASoC: Intel: sof_rt5682: Ignore the speaker amp when there isn't one (git-fixes). - ASoC: soc-topology: fix endianness issues (git-fixes). - ASoC: SOF: Intel: hda: Add iDisp4 DAI (git-fixes). - ASoC: intel: sof_rt5682: Add support for tgl-max98357a-rt5682 (git-fixes). - ASoC: intel: sof_rt5682: Add quirk for number of HDMI DAI's (git-fixes). - ASoC: SOF: Intel: hda: Fix SKL dai count (git-fixes). - commit b3e9ee6 - ALSA: ctl: allow TLV read operation for callback type of element in locked case (git-fixes). - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status (git-fixes). - commit d5a4d9f - ASoC: wm8741: Fix typo in Kconfig prompt (git-fixes). - ASoC: SOF: Fix snd_sof_ipc_stream_posn() (git-fixes). - ASoC: dapm: Correct DAPM handling of active widgets during shutdown (git-fixes). - ASoC: Intel: Skylake: Fix available clock counter incrementation (git-fixes). - ASoC: meson: g12a: add tohdmitx reset (git-fixes). - ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path (git-fixes). - ASoC: soc-core: fix for_rtd_codec_dai_rollback() macro (git-fixes). - ASoC: topology: Fix memleak in soc_tplg_manifest_load() (git-fixes). - ASoC: topology: Fix memleak in soc_tplg_link_elems_load() (git-fixes). - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output (git-fixes). - ASoC: intel: skl: Fix possible buffer overflow in debug outputs (git-fixes). - ASoC: intel: skl: Fix pin debug prints (git-fixes). - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 (git-fixes). - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master (git-fixes). - ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1 (git-fixes). - ALSA: hda/realtek - Add Headset Mic supported (git-fixes). - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 (git-fixes). - commit 533eaf3 ++++ gcc10: - Update embedded newlib to newlib-3.3.0.tar.xz, drop old newlib-3.1.0.tar.xz - Enable support for amdgcn-amdhsa OpenMP/OpenACC offloading. ++++ policycoreutils: - Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines ++++ python-six: - use setuptools for building to support pip 10.x (bsc#1166139) ++++ selinux-policy: - New patches: * fix_accountsd.patch * fix_automount.patch * fix_colord.patch * fix_mcelog.patch * fix_sslh.patch * fix_nagios.patch * fix_openvpn.patch * fix_cron.patch * fix_usermanage.patch * fix_smartmon.patch * fix_geoclue.patch * suse_specific.patch Default systems should now work without selinuxuser_execmod - Removed xdm_entrypoint_pam.patch, necessary change is in fix_unconfineduser.patch - Enable SUSE specific settings again ------------------------------------------------------------------ ------------------ 2020-3-7 - Mar 7 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/pseries: fix of_read_drc_info_cell() to point at next record (bsc#1165980 ltc#183834). - commit 1ae6694 - libnvdimm/pfn_dev: Don't clear device memmap area during generic namespace probe (bsc#1165929 bsc#1165950 bsc#1166323). - commit dd773b9 ------------------------------------------------------------------ ------------------ 2020-3-6 - Mar 6 2020 ------------------- ------------------------------------------------------------------ ++++ gstreamer-plugins-base: - Add gstreamer-plugins-base-gl-deps.patch: Workaround incomplete gstreamer-gl.pc file, which is missing the (dynamic) dependency on wayland. ++++ kernel-default: - xfs: also remove cached ACLs when removing the underlying attr (bsc#1165873). - commit 8ec3453 - patches.suse/scsi-target-use-an-enum-to-track-emulate_ua_intlck_c.patch: (bsc#1163617). - patches.suse/scsi-target-convert-boolean-se_dev_attrib-types-to-b.patch: (bsc#1163617). - patches.suse/scsi-target-fix-unmap_zeroes_data-boolean-initialisa.patch: (bsc#1163617). - commit 182fa83 - sched/rt, workqueue: Use PREEMPTION (bsc#1162702). - sched/core: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, locking: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, mm: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, btrfs: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, fs: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, xen: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, net: Use CONFIG_PREEMPTION.patch (bsc#1162702). - sched/rt, xtensa: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, sparc: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, sh: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, s390: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, riscv: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, parisc: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, nios2: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, nds32: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, MIPS: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, microblaze: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, ia64: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, hexagon: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, h8300: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, csky: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, c6x: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, ARC: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, powerpc: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, arm64: Use CONFIG_PREEMPTION (bsc#1162702). - sched/rt, ARM: Use CONFIG_PREEMPTION (bsc#1162702). - rcu: Use CONFIG_PREEMPTION where appropriate (bsc#1162702). - m68k/coldfire: Use CONFIG_PREEMPTION (bsc#1162702). - backlight: Kconfig: jornada720: Use CONFIG_PREEMPTION (bsc#1162702). - drm/i810: Refer to `PREEMPTION' in comment (bsc#1162702). - media: cec-gpio: Use CONFIG_PREEMPTION (bsc#1162702). - commit d311e76 - x86/kvm: Use CONFIG_PREEMPTION (bsc#1162702). - x86/dumpstack: Indicate PREEMPT_RT in dumps (bsc#1162702). - x86: Use CONFIG_PREEMPTION (bsc#1162702). Refresh patches.suse/x86-xen-32-Make-xen_iret_crit_fixup-independent-of-f.patch - kprobes: Use CONFIG_PREEMPTION (bsc#1162702). - tracing: Use CONFIG_PREEMPTION (bsc#1162702). - locking/spinlocks: Use CONFIG_PREEMPTION (bsc#1162702). - rcu: Use CONFIG_PREEMPTION (bsc#1162702). - sched/preempt: Use CONFIG_PREEMPTION where appropriate (bsc#1162702). Refresh patches.suse/sched-fair-Rework-load_balance.patch - commit 6a43532 - selftests: Install settings files to fix TIMEOUT failures (git-fixes). - commit b511dec - powerpc/smp: Use nid as fallback for package_id (bsc#1165813 ltc#184091). - commit 6ff58c9 - update powerpc fadump patches - update to version in maintainer repository and move into sorted section: Refresh patches.suse/powerpc-fadump-sysfs-for-fadump-memory-reservation.patch. patches.suse/powerpc-fadump-sysfs-for-fadump-memory-reservation.patch patches.suse/Documentation-ABI-add-ABI-documentation-for-sys-kern.patch -> patches.suse/Documentation-ABI-Add-ABI-documentation-for-sys-kern.patch patches.suse/Documentation-ABI-mark-sys-kernel-fadump_-sysfs-file.patch -> patches.suse/Documentation-ABI-Mark-sys-kernel-fadump_-sysfs-file.patch patches.suse/powerpc-fadump-reorganize-sys-kernel-fadump_-sysfs-f.patch -> patches.suse/powerpc-fadump-Reorganize-sys-kernel-fadump_-sysfs-f.patch patches.suse/powerpc-powernv-move-core-and-fadump_release_opalcor.patch -> patches.suse/powerpc-powernv-Move-core-and-fadump_release_opalcor.patch patches.suse/sysfs-wrap-__compat_only_sysfs_link_entry_to_kobj-fu.patch -> patches.suse/sysfs-Wrap-__compat_only_sysfs_link_entry_to_kobj-fu.patch - commit 3b382c0 - treewide: remove redundant IS_ERR() before error code check (bsc#1156395). - Refresh patches.suse/sysfs-wrap-__compat_only_sysfs_link_entry_to_kobj-fu.patch. - commit 4eaa7b9 - powerpc/book3s64: Fix error handling in mm_iommu_do_alloc() (bsc#1156395). - commit aca1a7b - series.conf: cleanup - move unsortable patches out of sorted section No effect on expanded tree. - commit 6151f14 - fix patch metadata - fix Patch-mainline: patches.suse/cifs-Use-define-in-cifs_dbg.patch patches.suse/cifs-add-missing-mount-option-to-proc-mounts.patch patches.suse/cifs-don-t-leak-EAGAIN-for-stat-during-reconnect.patch patches.suse/cifs-fix-potential-mismatch-of-UNC-paths.patch patches.suse/cifs-fix-rename-by-ensuring-source-handle-opened-wit.patch patches.suse/fs-cifs-Initialize-filesystem-timestamp-ranges.patch - commit ec2b8cb - update patches.suse/powerpc-drmem-avoid-NULL-pointer-dereference-when-dr.patch - update to version from maintainer repository and move into sorted section - commit 9c11a0c - fix patch metadata - fix Patch-mainline: patches.suse/0001-mac80211-pass-the-vif-to-cancel_remain_on_channel.patch - commit a0c00c0 - scsi: fnic: do not queue commands during fwreset (bsc#1146539). - commit c38dde7 ++++ libcontainers-common: - New snaphot (bsc#1165917) - Update to image 5.2.1 * Add documentation about rewriting docker.io registries * Add registries warning to registries.conf - Update to libpod 1.8.0 * Fixed some spelling errors in oci-hooks documentations * include containers-mounts.conf(5) man-page into the package - Update to storage 1.16.1 * Add `rootless_storage_path` directive to storage.conf * Add better documentation for the mount_program in overlay driver ++++ Mesa: - cleanup in specfile: get rid of is_opensuse macro, which is no longer needed at all (jira#PM-1623) ++++ gcc10: - Update to master head (655e5c29ae4080666154b3e10ac81116a1b7a638). - Re-add gcc9-reproducible-builds.patch and gcc9-reproducible-builds-buildid-for-checksum.patch. ++++ yast2: - Allow to restore the vertical scroll of a CWM::RichText (related to bsc#1049965) - 4.2.70 - Read the list of network service properly, no matter where it is stored (bsc#1162853). - 4.2.69 - Skip repository reloading at installation to avoid unselecting products to install (bsc#1165501) - 4.2.68 ------------------------------------------------------------------ ------------------ 2020-3-5 - Mar 5 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Update to v2.0.11 - log: reject --log-tag with k8s-file - chmod std files pipes - adjust score to -1000 to prevent conmon from ever being OOM killed - container OOM: verify cgroup hasn't been cleaned up before reporting OOM ++++ glibc: - ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487) ++++ kernel-default: - Delete patches which cause regression (bsc#1165527 ltc#184149). - Delete patches.suse/powerpc-avoid-adjusting-memory_limit-for-capture-ker.patch. - Delete patches.suse/powerpc-reserve-memory-for-capture-kernel-after-huge.patch. - commit f7abbd0 - iwlwifi: mvm: fix potential SKB leak on TXQ TX (git-fixes). - commit 1ac0a4b - iwlwifi: mvm: remove last leftovers of d0i3 (git-fixes). - commit dde7e54 - iwlwifi: mvm: remove d0i3_ap_sta_id (git-fixes). - commit fd2b562 - iwlwifi: mvm: remove the d0i3 entry/exit flow (git-fixes). - commit 84ff808 - tick/common: Make tick_periodic() check for missing ticks (bsc#1164534). - commit 4d65090 - iwlwifi: mvm: remove the tx defer for d0i3 (git-fixes). - commit ec16006 - iwlwifi: remove all the d0i3 references (git-fixes). - commit beb11dd - iwlwifi: mvm: start to remove the code for d0i3 (git-fixes). - commit 4ff93db - mac80211: pass the vif to cancel_remain_on_channel (git-fixes). - commit f9393f5 - rxrpc: Fix service call disconnection (git-fixes). - commit 4266941 - blktrace: Protect q->blk_trace with RCU (bsc#1159285 CVE-2019-19768). - commit c44e53f - gtp: use __GFP_NOWARN to avoid memalloc warning (networking-stable-20_02_05). - l2tp: Allow duplicate session creation with UDP (networking-stable-20_02_05). - net: hsr: fix possible NULL deref in hsr_handle_frame() (networking-stable-20_02_05). - net: stmmac: Delete txtimer in suspend() (networking-stable-20_02_05). - rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect (networking-stable-20_02_05). - rxrpc: Fix missing active use pinning of rxrpc_local object (networking-stable-20_02_05). - rxrpc: Fix insufficient receive notification generation (networking-stable-20_02_05). - rxrpc: Fix use-after-free in rxrpc_put_local() (networking-stable-20_02_05). - tcp: clear tp->segs_{in|out} in tcp_disconnect() (networking-stable-20_02_05). - tcp: clear tp->data_segs{in|out} in tcp_disconnect() (networking-stable-20_02_05). - tcp: clear tp->delivered in tcp_disconnect() (networking-stable-20_02_05). - tcp: clear tp->total_retrans in tcp_disconnect() (networking-stable-20_02_05). - commit 3758fff - net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec (git-fixes). - net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port (git-fixes). - commit 7361c96 - udp: segment looped gso packets correctly (networking-stable-20_01_30). - rxrpc: Fix use-after-free in rxrpc_receive_data() (networking-stable-20_01_30). - net_sched: ematch: reject invalid TCF_EM_SIMPLE (networking-stable-20_01_30). - net: include struct nhmsg size in nh nlmsg size (networking-stable-20_01_30). - net_sched: walk through all child classes in tc_bind_tclass() (networking-stable-20_01_30). - net_sched: fix ops->bind_class() implementations (networking-stable-20_01_30). - commit a2d67cb ++++ podman: - Added SLE specific README.SUSE about current support status (jsc#SLE-9112, jsc#CAASP-60) - Configure br_netfilter for podman automatically (boo#1165738) ++++ salt: - Use full option name instead of undocumented abbreviation for zypper - Requiring python3-distro only for openSUSE/SLE >= 15 - Added: * use-full-option-name-instead-of-undocumented-abbrevi.patch - python-distro is only needed for > Python 3.7. Removing it for Python 2 ------------------------------------------------------------------ ------------------ 2020-3-4 - Mar 4 2020 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - Update to v0.7.7 - make sure the destination is deleted before doing a rename(2). It prevents a left over directory to cause delete to fail with EEXIST. - honor --debug. ++++ kernel-default: - smb3: Fix regression in time handling (bsc#1164565). - commit 76489e8 - fs: cifs: Initialize filesystem timestamp ranges (bsc#1164565). - commit 4bd8d12 - fs: cifs: Fix atime update check vs mtime (bsc#1164565). - commit 0137273 - drm/mediatek: disable all the planes in atomic_disable (bsc#1152489) - commit beb3e57 - drm/mcde: Some fixes to handling video mode (bsc#1152472) - commit 29f754d - drm: rcar-du: Recognize "renesas,vsps" in addition to "vsps" (bsc#1152489) - commit 56e3aa3 - net: bcmgenet: Use netif_tx_napi_add() for TX NAPI (networking-stable-20_01_27). - commit 9e56daf - blacklist.conf: Append 'drm/radeon: fix bad DMA from INTERRUPT_CNTL2' - commit b3a8eb6 - net: systemport: Fixed queue mapping in internal ring map (networking-stable-20_01_20). - net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec (networking-stable-20_01_20). - net: dsa: sja1105: Don't error out on disabled ports with no phy-mode (networking-stable-20_01_20). - net: dsa: tag_qca: fix doubled Tx statistics (networking-stable-20_01_20). - net: dsa: tag_gswip: fix typo in tagger name (networking-stable-20_01_20). - net: ethernet: ave: Avoid lockdep warning (networking-stable-20_01_20). - net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info (networking-stable-20_01_20). - hv_netvsc: Fix memory leak when removing rndis device (networking-stable-20_01_20). - commit 7f37dbf - blacklist.conf: Append 'drm/amdgpu: fix license on Kconfig and Makefiles' - commit 5173cd9 - blacklist.conf: Append 'drm/amd/display: add default clocks if not able to fetch them' - commit 666a2d4 - blacklist.conf: Append 'drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2' - commit 1874918 - blacklist.conf: Append 'Revert "drm/amdgpu: Set no-retry as default."' - commit b4576bc - blacklist.conf: Append 'drm/amdgpu/smu: add metrics table lock for arcturus (v2)' - commit f64b7b2 - fix patch metadata - fix Patch-mainline: patches.suse/0001-crypto-atmel-Fix-build-error-of-CRYPTO_AUTHENC.patch patches.suse/0001-tools-lib-traceevent-Remove-unneeded-qsort-and-uses-.patch patches.suse/0001-usb-host-xhci-update-event-ring-dequeue-pointer-on-p.patch - commit d776890 - drm/amdgpu: remove redundant variable r and redundant return (bsc#1152489) - commit 9635a45 - supported.conf: mark hinic driver supported (bsc#1165618) - commit d183caf - drm/amdgpu: remove ras_reserve_vram in ras injection (bsc#1152489) - commit e39df99 - drm/amdgpu/discovery: reserve discovery data at the top of VRAM (bsc#1152489) - commit 87c3ae9 - drm/amdgpu: add invalidate semaphore limit for SRIOV and picasso in (bsc#1152472) - commit 8bb0283 - drm/amdgpu: avoid using invalidate semaphore for picasso (bsc#1152472) - commit 7a93979 - drm/amdgpu: invalidate mmhub semaphore workaround in gmc9/gmc10 (bsc#1152472) - commit f513a95 - drm/amdgpu: initialize vm_inv_eng0_sem for gfxhub and mmhub (bsc#1152472) - commit cc4b76c - drm/amdgpu/gfx10: re-init clear state buffer after gpu reset (bsc#1152472) - commit 8c64b3d - drm/amdgpu: cleanup creating BOs at fixed location (v2) (bsc#1152489) - commit 633a2a8 - samples/bpf: Don't try to remove user's homedir on clean (bsc#1155518). - samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach (bsc#1155518). - commit 11d150a - PCI: pciehp: Add DMI table for in-band presence detection disabled (bnc#1162576 jsc#SLE-11112). - PCI: pciehp: Wait for PDS if in-band presence is disabled (bnc#1162576 jsc#SLE-11112). - PCI: pciehp: Disable in-band presence detect when possible (bnc#1162576 jsc#SLE-11112). - commit 6963c35 - bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill (bsc#1155518). - samples: bpf: Drop doubled variable declaration in xdpsock (bsc#1155518). - samples/bpf: xdpsock: Add option to specify transmit fill pattern (bsc#1155518). - samples/bpf: xdpsock: Add option to specify tx packet size (bsc#1155518). - samples/bpf: xdpsock: Add option to specify number of packets to send (bsc#1155518). - samples/bpf: xdpsock: Add option to specify batch size (bsc#1155518). - samples/bpf: xdpsock: Use common code to handle signal and main exit (bsc#1155518). - samples/bpf: xdpsock: Add duration option to specify how long to run (bsc#1155518). - riscv, bpf: Fix broken BPF tail calls (bsc#1155518). - samples/bpf: Attach XDP programs in driver mode by default (bsc#1155518). - libbpf: Don't attach perf_buffer to offline/missing CPUs (bsc#1155518). - libbpf: Extract and generalize CPU mask parsing logic (bsc#1155518). - samples/bpf: Add missing option to xdpsock usage (bsc#1155518). - samples/bpf: Remove duplicate option from xdpsock (bsc#1155518). - samples/bpf: Use Rx-only and Tx-only sockets in xdpsock (bsc#1155518). - samples/bpf: Add XDP_SHARED_UMEM support to xdpsock (bsc#1155518). - samples: bpf: update map definition to new syntax BTF-defined map (bsc#1155518). - samples/bpf: Trivial - fix spelling mistake in usage (bsc#1155518). - samples/bpf: fix xdpsock l2fwd tx for unaligned mode (bsc#1155518). - samples/bpf: use hugepages in xdpsock app (bsc#1155518). - samples/bpf: add buffer recycling for unaligned chunks to xdpsock (bsc#1155518). - samples/bpf: add unaligned chunks mode support to xdpsock (bsc#1155518). - samples/bpf: add use of need_wakeup flag in xdpsock (bsc#1155518). - samples/bpf: make xdp_fwd more practically usable via devmap lookup (bsc#1155518). - samples/bpf: xdp_fwd rename devmap name to be xdp_tx_ports (bsc#1155518). - commit ebecd6a ++++ openssl-1_1: - Limit the DRBG selftests to not deplete entropy (bsc#1165274) * update openssl-fips_selftest_upstream_drbg.patch ++++ makedumpfile: - makedumpfile-arm64-VA-range-SUSE.patch: Fix error processing core files on arm64 (bsc#1142715). ++++ salt: - Avoid possible user escalation upgrading salt-master (bsc#1157465) (CVE-2019-18897) - Fix unit tests failures in test_batch_async tests - Added: * fix-unit-tests-for-batch-async-after-refactor.patch ++++ raspberrypi-firmware-dt: - Add emmc2bus.patch needed for 32bit DMA support on newer bcm2711 revisions (bsc#1165143) ++++ wicked: - version 0.6.63 - spec: fix old libwicked package provides/obsoletes (bsc#1165180) - ipv6: support to apply stable secret ifsysctl (jsc#SLE-6960) ------------------------------------------------------------------ ------------------ 2020-3-3 - Mar 3 2020 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-16-ed897a1090cafb678f75dbed8802bd671d3c1921.patch get_kernel_version: fix for current kernel on s390x (from azouhr) (bsc#1151023) (bsc#1139939) - Add patch git-17-fe967bddbd74af9aba435900878397c0c7ea0b0b.patch added "-h"/"--help" to "old" command (from Bernhard Lang) - Add patch git-18-bb11f02d5dd940803c08d25b0cfd3650d9de7d41.patch change feedback url from http://www.suse.de/feedback to https://github.com/openSUSE/aaa_base/issues ++++ dracut: - Update to version 049.1+git125.e2b2c9ef: * 01fips: handle SHA1 on machines without AVX (bsc#1160318) * Update: 90kernel-modules: Add PCI host controller modules (boo#1162669) ++++ open-iscsi: - Merged in latest upstream (2.1.1), which is mainly a bug-fix release over 2.1.0, including changing the test suite from shell-based to python3-based, replacing open-iscsi.2.1.0-suse.tar.bz2 with open-iscsi-2.1.1-suse.tar.bz2 and resetting open-iscsi-SUSE-latest-diff.bz2 ++++ kernel-default: - supported.conf: fix broken dependencies Recently added modules mscc_felix and tag_ocelot are marked as supported but depend on unsupported modules dsa_core and mscc_ocelot_common which breaks dependencies in aarch64 kernel-default package and therefore also aarch64/default and aarch/preempt build. Mark dsa_core and mscc_ocelot_common as supported as well. - commit 102e871 - cifs: do d_move in rename (bsc#1164565). - commit 500b81b - cifs: add SMB2_open() arg to return POSIX data (bsc#1164565). - commit ee82400 - cifs: plumb smb2 POSIX dir enumeration (bsc#1164565). - commit 3127734 - cifs: add smb2 POSIX info level (bsc#1164565). - commit 0cbf023 - cifs: rename posix create rsp (bsc#1164565). - commit 4b07bca - cifs: print warning once if mounting with vers=1.0 (bsc#1164565). - commit a59d8f7 - smb3: fix performance regression with setting mtime (bsc#1164565). - commit 4e529a9 - cifs: make use of cap_unix(ses) in cifs_reconnect_tcon() (bsc#1164565). - commit 5e21989 - cifs: use mod_delayed_work() for &server->reconnect if already queued (bsc#1164565). - commit b9b1327 - cifs: call wake_up(&server->response_q) inside of cifs_reconnect() (bsc#1164565). - commit 7684617 - cifs: handle prefix paths in reconnect (bsc#1164565). - commit 62ccc7c - cifs: potential unintitliazed error code in cifs_getattr() (bsc#1164565). - commit a4ddb9f - cifs: do not ignore the SYNC flags in getattr (bsc#1164565). - commit fc2ab55 - cifs: Use #define in cifs_dbg (bsc#1164565). - commit 12c009d - cifs: fix rename() by ensuring source handle opened with DELETE bit (bsc#1164565). - commit 270fcbb - cifs: add missing mount option to /proc/mounts (bsc#1164565). - commit 3115514 - Drop patches.suse/qla2xxx-Enable-T10-DIF-with-FC-NVMe-enabled.patch The driver update to 10.01.00.25-k replaces the dropped patch. - commit d25382d - scsi: qla2xxx: Update driver version to 10.01.00.25-k (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Set Nport ID for N2N (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Handle NVME status iocb correctly (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove restriction of FC T10-PI and FC-NVMe (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Serialize fc_port alloc in N2N (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix NPIV instantiation after FW dump (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix RDP respond data format (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Force semaphore on flash validation failure (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: add more FW debug information (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Update BPM enablement semantics (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: fix FW resource count values (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use a dedicated interrupt handler for 'handshake-required' ISPs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Return appropriate failure through BSG Interface (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Improved secure flash support messages (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix FCP-SCSI FC4 flag passing error (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use FC generic update firmware options routine for ISP27xx (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Avoid setting firmware options twice in 24xx_update_fw_options (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add 16.0GT for PCI String (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Convert MAKE_HANDLE() from a define into an inline function (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix sparse warnings triggered by the PCI state checking code (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Suppress endianness complaints in qla2x00_configure_local_loop() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Simplify the code for aborting SCSI commands (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix sparse warning reported by kbuild bot (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit 54d9078 - Refresh patches.suse/scsi-ibmvfc-Avoid-loss-of-all-paths-during-SVC-node-.patch. - commit f3b4108 - cifs: fix potential mismatch of UNC paths (bsc#1164565). - commit 47e9729 - cifs: don't leak -EAGAIN for stat() during reconnect (bsc#1164565). - commit 8f37e30 - tools/testing/nvdimm: Fix compilation failure without CONFIG_DEV_DAX_PMEM_COMPAT (bsc#1159523). - commit 08c88c8 - mlxsw: pci: Wait longer before accessing the device after reset (bsc#1154488). - sched: act: count in the size of action flags bitfield (bsc#1154353). - net: genetlink: return the error code when attribute parsing fails (bsc#1154353). - commit 28120f1 - powercap/intel_rapl: add support for TigerLake Mobile (bsc#1164993, bsc#1165102). - commit aa3d1d3 - usb: host: xhci: update event ring dequeue pointer on purpose (git-fixes). - commit fbca080 - fix patch metadata - fix Patch-mainline: patches.suse/acpi-watchdog-allow-disabling-wdat-at-boot.patch patches.suse/acpi-watchdog-set-default-timeout-in-probe.patch - commit b455329 ++++ libselinux: - Update to version 3.0 * Ignore the stem when looking up all matches in file context * Save digest of all partial matches for directory * Use Python distutils to install SELinux python bindings * ensure that digest_len is not zero * fix string conversion of unknown perms * mark all exported function "extern" Dropped Use-Python-distutils-to-install-SELinux.patch, included upstream ++++ libsemanage: - Update to version 3.0 * Add support for DCCP and SCTP protocols * include internal header to use the hidden function prototypes * mark all exported function "extern" * optionally optimize policy on rebuild Refreshed suse_path.patch ++++ libsepol: - Update to version 3.0 * cil: Allow validatetrans rules to be resolved * cil: Report disabling an optional block only at high verbose levels * cil: do not dereference perm_value_to_cil when it has not been allocated * cil: fix mlsconstrain segfault * Further improve binary policy optimization * Make an unknown permission an error in CIL * Remove cil_mem_error_handler() function pointer * Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping * Add a function to optimize kernel policy * Add ebitmap_for_each_set_bit macro Dropped fnocommon.patch as it's included upstream ++++ libvirt: - qemu: Allow format probing under special circumstances ae9e6c2a-qemu-allow-cond-format-probe.patch bsc#1165588 ++++ mdadm: - Update for latest mdadm-4.1+ patches, this is required by jsc#SLE-10078 and jsc#SLE-9348. Mostly the purpose is for latest Intel IMSM raid support. The following patches also include previous patches with new re-ordered prefix numbers. - Makefile: install mdadm_env.sh to /usr/lib/mdadm (bsc#1111960) 0000-Makefile-install-mdadm_env.sh-to-usr-lib-mdadm.patch - Assemble: keep MD_DISK_FAILFAST and MD_DISK_WRITEMOSTLY flag (jsc#SLE-10078, jsc#SLE-9348) 0001-Assemble-keep-MD_DISK_FAILFAST-and-MD_DISK_WRITEMOST.patch - Document PART-POLICY lines (jsc#SLE-10078, jsc#SLE-9348) 0002-Document-PART-POLICY-lines.patc - policy: support devices with multiple paths. (jsc#SLE-10078, jsc#SLE-9348) 0003-policy-support-devices-with-multiple-paths.patch - mdcheck: add systemd unit files to run mdcheck. (bsc#1115407) 0004-mdcheck-add-systemd-unit-files-to-run-mdcheck.patch - Monitor: add system timer to run --oneshot periodically (bsc#1115407) 0005-Monitor-add-system-timer-to-run-oneshot-periodically.patch - imsm: update metadata correctly while raid10 double (jsc#SLE-10078, jsc#SLE-9348) 0006-imsm-update-metadata-correctly-while-raid10-double-d.patch - Assemble: mask FAILFAST and WRITEMOSTLY flags when finding (jsc#SLE-10078, jsc#SLE-9348) 0007-Assemble-mask-FAILFAST-and-WRITEMOSTLY-flags-when-fi.patch - Grow: avoid overflow in compute_backup_blocks() (jsc#SLE-10078, jsc#SLE-9348) 0008-Grow-avoid-overflow-in-compute_backup_blocks.patch - Grow: report correct new chunk size. (jsc#SLE-10078, jsc#SLE-9348) 0009-Grow-report-correct-new-chunk-size.patch - policy.c: prevent NULL pointer referencing (bsc#1106078) 0010-policy.c-prevent-NULL-pointer-referencing.patch - policy.c: Fix for compiler error (jsc#SLE-10078, jsc#SLE-9348) 0012-policy.c-Fix-for-compiler-error.patch - imsm: finish recovery when drive with rebuild fails (bsc#1126975) 0013-imsm-finish-recovery-when-drive-with-rebuild-fails.patch - imsm: fix reshape for >2TB drives (jsc#SLE-10078, jsc#SLE-9348) 0014-imsm-fix-reshape-for-2TB-drives.patch - Fix spelling typos. (jsc#SLE-10078, jsc#SLE-9348) 0015-Fix-spelling-typos.patch - Detail.c: do not skip first character when calling xstrdup in Detail() (bsc#1123814) 0016-Detail.c-do-not-skip-first-character-when-calling-xs.patch - Fix reshape for decreasing data offset (jsc#SLE-10078, jsc#SLE-9348) 0018-Fix-reshape-for-decreasing-data-offset.patch - mdadm/tests: add one test case for failfast of raid1 (jsc#SLE-10078, jsc#SLE-9348) 0019-mdadm-tests-add-one-test-case-for-failfast-of-raid1.patch - mdmon: don't attempt to manage new arrays when terminating (bsc#1127526) 0020-mdmon-don-t-attempt-to-manage-new-arrays-when-termin.patch - mdmon: wait for previous mdmon to exit during takeover (jsc#SLE-10078, jsc#SLE-9348) 0021-mdmon-wait-for-previous-mdmon-to-exit-during-takeove.patch - Assemble: Fix starting array with initial reshape checkpoint (jsc#SLE-10078, jsc#SLE-9348) 0022-Assemble-Fix-starting-array-with-initial-reshape-che.patch - add missing units to --examine (jsc#SLE-10078, jsc#SLE-9348) 0023-add-missing-units-to-examine.patch - imsm: fix spare activation for old matrix arrays (jsc#SLE-10078, jsc#SLE-9348) 0024-imsm-fix-spare-activation-for-old-matrix-arrays.patch - Create: Block rounding size to max (jsc#SLE-10078, jsc#SLE-9348) 0025-Create-Block-rounding-size-to-max.patch - udev: Add udev rules to create by-partuuid for md device (jsc#SLE-10078, jsc#SLE-9348) 0026-udev-Add-udev-rules-to-create-by-partuuid-for-md-dev.patch - mdmon: fix wrong array state when disk fails during mdmon (jsc#SLE-10078, jsc#SLE-9348) 0027-mdmon-fix-wrong-array-state-when-disk-fails-during-m.patch - Enable probe_roms to scan more than 6 roms. (bsc#1156040) 0028-Enable-probe_roms-to-scan-more-than-6-roms.patch - super-intel: Fix issue with abs() being irrelevant (jsc#SLE-10078, jsc#SLE-9348) 0029-super-intel-Fix-issue-with-abs-being-irrelevant.patch - mdadm.h: Introduced unaligned {get,put}_unaligned{16,32}() (jsc#SLE-10078, jsc#SLE-9348) 0030-mdadm.h-Introduced-unaligned-get-put-_unaligned-16-3.patch - super-intel: Use put_unaligned in split_ull (jsc#SLE-10078, jsc#SLE-9348) 0031-super-intel-Use-put_unaligned-in-split_ull.patch - mdadm: load default sysfs attributes after assemblation (jsc#SLE-10078, jsc#SLE-9348) 0032-mdadm-load-default-sysfs-attributes-after-assemblati.patch - mdadm.h: include sysmacros.h unconditionally (jsc#SLE-10078, jsc#SLE-9348) 0033-mdadm.h-include-sysmacros.h-unconditionally.patch - mdadm: add --no-devices to avoid component devices detail (bsc#1139709) 0034-mdadm-add-no-devices-to-avoid-component-devices-deta.patch - udev: add --no-devices option for calling 'mdadm (bsc#1139709) 0035-udev-add-no-devices-option-for-calling-mdadm-detail.patch - imsm: close removed drive fd. (jsc#SLE-10078, jsc#SLE-9348) 0036-imsm-close-removed-drive-fd.patch - mdadm: check value returned by snprintf against errors (jsc#SLE-10078, jsc#SLE-9348) 0037-mdadm-check-value-returned-by-snprintf-against-error.patch - mdadm: Introduce new array state 'broken' for raid0/linear (jsc#SLE-10078, jsc#SLE-9348) 0038-mdadm-Introduce-new-array-state-broken-for-raid0-lin.patch - mdadm: force a uuid swap on big endian (jsc#SLE-10078, jsc#SLE-9348) 0039-mdadm-force-a-uuid-swap-on-big-endian.patch - mdadm/md.4: add the descriptions for bitmap sysfs nodes (jsc#SLE-10078, jsc#SLE-9348) 0040-mdadm-md.4-add-the-descriptions-for-bitmap-sysfs-nod.patch - Init devlist as an array (jsc#SLE-10078, jsc#SLE-9348) 0041-Init-devlist-as-an-array.patch - Don't need to check recovery after re-add when no I/O writes (jsc#SLE-10078, jsc#SLE-9348) 0042-Don-t-need-to-check-recovery-after-re-add-when-no-I-.patch - udev: allow for udev attribute reading bug. (jsc#SLE-10078, jsc#SLE-9348) 0043-udev-allow-for-udev-attribute-reading-bug.patch - imsm: save current_vol number (jsc#SLE-10078, jsc#SLE-9348) 0044-imsm-save-current_vol-number.patch - imsm: allow to specify second volume size (jsc#SLE-10078, jsc#SLE-9348) 0045-imsm-allow-to-specify-second-volume-size.patch - mdcheck: when mdcheck_start is enabled, enable (bsc#1153258) 0046-mdcheck-when-mdcheck_start-is-enabled-enable-mdcheck.patch - mdcheck: use ${} to pass variable to mdcheck (bsc#1153258) 0050-mdcheck-use-to-pass-variable-to-mdcheck.patch - SUSE-mdadm_env.sh: handle MDADM_CHECK_DURATION (bsc#1153258) 0051-SUSE-mdadm_env.sh-handle-MDADM_CHECK_DURATION.patch - super-intel: don't mark structs 'packed' unnecessarily (jsc#SLE-10078, jsc#SLE-9348) 0052-super-intel-don-t-mark-structs-packed-unnecessarily.patch - Manage: Remove the legacy code for md driver prior to 0.90.03 (jsc#SLE-10078, jsc#SLE-9348) 0053-Manage-Remove-the-legacy-code-for-md-driver-prior-to.patch - Remove last traces of HOT_ADD_DISK (jsc#SLE-10078, jsc#SLE-9348) 0054-Remove-last-traces-of-HOT_ADD_DISK.patch - Fix up a few formatting issues (jsc#SLE-10078, jsc#SLE-9348) 0055-Fix-up-a-few-formatting-issues.patch - Remove unused code (jsc#SLE-10078, jsc#SLE-9348) 0056-Remove-unused-code.patch - imsm: return correct uuid for volume in detail (jsc#SLE-10078, jsc#SLE-9348) 0057-imsm-return-correct-uuid-for-volume-in-detail.patch - imsm: Change the way of printing nvme drives in (jsc#SLE-10078, jsc#SLE-9348) 0058-imsm-Change-the-way-of-printing-nvme-drives-in-detai.patch - Create: add support for RAID0 layouts. (bsc#1162479) 0059-Create-add-support-for-RAID0-layouts.patch - Assemble: add support for RAID0 layouts. (bsc#1162479) 0060-Assemble-add-support-for-RAID0-layouts.patch - Respect $(CROSS_COMPILE) when $(CC) is the default (jsc#SLE-10078, jsc#SLE-9348) 0061-Respect-CROSS_COMPILE-when-CC-is-the-default.patch - Change warning message (jsc#SLE-10078, jsc#SLE-9348) 0062-Change-warning-message.patch - mdcheck service can't start succesfully because of syntax (jsc#SLE-10078, jsc#SLE-9348) 0063-mdcheck-service-can-t-start-succesfully-because-of-s.patch - imsm: Update grow manual. (jsc#SLE-10078, jsc#SLE-9348) 0064-imsm-Update-grow-manual.patch - Add support for Tebibytes (jsc#SLE-10078, jsc#SLE-9348) 0065-Add-support-for-Tebibytes.patch - imsm: fill working_disks according to metadata. (jsc#SLE-10078, jsc#SLE-9348) 0066-imsm-fill-working_disks-according-to-metadata.patch - mdadm.8: add note information for raid0 growing operation (bsc#1129900) 0067-mdadm.8-add-note-information-for-raid0-growing-opera.patch - Remove the legacy whitespace (jsc#SLE-10078, jsc#SLE-9348) 0068-Remove-the-legacy-whitespace.patch - imsm: pass subarray id to kill_subarray function (jsc#SLE-10078, jsc#SLE-9348) 0069-imsm-pass-subarray-id-to-kill_subarray-function.patch - imsm: Remove --dump/--restore implementation (jsc#SLE-10078, jsc#SLE-9348) 0070-imsm-Remove-dump-restore-implementation.patch - Rename the following patches, they will be listed with new re-ordered prefix number in following commit, 0001-Document-PART-POLICY-lines.patch 0001-Makefile-install-mdadm_env.sh-to-usr-lib-mdadm.patch 0002-policy-support-devices-with-multiple-paths.patch 0003-mdcheck-add-systemd-unit-files-to-run-mdcheck.patch 0004-Monitor-add-system-timer-to-run-oneshot-periodically.patch 0005-imsm-update-metadata-correctly-while-raid10-double-d.patch 0006-Grow-avoid-overflow-in-compute_backup_blocks.patch 0007-Grow-report-correct-new-chunk-size.patch 0008-policy.c-prevent-NULL-pointer-referencing.patch 0009-Detail.c-do-not-skip-first-character-when-calling-xs.patch 0010-imsm-finish-recovery-when-drive-with-rebuild-fails.patch 0011-mdmon-don-t-attempt-to-manage-new-arrays-when-termin.patch 0012-mdadm-add-no-devices-to-avoid-component-devices-deta.patch 0013-udev-add-no-devices-option-for-calling-mdadm-detail.patch 0021-mdcheck-when-mdcheck_start-is-enabled-enable-mdcheck.patch 0022-mdcheck-use-to-pass-variable-to-mdcheck.patch 0023-SUSE-mdadm_env.sh-handle-MDADM_CHECK_DURATION.patch 0024-Create-add-support-for-RAID0-layouts.patch 0025-Assemble-add-support-for-RAID0-layouts.patch 0026-Enable-probe_roms-to-scan-more-than-6-roms.patch 1002-mdadm.8-add-note-information-for-raid0-growing-opera.patch ++++ mozilla-nspr: - update to version 4.25 * fixed reading files larger than 4 GB on Win32 * added support for Xtensa architecture ++++ policycoreutils: - Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch ++++ supportutils: - Addition to version 3.1.8 + Changes affecting getappcore - Added -u for HTTPS and -f for FTPES uploads to SUSE FTP servers - Replaced Novell with SUSE FTP servers (bsc#1165475) - Uses /etc/getappcore.conf if present + Changes affecting supportconfig - Added missed Power collection per bsc#1162539 - Added zypper patterns output to updates.txt #66 ++++ transactional-update: - Update to version 2.20.3 - Reintroduce compatibility with RPM < 4.15 for inclusion in SLE / Leap 15.2 - Prepare for removal of /var/lib/alternatives [jsc#SLE-9101] ------------------------------------------------------------------ ------------------ 2020-3-2 - Mar 2 2020 ------------------- ------------------------------------------------------------------ ++++ catatonit: - Update to catatonit v0.1.5, which fixes two bugs where catatonit would hang endlessly when pid1 died in very specific ways. bsc#1176155 ++++ kernel-default: - KVM: arm64: pmu: Reset sample period on overflow handling (bsc#1133021). - KVM: arm64: pmu: Set the CHAINED attribute before creating the in-kernel event (bsc#1133021). - arm64: KVM: Handle PMCR_EL0.LC as RES1 on pure AArch64 systems (bsc#1133021). - KVM: arm64: pmu: Fix cycle counter truncation (bsc#1133021). - commit d9abd96 - powerpc/pseries: update device tree before ejecting hotplug uevents (bsc#1165404 ltc#183498). - powerpc/pseries: group lmb operation and memblock's (bsc#1165404 ltc#183498). - commit 6d4f5d6 - ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551). - commit 7015eca - cifs: make sure we do not overflow the max EA buffer size (bsc#1164565). - commit 187fa15 - cifs: enable change notification for SMB2.1 dialect (bsc#1164565). - commit 18efac6 - cifs: Fix mode output in debugging statements (bsc#1164565). - commit 921b85b - smb3: Add defines for new information level, FileIdInformation (bsc#1164565). - commit 6421d32 - smb3: print warning once if posix context returned on open (bsc#1164565). - commit 1c772a2 - smb3: add one more dynamic tracepoint missing from strict fsync path (bsc#1164565). - commit 756599a - cifs: fix mode bits from dir listing when mounted with modefromsid (bsc#1164565). - commit 577afbb - cifs: add SMB3 change notification support (bsc#1164565). - commit fd3741d - cifs: fix soft mounts hanging in the reconnect code (bsc#1164565). - commit bd3733d - cifs: Add tracepoints for errors on flush or fsync (bsc#1164565). - commit c47bf63 - cifs: log warning message (once) if out of disk space (bsc#1164565). - commit 0a33490 - cifs: fail i/o on soft mounts if sessionsetup errors out (bsc#1164565). - commit 79eff03 - smb3: fix problem with null cifs super block with previous patch (bsc#1164565). - commit 4f17f73 - SMB3: Backup intent flag missing from some more ops (bsc#1164565). - commit cea0ba2 - cifs: fix soft mounts hanging in the reconnect code (bsc#1164565). - commit 53d1815 - CIFS: Fix task struct use-after-free on reconnect (bsc#1164565). - commit d8da619 - cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1164565). - commit ae626b0 - cifs: add support for fallocate mode 0 for non-sparse files (bsc#1164565). - commit 0bd12eb - cifs: fix NULL dereference in match_prepath (bsc#1164565). - commit 0dec827 - smb3: fix default permissions on new files when mounting with modefromsid (bsc#1164565). - commit 5854994 - CIFS: Add support for setting owner info, dos attributes, and create time (bsc#1164565). - commit fc7a4ec - cifs: remove set but not used variable 'server' (bsc#1164565). - commit d7bd290 - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() (bsc#1164565). - commit 2e77717 - cifs: Fix mount options set in automount (bsc#1164565). - commit 23cc00f - cifs: fix unitialized variable poential problem with network I/O cache lock patch (bsc#1164565). - commit 683e390 - cifs: Fix return value in __update_cache_entry (bsc#1164565). - commit 0d6d00e - cifs: Avoid doing network I/O while holding cache lock (bsc#1164565). - commit 21b1bb8 - cifs: Fix potential deadlock when updating vol in cifs_reconnect() (bsc#1164565). - commit 7f4c5eb - cifs: Merge is_path_valid() into get_normalized_path() (bsc#1164565). - commit 90e6c2e - cifs: Introduce helpers for finding TCP connection (bsc#1164565). - commit 278b9d9 - cifs: Get rid of kstrdup_const()'d paths (bsc#1164565). - commit 136ec9a - cifs: Clean up DFS referral cache (bsc#1164565). - commit b1680d8 - cifs: set correct max-buffer-size for smb2_ioctl_init() (bsc#1164565). - commit 4203783 - cifs: use compounding for open and first query-dir for readdir() (bsc#1164565). - commit e47a329 - cifs: create a helper function to parse the query-directory response buffer (bsc#1164565). - commit 0960f35 - cifs: prepare SMB2_query_directory to be used with compounding (bsc#1164565). - commit f065422 - fs/cifs/cifssmb.c: use true,false for bool variable (bsc#1164565). - commit dd0ed6f - fs/cifs/smb2ops.c: use true,false for bool variable (bsc#1164565). - commit 21e8ec0 - cifs: Optimize readdir on reparse points (bsc#1164565). - commit 1966fae - cifs: Adjust indentation in smb2_open_file (bsc#1164565). - commit 331c9ed - CIFS: Close cached root handle only if it has a lease (bsc#1164565). - commit 47dfff5 - SMB3: Fix crash in SMB2_open_init due to uninitialized field in compounding path (bsc#1164565). - commit 4b50b8c - smb3: fix refcount underflow warning on unmount when no directory leases (bsc#1164565). - commit 39393bb - smb3: improve check for when we send the security descriptor context on create (bsc#1164565). - commit 4083b73 - smb3: fix mode passed in on create for modetosid mount option (bsc#1164565). - commit c05fc9d - smb3: query attributes on file close (bsc#1164565). - commit 6280b64 - smb3: remove unused flag passed into close functions (bsc#1164565). - commit 1cc8c7f - cifs: remove redundant assignment to pointer pneg_ctxt (bsc#1164565). - commit e68dc80 - CIFS: fix a white space issue in cifs_get_inode_info() (bsc#1164565). - commit 10fc15b - cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1164565). - commit 22772da - cifs: Fix potential softlockups while refreshing DFS cache (bsc#1164565). - commit 694eb6e - cifs: Fix lookup of root ses in DFS referral cache (bsc#1164565). - commit 2cf9686 - cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1164565). - commit d57d122 - smb3: dump in_send and num_waiters stats counters by default (bsc#1164565). - commit e81c291 - CIFS: Properly process SMB3 lease breaks (bsc#1164565). - commit 579b98d - CIFS: refactor cifs_get_inode_info() (bsc#1164565). - commit 0b80dd7 - cifs: don't use 'pre:' for MODULE_SOFTDEP (bsc#1164565). - commit 44b1acc - cifs: smbd: Return -EAGAIN when transport is reconnecting (bsc#1164565). - commit 44743f5 - cifs: smbd: Only queue work for error recovery on memory registration (bsc#1164565). - commit 4c66f23 - smb3: add debug messages for closing unmatched open (bsc#1164565). - commit 47f85b3 - CIFS: Do not miss cancelled OPEN responses (bsc#1164565). - commit 6d9d8e6 - CIFS: Fix NULL pointer dereference in mid callback (bsc#1164565). - commit 220efe8 - CIFS: Close open handle after interrupted close (bsc#1164565). - commit a0e0f78 - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1164565). - commit 5d00439 - smb3: remove confusing dmesg when mounting with encryption ("seal") (bsc#1164565). - commit 26d3f50 - cifs: close the shared root handle on tree disconnect (bsc#1164565). - commit 5fba990 - CIFS: Return directly after a failed build_path_from_dentry() in cifs_do_create() (bsc#1164565). - commit 5bdda87 - CIFS: Use common error handling code in smb2_ioctl_query_info() (bsc#1164565). - commit 7c9d0d2 - CIFS: Use memdup_user() rather than duplicating its implementation (bsc#1164565). - commit ac9ac99 - cifs: smbd: Return -ECONNABORTED when trasnport is not in connected state (bsc#1164565). - commit 1d4896f - cifs: smbd: Add messages on RDMA session destroy and reconnection (bsc#1164565). - commit c884cac - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE (bsc#1164565). - commit 342a436 - cifs: smbd: Invalidate and deregister memory registration on re-send for direct I/O (bsc#1164565). - commit 95bdb07 - cifs: Don't display RDMA transport on reconnect (bsc#1164565). - commit 901256b - CIFS: remove set but not used variables 'cinode' and 'netfid' (bsc#1164565). - commit da66a8f - cifs: add support for flock (bsc#1164565). - commit 61dc219 - cifs: remove unused variable 'sid_user' (bsc#1164565). - commit 5c64672 - cifs: rename a variable in SendReceive() (bsc#1164565). - commit 054c459 - fix memory leak in large read decrypt offload (bsc#1164565). - commit 7880d1c - Revert "Revert "sign also s390x kernel images (bsc#1163524)"" This reverts commit 6326fe1a81221fb3ce28ff84532bd48a182f7731. pesign should now be able to sign s390 kernels. - commit e9175e5 - blacklist.conf: Blacklist unsupported ppc platforms. - commit b290d11 - net/ethtool: Introduce link_ksettings API for virtual network devices (bsc#1136157 ltc#177197). Delete patches.suse/ibmveth-Update-ethtool-settings-to-reflect-virtual-p.patch. - ethtool: Factored out similar ethtool link settings for virtual devices to core (bsc#1136157 ltc#177197). - commit 4638559 - Refresh patches.suse/acpi-watchdog-allow-disabling-wdat-at-boot.patch. - Refresh patches.suse/acpi-watchdog-set-default-timeout-in-probe.patch. Add upstream commit IDs and move to the sorted section. - commit 678d8e6 - hv_netvsc: Fix unwanted wakeup in netvsc_attach() (git-fixes). - commit c3cdac3 - smb3: remove noisy debug message and minor cleanup (bsc#1164565). - commit f116adb - smb3: cleanup some recent endian errors spotted by updated sparse (bsc#1164565). - commit b63cc8a - smb3: missing ACL related flags (bsc#1164565). - commit ddcd4e7 - smb3: pass mode bits into create calls (bsc#1164565). - commit 9e90af4 - smb3: Add missing reparse tags (bsc#1164565). - commit 631f1b0 - fs/cifs/sess.c: Remove set but not used variable 'capabilities' (bsc#1164565). - commit e4f316a - fs/cifs/smb2pdu.c: Make SMB2_notify_init static (bsc#1164565). - commit 1781460 - smb3: allow decryption keys to be dumped by admin for debugging (bsc#1164565). - commit 449f80c - cifs: modefromsid: write mode ACE first (bsc#1164565). - commit 6f29db0 - smb3: add missing worker function for SMB3 change notify (bsc#1164565). - commit c88cd2a - cifs: modefromsid: make room for 4 ACE (bsc#1164565). - commit 41e2c7e - smb3: fix potential null dereference in decrypt offload (bsc#1164565). - commit cc2bebe - smb3: display max smb3 requests in flight at any one time (bsc#1164565). - commit 2b340ea - smb3: only offload decryption of read responses if multiple requests (bsc#1164565). - Refresh patches.suse/cifs-move-cifsFileInfo_put-logic-into-a-work-queue.patch. - commit 8d8b9e0 - smb3: enable offload of decryption of large reads via mount option (bsc#1164565). - commit c0c0dd0 - smb3: allow parallelizing decryption of reads (bsc#1164565). - Refresh patches.suse/cifs-move-cifsFileInfo_put-logic-into-a-work-queue.patch. - commit dbfeff1 - cifs: add a debug macro that prints \\server\share for errors (bsc#1164565). - commit fd241c6 - smb3: allow skipping signature verification for perf sensitive configurations (bsc#1164565). - commit dd9ca23 - smb3: add dynamic tracepoints for flush and close (bsc#1164565). - commit b3d48ee - smb3: log warning if CSC policy conflicts with cache mount option (bsc#1164565). - commit 633ceea - smb3: add mount option to allow RW caching of share accessed by only 1 client (bsc#1164565). - commit 79b4f8c - smb3: add some more descriptive messages about share when mounting cache=ro (bsc#1164565). - commit fc6a23b - smb3: add mount option to allow forced caching of read only share (bsc#1164565). - commit 30b7183 - cifs: fix dereference on ses before it is null checked (bsc#1164565). - commit 30243d5 - cifs: add new debugging macro cifs_server_dbg (bsc#1164565). - Refresh patches.suse/CIFS-Fix-retry-mid-list-corruption-on-reconnects.patch. - commit 894b13c - cifs: remove set but not used variables (bsc#1164565). - commit 147b525 - cifs: remove unused variable (bsc#1164565). - commit b38b168 - cifs: remove redundant assignment to variable rc (bsc#1164565). - commit a3fa732 - smb3: add missing flag definitions (bsc#1164565). - commit 344e8bd - cifs: add passthrough for smb2 setinfo (bsc#1164565). - commit 046be6b - cifs: allow chmod to set mode bits using special sid (bsc#1164565). - commit fc541ed - cifs: get mode bits from special sid on stat (bsc#1164565). - commit 5c3507b - fs: cifs: cifsssmb: remove redundant assignment to variable ret (bsc#1164565). - commit 79247fd - cifs: fix a comment for the timeouts when sending echos (bsc#1164565). - commit d69504d ++++ gcc10: - Update to master head (778a77357cad11e8dd4c810544330af0fbe843b1). * Includes fix for binutils version parsing [gcc#93965] ++++ libzypp: - Fix package status computation regarding unneeded, orphaned, recommended and suggested packages (broken in 17.23.0) (bsc#1165476) - version 17.23.1 (22) ++++ permissions: - run testsuite during package build - Update to version 20181224: * testsuite: adapt expected behavior to legacy branches * adjust testsuite to post CVE-2020-8013 link handling * testsuite: add option to not mount /proc * do not follow symlinks that are the final path element: CVE-2020-8013, bsc#1163922 * add a test for symlinked directories * fix relative symlink handling * regtest: fix the static PATH list which was missing /usr/bin * regtest: also unshare the PID namespace to support /proc mounting * Makefile: force remove upon clean target to prevent bogus errors * regtest: by default automatically (re)build chkstat before testing * regtest: add test for symlink targets * regtest: make capability setting tests optional * regtest: fix capability assertion helper logic * regtests: add another test case that catches set*id or caps in world-writable sub-trees * regtest: add another test that catches when privilege bits are set for special files * regtest: add test case for user owned symlinks * regtest: employ subuid and subgid feature in user namespace * regtest: add another test case that covers unknown user/group config * regtest: add another test that checks rejection of insecure mixed-owner paths * regtest: add test that checks for rejection of world-writable paths * regtest: add test for detection of unexpected parent directory ownership * regtest: add further helper functions, allow access to main instance * regtest: introduce some basic coloring support to improve readability * regtest: sort imports, another piece of rationale * regtest: add capability test case * regtest: improve error flagging of test cases and introduce warnings * regtest: support caps * regtest: add a couple of command line parameter test cases * regtest: add another test that checks whether the default profile works * regtests: add tests for correct application of local profiles * regtest: add further test cases that test correct profile application * regtest: simplify test implementation and readability * regtest: add helpers for permissions.d per package profiles * regtest: support read-only bind mounts, also bind-mount permissions repo * tests: introduce a regression test suite for chkstat ++++ salt: - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU starvation of the MWorkers (bsc#1162327) - RHEL/CentOS 8 uses platform-python instead of python3 - Enable build for Python 3.8 - Added: * batch_async-avoid-using-fnmatch-to-match-event-217.patch * apply-patch-from-upstream-to-support-python-3.8.patch * batch-async-catch-exceptions-and-safety-unregister-a.patch ++++ supportutils: - Addition to version 3.1.7 + exclude /proc/pagetypeinfo as it can be an expensive operation on some systems (bsc#1162357) + Readded LPM/DLPAR data for Power (bsc#1162539) ------------------------------------------------------------------ ------------------ 2020-2-29 - Feb 29 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (bsc#1161951 ltc#183551). - commit fd62623 ------------------------------------------------------------------ ------------------ 2020-2-28 - Feb 28 2020 ------------------- ------------------------------------------------------------------ ++++ grub2: - Add secure boot support for s390x. (jsc#SLE-9425) * grub2-s390x-11-secureboot.patch ++++ kernel-default: - pinctrl: bcm2835: Add support for all GPIOs on BCM2711 (bsc#1164722). - commit ac59893 - pinctrl: bcm2835: Refactor platform data (bsc#1164722). - pinctrl: bcm2835: Drop unused define (bsc#1164722). - commit 1089640 - Refresh: patches.suse/thermal-add-bcm2711-thermal-driver.patch - commit 15ec939 - supported.conf: sort Fix order of entries. - commit b92122c - supported.conf: mark GVE supported (jsc#SLE10540, bsc#1165245) - commit 87b5d1a - dmaengine: make mux_configure32 static (jsc#SLE-9263). - commit b01a9f4 - net: dsa: felix: use dsa_switch_alloc() (jsc#SLE-9263). - commit 1190849 ++++ libxml2: - Security fix: [bsc#1161521, CVE-2019-20388] * Memory leak in xmlSchemaPreRun in xmlschemas.c - Add libxml2-CVE-2019-20388.patch ++++ openssh: - Don't recommend xauth to avoid pulling in X. ++++ permissions: - Update to version 20181224: * whitelist WMP (bsc#1161335) * Makefile: allow to build test version programmatically * chkstat: handle symlinks in final path elements correctly * add .gitignore for chkstat binary * faxq-helper: correct "secure" permission for trusted group (bsc#1157498) * fix syntax of paranoid profile ++++ raspberrypi-firmware: - Add rpi4-gpio-names overlay so as to have a consistent way to access GPIOs (bsc#1164722) ++++ raspberrypi-firmware-config: - Add rpi4-gpio-names overlay so as to have a consistent way to access GPIOs (bsc#1164722) ++++ raspberrypi-firmware-dt: - Add rpi4-gpio-names-overlay.dts so as to have a consistent way to access GPIOs, as opposed to sysfs (bsc#1164722) ++++ wpa_supplicant: - Adjust the service to start after network.target wrt bsc#1165266 ------------------------------------------------------------------ ------------------ 2020-2-27 - Feb 27 2020 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - vgreduce --removemissing with cache devices will remove lvs (bsc#1157736) + bug-1157736-add-suggestion-message-for-mirror-LVs.patch ++++ growpart: - Update to version 0.31 (bsc#1164736) + mount-image-callback: mount with -o 'rw' or -o 'ro' (LP: #1663722) + mount-image-callback: run blockdev and udevadm settle on nbd devices. (LP: #1741096, 1741300) + mount-image-callback: Drop support for mounting lxd containers. (LP: #1715994) + growpart: fix bug that stopped GPT disks from being grown past 2TB. (LP: #1762748) + mount-image-callback: mention --help and -C/--cd-mountpoint in Usage + growpart: fix bug when resizing a middle partition with sgdisk (LP: #1706751) [Fred De Backer] + growpart: Resolve symbolic links before operating. [Kevin Locke] (LP: #1744406) + growpart: fix bug occurring if start sector and size were the same. [Lars Kellogg-Stedman] (LP: #1807171) + debian/control: drop Suggests on lxc1 + debian/tests/control: add test growpart-start-matches-size. + White space cleanup. Remove trailing space and tabs. + Move to git. ++++ kernel-default: - x86/mce/amd: Fix kobject lifetime (bsc#1152489). - x86/mce/amd: Publish the bank pointer only after setup has succeeded (bsc#1152489). - commit 218de4e - x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF (bsc#1152489). - commit a161705 - scsi: qla2xxx: Update driver version to 10.01.00.24-k (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use QLA_FW_STOPPED macro to propagate flag (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add fixes for mailbox command (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix control flags for login/logout IOCB (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Save rscn_gen for new fcport (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use correct ISP28xx active FW region (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Print portname for logging in qla24xx_logio_entry() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix qla2x00_echo_test() based on ISP type (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Correction to selection of loopback/echo test (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use endian macros to assign static fields in fwdump header (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix RDP response size (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Handle cases for limiting RDP response payload length (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add deferred queue for processing ABTS and RDP (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Cleanup ELS/PUREX iocb fields (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Show correct port speed capabilities for RDP command (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Display message for FCE enabled (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add vendor extended FDMI commands (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add ql2xrdpenable module parameter for RDP (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add vendor extended RDP additions and amendments (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add changes in preparation for vendor extended FDMI/RDP (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add endianizer macro calls to fc host stats (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add sysfs node for D-Port Diagnostics AEN data (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Move free of fcport out of interrupt context (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add beacon LED config sysfs interface (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Check locking assumptions at runtime in qla2x00_abort_srb() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit d0cdedd - Refresh series.conf - commit b45c83a - gpio: mpc8xxx: ls1088a/ls1028a edge detection mode bug fixs (jsc#SLE-9263). - dmaengine: fsl-edma: Add eDMA support for QorIQ LS1028A platform (jsc#SLE-9263). - dmaengine: fsl-edma: add i.mx7ulp edma2 version support (jsc#SLE-9263). - commit 2aac33b - net: stmmac: Fixed link does not need MDIO Bus (git-fixes). - commit c15f5f6 - clk: ls1028a: fix a dereference of pointer 'parent' before a null check (jsc#SLE-9263). - clk: ls1028a: Fix warning on clamp() usage (jsc#SLE-9263). - clk: ls1028a: Add clock driver for Display output interface (jsc#SLE-9263). - commit b49745f - net: stmmac: dwmac-sun8i: Allow all RGMII modes (networking-stable-20_01_11). - net: stmmac: dwmac-sunxi: Allow all RGMII modes (networking-stable-20_01_11). - net: dsa: mv88e6xxx: Preserve priority when setting CPU port (networking-stable-20_01_11). - net: freescale: fec: Fix ethtool -d runtime PM (networking-stable-20_01_11). - commit 292d79c - Update config files. turn {arm64,x86_64}/preempt to diff config against default flavor. - commit 79606c0 - net: dsa: felix: Use PHY_INTERFACE_MODE_INTERNAL instead of GMII (jsc#SLE-9263). - commit 6cfa413 - net: dsa: sja1105: Reconcile the meaning of TPID and TPID2 for E/T and P/Q/R/S (networking-stable-20_01_01). - net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs (networking-stable-20_01_01). - net/dst: do not confirm neighbor for vxlan and geneve pmtu update (networking-stable-20_01_01). - sit: do not confirm neighbor when do pmtu update (networking-stable-20_01_01). - vti: do not confirm neighbor when do pmtu update (networking-stable-20_01_01). - tunnel: do not confirm neighbor when do pmtu update (networking-stable-20_01_01). - net/dst: add new function skb_dst_update_pmtu_no_confirm (networking-stable-20_01_01). - gtp: do not confirm neighbor when do pmtu update (networking-stable-20_01_01). - ip6_gre: do not confirm neighbor when do pmtu update (networking-stable-20_01_01). - net: add bool confirm_neigh parameter for dst_ops.update_pmtu (networking-stable-20_01_01). - net: dsa: bcm_sf2: Fix IP fragment location and behavior (networking-stable-20_01_01). - gtp: avoid zero size hashtable (networking-stable-20_01_01). - gtp: fix an use-after-free in ipv4_pdp_find() (networking-stable-20_01_01). - gtp: fix wrong condition in gtp_genl_dump_pdp() (networking-stable-20_01_01). - gtp: do not allow adding duplicate tid and ms_addr pdp context (networking-stable-20_01_01). - vhost/vsock: accept only packets with the right dst_cid (networking-stable-20_01_01). - commit f17afc0 - net: stmmac: platform: Fix MDIO init for platforms without PHY (networking-stable-19_12_28). - selftests: forwarding: Delete IPv6 address at the end (networking-stable-19_12_28). - sctp: fully initialize v4 addr in some functions (networking-stable-19_12_28). - commit 6abcdbd ++++ kernel-default-base: - Add tcp_diag, needed by openslp ++++ lvm2: - vgreduce --removemissing with cache devices will remove lvs (bsc#1157736) + bug-1157736-add-suggestion-message-for-mirror-LVs.patch ++++ parted: - make parted work with pmemXs devices (bsc#1164260) ++++ policycoreutils: - Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available ++++ raspberrypi-firmware: - Remove rpi4-pcie-ib-size-fix as raspberrypi-firwamre-dt removed it (bsc#1165143) ++++ raspberrypi-firmware-config: - Remove rpi4-pcie-ib-size-fix as raspberrypi-firwamre-dt removed it (bsc#1165143) ++++ raspberrypi-firmware-dt: - Replace PCIE overlay rpi4-pcie-ib-size-fix-overlay.dts with patch pcie-dma-ranges.patch, as RPI's firmware scans/alters that value before applying overlays (bsc#1165143) ------------------------------------------------------------------ ------------------ 2020-2-26 - Feb 26 2020 ------------------- ------------------------------------------------------------------ ++++ gstreamer-plugins-base: - Enable meson build conditionally for Tumbleweed. ++++ kernel-default: - net: dsa: felix: fix link error (jsc#SLE-9263). - enetc: Fix inconsistent IS_ERR and PTR_ERR (jsc#SLE-9263). - commit 77d3fbd - enable CRYPTO_TEST on arm64, as it is on all other architectures. (bsc#1164254) - commit a8c6955 - rpm/package-descriptions: garbege collection remove old ARM and Xen flavors. - commit bda0360 - Revert "sign also s390x kernel images (bsc#1163524)" This reverts commit b38b61155f0a2c3ebca06d4bb0c2e11a19a87f1f. As further discussion revealed, this change depends on changes in pesign-obs-integration package which are not ready yet so that it breaks s390x binary builds at the moment. - commit 6326fe1 - Created new preempt kernel flavor (jsc#SLE-11309) Configs are cloned from the respective $arch/default configs. All changed configs appart from CONFIG_PREEMPT->y are a result of dependencies, namely many lock/unlock primitives are no longer inlined in the preempt kernel. TREE_RCU has been also changed to PREEMPT_RCU which is the default implementation for PREEMPT kernel. - commit f994874 - EDAC/mc: Fix use-after-free and memleaks during device removal (jsc#SLE-9482). - EDAC/sysfs: Remove csrow objects on errors (jsc#SLE-9482). - commit 9698f66 ++++ openssl-1_1: - Run FIPS DRBG selftests against the crypto/rand DRBG implementation (bsc#1164557) * add openssl-fips_selftest_upstream_drbg.patch ++++ transactional-update: - Update to version 2.20.2 - Use full names for zypper options [bsc#1164543] - Ignore /var/lib/rpm in shadowed file output - Optimize create-dirs-from-rpmdb ++++ wicked: - version 0.6.62 - dhcp4: discard lease on client-id mismatch (CVE-2020-7217,bsc#1160906) - dhcp4: free lease on response without message type (CVE-2020-7216,bsc#1160905) - dhcp6: don't add free'd IA to ia_pd_list on T1>T2 (CVE-2019-18903,bsc#1160904) - dhcp6: fix use-after-free on option parsing failure (CVE-2019-18902,bsc#1160903) - utils: don't reject NULL var array names/keys breaking wicked duid dump - routes: schema fix to avoid not applying rto_min incl. new time format (bsc#1160939) - systemd: order start wicked after network-pre.target and openvswitch.service start - packaging: use pkgconfig(libsystemd) instead of systemd-devel - misc bug fixes by Malte Kraus including undefined behaviour, memory access alignment - corrections, use-after-free, missed initialization and format errors ++++ yast2: - Updated docu for SysctlConfig class (bsc#1151649). ------------------------------------------------------------------ ------------------ 2020-2-25 - Feb 25 2020 ------------------- ------------------------------------------------------------------ ++++ glibc: - pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184) ++++ kernel-default: - net/mlx5: DR, Handle reformat capability over sw-steering tables (jsc#SLE-8464). - net/mlx5e: Don't clear the whole vf config when switching modes (jsc#SLE-8464). - net/mlx5: DR, Fix matching on vport gvmi (jsc#SLE-8464). - net/mlx5e: Fix crash in recovery flow without devlink reporter (jsc#SLE-8464). - net/mlx5e: Reset RQ doorbell counter before moving RQ state from RST to RDY (jsc#SLE-8464 bsc#1163335). - bonding: fix lockdep warning in bond_get_stats() (bsc#1154353 bnc#1151927). - bonding: add missing netdev_update_lockdep_key() (bsc#1154353). - net: add strict checks in netdev_name_node_alt_destroy() (bsc#1154353). - net: rtnetlink: fix bugs in rtnl_alt_ifname() (bsc#1154353). - commit 1a3940e - net: mscc: fix in frame extraction (jsc#SLE-9263). - net: dsa: felix: Allow PHY to AN 10/100/1000 with 2500 serdes link (jsc#SLE-9263). - net: dsa: felix: Handle PAUSE RX regardless of AN result (jsc#SLE-9263). - net: dsa: felix: Don't error out on disabled ports with no phy-mode (jsc#SLE-9263). - net: dsa: felix: Don't restart PCS SGMII AN if not needed (jsc#SLE-9263). - net: dsa: felix: Set USXGMII link based on BMSR, not LPA (jsc#SLE-9263). - net: dsa: felix: Add PCS operations for PHYLINK (jsc#SLE-9263). - net: mscc: ocelot: export ANA, DEV and QSYS registers to include/soc/mscc (jsc#SLE-9263). - net: mscc: ocelot: make phy_mode a member of the common struct ocelot_port (jsc#SLE-9263). - enetc: Set MDIO_CFG_HOLD to the recommended value of 2 (jsc#SLE-9263). - enetc: Make MDIO accessors more generic and export to include/linux/fsl (jsc#SLE-9263). - net: dsa: Pass pcs_poll flag from driver to PHYLINK (jsc#SLE-9263). - net: phylink: add support for polling MAC PCS (jsc#SLE-9263). - net: phylink: make QSGMII a valid PHY mode for in-band AN (jsc#SLE-9263). - mii: Add helpers for parsing SGMII auto-negotiation (jsc#SLE-9263). - net: dsa: ocelot: add NET_VENDOR_MICROSEMI dependency (jsc#SLE-9263). - net: mscc: ocelot: unregister the PTP clock on deinit (jsc#SLE-9263). - net: mscc: ocelot: use skb queue instead of skbs list (jsc#SLE-9263). - net: mscc: ocelot: avoid incorrect consuming in skbs list (jsc#SLE-9263). - net: dsa: ocelot: fix "should it be static?" warnings (jsc#SLE-9263). - net: dsa: ocelot: add hardware timestamping support for Felix (jsc#SLE-9263). - net: dsa: ocelot: define PTP registers for felix_vsc9959 (jsc#SLE-9263). - net: mscc: ocelot: convert to use ocelot_port_add_txtstamp_skb() (jsc#SLE-9263). - net: mscc: ocelot: convert to use ocelot_get_txtstamp() (jsc#SLE-9263). - net: mscc: ocelot: export ocelot_hwstamp_get/set functions (jsc#SLE-9263). - net: dsa: felix: Fix CPU port assignment when not last port (jsc#SLE-9263). - net: dsa: ocelot: add driver for Felix switch family (jsc#SLE-9263). - net: dsa: ocelot: add tagger for Ocelot/Felix switches (jsc#SLE-9263). - net: mscc: ocelot: publish ocelot_sys.h to include/soc/mscc (jsc#SLE-9263). - net: mscc: ocelot: publish structure definitions to include/soc/mscc/ocelot.h (jsc#SLE-9263). - net: mscc: ocelot: separate the implementation of switch reset (jsc#SLE-9263). - net: mscc: ocelot: adjust MTU on the CPU port in NPI mode (jsc#SLE-9263). - net: mscc: ocelot: export a constant for the tag length in bytes (jsc#SLE-9263). - net: mscc: ocelot: create a helper for changing the port MTU (jsc#SLE-9263). - net: mscc: ocelot: move invariant configs out of adjust_link (jsc#SLE-9263). - net: mscc: ocelot: filter out ocelot SoC specific PCS config from common path (jsc#SLE-9263). - net: mscc: ocelot: move resource ioremap and regmap init to common code (jsc#SLE-9263). - net: mscc: ocelot: don't hardcode the number of the CPU port (jsc#SLE-9263). - net: mscc: ocelot: split assignment of the cpu port into a separate function (jsc#SLE-9263). - net: mscc: ocelot: refactor adjust_link into a netdev-independent function (jsc#SLE-9263). - net: mscc: ocelot: initialize list of multicast addresses in common code (jsc#SLE-9263). - net: mscc: ocelot: separate the common implementation of ndo_open and ndo_stop (jsc#SLE-9263). - net: mscc: ocelot: move port initialization into separate function (jsc#SLE-9263). - net: mscc: ocelot: limit vlan ingress filtering to actual number of ports (jsc#SLE-9263). - net: mscc: ocelot: refactor ethtool callbacks (jsc#SLE-9263). - net: mscc: ocelot: separate net_device related items out of ocelot_port (jsc#SLE-9263). - net: mscc: ocelot: refactor struct ocelot_port out of function prototypes (jsc#SLE-9263). - net: mscc: ocelot: change prototypes of switchdev port attribute handlers (jsc#SLE-9263). - net: mscc: ocelot: change prototypes of hwtstamping ioctls (jsc#SLE-9263). - net: mscc: ocelot: break out fdb operations into abstract implementations (jsc#SLE-9263). - net: mscc: ocelot: break apart vlan operations into ocelot_vlan_{add, del} (jsc#SLE-9263). - net: mscc: ocelot: break apart ocelot_vlan_port_apply (jsc#SLE-9263). - net: mscc: PTP Hardware Clock (PHC) support (jsc#SLE-9263). - net: mscc: remove the frame_info cpuq member (jsc#SLE-9263). - net: mscc: improve the frame header parsing readability (jsc#SLE-9263). - net: mscc: describe the PTP register range (jsc#SLE-9263). - commit 79f7160 - Refresh patches.suse/sched-fair-Take-into-account-runnable_avg-to-classify-group.patch. - Refresh patches.suse/sched-fair-reorder-enqueue-dequeue_task_fair-path.patch. - Refresh patches.suse/sched-numa-Bias-swapping-tasks-based-on-their-preferred-node.patch. - Refresh patches.suse/sched-numa-Distinguish-between-the-different-task_numa_migrate-failure-cases.patch. - Refresh patches.suse/sched-numa-Find-an-alternative-idle-CPU-if-the-CPU-is-part-of-an-active-NUMA-balance.patch. - sched/numa: Prefer using an idle CPU as a migration target instead of comparing tasks (bnc#1155798 (CPU scheduler functional and performance backports)). - Refresh patches.suse/sched-numa-Stop-an-exhastive-search-if-a-reasonable-swap-candidate-or-idle-CPU-is-found.patch. - Refresh patches.suse/sched-numa-Trace-when-no-candidate-CPU-was-found-on-the-preferred-node.patch. - Refresh patches.suse/sched-numa-Use-similar-logic-to-the-load-balancer-for-moving-between-domains-with-spare-capacity.patch. - Refresh patches.suse/sched-numa-replace-runnable_load_avg-by-load_avg.patch. - Refresh patches.suse/sched-pelt-Add-a-new-runnable-average-signal.patch. - Refresh patches.suse/sched-pelt-Remove-unused-runnable-load-average.patch. - commit de86223 - Refresh patches.suse/sched-fair-reorder-enqueue-dequeue_task_fair-path.patch. - commit a0aa0f8 - sched/numa: Distinguish between the different task_numa_migrate() failure cases (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 408baa5 - Refresh patches.suse/sched-numa-Trace-when-no-candidate-CPU-was-found-on-the-preferred-node.patch. - commit 7d03e16 - sched/fair: Optimize select_idle_core() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit f749d53 - sched/fair: Allow a per-CPU kthread waking a task to stack on the same CPU, to fix XFS performance regression (bsc#1154329). - sched/fair: Allow a small load imbalance between low utilisation SD_NUMA domains (bnc#1160896). - commit 2ab2039 - sign also s390x kernel images (bsc#1163524) - commit b38b611 - mm, hotplug: fix page online with DEBUG_PAGEALLOC compiled but not enabled (VM Functionality, bsc#1164436). - commit 05a4d19 - blacklist.conf: add CONFIG_PROC_FS=n entry - commit cc29a90 - nbd: add a flush_workqueue in nbd_start_device (git-fixes). - perf c2c: Fix return type for histogram sorting comparision functions (git-fixes). - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR (git-fixes). - commit 6880922 - KVM: nVMX: Check IO instruction VM-exit conditions (CVE-2020-2732 bsc#1163971). - KVM: nVMX: Refactor IO bitmap checks into helper function (CVE-2020-2732 bsc#1163971). - KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732 bsc#1163971). - commit f91f45f - config: enable BLK_DEV_SR_VENDOR on armv7hl (bsc#1164632) This option was recently enabled in all SLE15-SP2 configs, enable it also in armv7hl which is built only in openSUSE-15.2. - commit b8ee3fe - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/vt-selection-close-sel_buffer-race.patch patches.suse/vt-selection-handle-pending-signals-in-paste_selecti.patch - commit 0c9df1b - series.conf: cleanup - update upstream reference and resort: patches.suse/powerpc-tm-Fix-clearing-MSR-TS-in-current-when-recla.patch - commit 220f81e ++++ gcc10: - Add libstdc++6-pp provides and conflicts to avoid file conflicts with same minor version of libstdc++6-pp from gcc9. ++++ libgcrypt: - FIPS: Run the self-tests from the constructor [bsc#1164950] * Add libgcrypt-invoke-global_init-from-constructor.patch ++++ sysconfig: - version 0.85.4 - Add Upstream First openSUSE Build Service Policy to the spec ------------------------------------------------------------------ ------------------ 2020-2-24 - Feb 24 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/boot: Handle malformed SRAT tables during early ACPI parsing (bsc#1152489). - commit ce68bc1 - iommu/vt-d: Unnecessary to handle default identity domain (bsc#1162414). - iommu/vt-d: Allow devices with RMRRs to use identity domain (bsc#1162414). - commit 048a6f9 - btrfs: rename btrfs_space_info_add_old_bytes (bsc#1141456). - btrfs: remove orig_bytes from reserve_ticket (bsc#1141456). - btrfs: fix may_commit_transaction to deal with no partial filling (bsc#1141456). - btrfs: rework wake_all_tickets (bsc#1141456). - btrfs: refactor the ticket wakeup code (bsc#1141456). - btrfs: stop partially refilling tickets when releasing space (bsc#1141456). - btrfs: add space reservation tracepoint for reserved bytes (bsc#1141456). - btrfs: roll tracepoint into btrfs_space_info_update helper (bsc#1141456). - btrfs: do not allow reservations if we have pending tickets (bsc#1141456). - commit 18cd200 - Refresh patches.suse/mmc-sdhci-fix-up-CMD12-sending.patch. - commit b36db25 - tools lib traceevent: Remove unneeded qsort and uses memmove instead (git-fixes). - commit 37953f8 - rtc: fsl-ftm-alarm: move patch to sorted section - commit 80b90f8 - kvm: Reintroduce nopvspin kernel parameter (bsc#1056427). - commit dcec1fa - thermal: qoriq: refresh patches - Refresh patches.suse/thermal-qoriq-Add-hwmon-support.patch. - Refresh patches.suse/thermal-qoriq-Add-local-struct-device-pointer.patch. - Refresh patches.suse/thermal-qoriq-Add-local-struct-qoriq_sensor-pointer.patch. - Refresh patches.suse/thermal-qoriq-Convert-driver-to-use-regmap-API.patch. - Refresh patches.suse/thermal-qoriq-Do-not-report-invalid-temperature-read.patch. - Refresh patches.suse/thermal-qoriq-Don-t-store-struct-thermal_zone_device.patch. - Refresh patches.suse/thermal-qoriq-Drop-unnecessary-drvdata-cleanup.patch. - Refresh patches.suse/thermal-qoriq-Embed-per-sensor-data-into-struct-qori.patch. - Refresh patches.suse/thermal-qoriq-Enable-all-sensors-before-registering-.patch. - Refresh patches.suse/thermal-qoriq-Pass-data-to-qoriq_tmu_calibration-dir.patch. - Refresh patches.suse/thermal-qoriq-Pass-data-to-qoriq_tmu_register_tmu_zo.patch. - Refresh patches.suse/thermal_hwmon-Add-devres-wrapper-for-thermal_add_hwm.patch. - commit bd644db - ttyprintk: fix a potential deadlock in interrupt context issue (git-fixes). - commit dc7ade5 - blacklist.conf: bug: cosmetic change; related to a larger code clean up - commit 43ce447 - dpaa_eth: support all modes with rate adapting PHYs (bsc#1159662). - commit a5b2d56 - printk: fix exclusive_console replaying (bsc#1164711). - commit 466e4dc - sr_vendor: support Beurer GL50 evo CD-on-a-chip devices (boo#1164632). - commit a186914 - Enable CONFIG_BLK_DEV_SR_VENDOR (boo#1164632). - commit 1c8f90b - patches.suse/ext4-Fix-mount-failure-with-quota-configured-as-modu.patch: Update tags. - commit 713f734 - Delete patches.suse/0001-kvm-Introduce-nopvspin-kernel-parameter.patch. Remove guarded patch as it has been rendered unnecessary by 9043442b43b1fddf202591b84702863286700c1a ("locking/paravirt: Use new static key for controlling call of virt_spin_lock()") and b2798ba0b876 ("KVM: X86: Choose qspinlock when dedicated physical CPUs are available") - commit 583da5e - xen: Enable interrupts when calling _cond_resched() (bsc#1065600). - commit 4f2ecad - KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer (bsc#1133021). - KVM: arm64: pmu: Fix chained SW_INCR counters (bsc#1133021). - KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset (bsc#1133021). - KVM: arm: Make inject_abt32() inject an external abort instead (bsc#1133021). - KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests (bsc#1133021). - KVM: arm/arm64: Fix young bit from mmu notifier (bsc#1133021). - KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections (bsc#1133021). - KVM: Clean up __kvm_gfn_to_hva_cache_init() and its callers (bsc#1133021). - KVM: Check for a bad hva before dropping into the ghc slow path (bsc#1133021). - KVM: arm/arm64: Properly handle faulting of device mappings (bsc#1133021). - KVM: arm64: Ensure 'params' is initialised when looking up sys register (bsc#1133021). - KVM: arm/arm64: Get rid of unused arg in cpu_init_hyp_mode() (bsc#1133021). - KVM: fix placement of refcount initialization (bsc#1133021). - KVM: Fix NULL-ptr deref after kvm_create_vm fails (bsc#1133021). - kvm: call kvm_arch_destroy_vm if vm creation fails (bsc#1133021). - commit 51a3eef - kvm: Allocate memslots and buses before calling kvm_arch_init_vm (bsc#1133021). - Refresh patches.suse/kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch. - commit fc34308 - btrfs: only reserve metadata_size for inodes (bsc#1141456). - btrfs: rename the btrfs_calc_*_metadata_size helpers (bsc#1141456). - commit d6be9ae - btrfs: introduce an evict flushing state (bsc#1141456). - btrfs: refactor priority_reclaim_metadata_space (bsc#1141456). - btrfs: factor out the ticket flush handling (bsc#1141456). - btrfs: unify error handling for ticket flushing (bsc#1141456). - btrfs: add a flush step for delayed iputs (bsc#1141456). - commit 21300d0 ++++ yast2: - Creating an own Augeas instance for each parsed sysctl file (bsc#1151649). - 4.2.67 ------------------------------------------------------------------ ------------------ 2020-2-23 - Feb 23 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - md/raid0: Fix buffer overflow at debug print (bsc#1164051). - commit c36de2b ------------------------------------------------------------------ ------------------ 2020-2-22 - Feb 22 2020 ------------------- ------------------------------------------------------------------ ++++ rdma-core: - Eliminate the curl-mini trickery for Tumbleweed: curl-mini is being eliminated in favor of cmake-mini: the original plan to split the cycle at curl did not work out in the long run. ------------------------------------------------------------------ ------------------ 2020-2-21 - Feb 21 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Update to v2.0.10 (bsc#1160460, bsc#1164390, jsc#ECO-1048, jsc#SLE-11485, jsc#SLE-11331): - journal logging: write to /dev/null instead of -1 ++++ dracut: - Update to version 049.1+git124.70941b30: * 90kernel-modules: Add PCI host controller modules (boo#1162669) - Update to version 049.1+git123.c2a6645e: * dracut: add warning when including unsupported modules (bsc#1163055) * 01fips: Boot without BOOT_IMAGE being set (bsc#1161292) * 01fips: Use correct kernel image name for more platforms (bsc#1164076) ++++ kernel-default: - series.conf: cleanup Reorganize the "Storage" section a bit. No effect on expanded tree. - commit 0a80524 - crypto: allow self-test for ansi_cprng (bsc#1164254). - commit e75c9ce - series.conf: cleanup Keep the number of top level sections reasonable. - commit ff097d4 - s390 crypto: explicitly memzero stack key material in aes_s390.c (bsc#1163459). - random: move FIPS continuous test to output functions (bsc#1163458). - commit b896cb7 - kABI: restore debugfs_remove_recursive() (bsc#1159198). - commit 102712e - hwmon: (k10temp) Display up to eight sets of CCD temperatures (bsc#1163206). - hwmon: (k10temp) Don't show temperature limits on Ryzen (Zen) CPUs (bsc#1163206). - hwmon: (k10temp) Show core and SoC current and voltages on Ryzen CPUs (bsc#1163206). - hwmon: (k10temp) Report temperatures per CPU die (bsc#1163206). - hmon: (k10temp) Convert to use devm_hwmon_device_register_with_info (bsc#1163206). - hwmon: (k10temp) Use bitops (bsc#1163206). - commit 82bbfc1 - arm64: KVM: Invoke compute_layout() before alternatives are applied (bsc#1162702). - percpu-refcount: Use normal instead of RCU-sched" (bsc#1162702). - drm/i915: Don't disable interrupts independently of the lock (bsc#1162702). - x86/ioapic: Rename misnamed functions (bsc#1162702). - block: Don't disable interrupts in trigger_softirq() (bsc#1162702). - commit 227d21b - xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT (bsc#1164482). - commit 96d108c - ext4: Fix mount failure with quota configured as module (bsc#1164471). Refresh patches.suse/ext4-unsupported-features.patch - commit 4ccdd26 - Refresh patches.suse/sd-always-retry-READ-CAPACITY-for-ALUA-state-transit.patch. - commit 6221d57 - Delete patches.suse/sd-always-scan-VPD-pages-if-thin-provisioning-is-ena.patch. - commit 7919fbe - Delete patches.suse/scsi-disable-VPD-page-check-on-error.patch. - commit e6dd2e4 - ch: review and re-enable refcounting patches - ch: remove ch_mutex() (bsc#1124235). - ch: synchronize ch_probe() and ch_open() (bsc#1124235). - Refresh patches.suse/ch-fixup-refcounting-imbalance-for-SCSI-devices.patch. - Delete patches.suse/ch-add-missing-mutex_lock-mutex_unlock-in-ch_release.patch. - commit 9a39484 - scsi: mpt3sas: Update drive version to 33.100.00.00 (jsc#SLE-10717). - scsi: mpt3sas: Remove usage of device_busy counter (jsc#SLE-10717). - scsi: mpt3sas: Print function name in which cmd timed out (jsc#SLE-10717). - scsi: mpt3sas: Optimize mpt3sas driver logging (jsc#SLE-10717). - scsi: mpt3sas: print in which path firmware fault occurred (jsc#SLE-10717). - scsi: mpt3sas: Handle CoreDump state from watchdog thread (jsc#SLE-10717). - scsi: mpt3sas: Add support IOCs new state named COREDUMP (jsc#SLE-10717). - scsi: mpt3sas: renamed _base_after_reset_handler function (jsc#SLE-10717). - scsi: mpt3sas: Add support for NVMe shutdown (jsc#SLE-10717). - scsi: mpt3sas: Update MPI Headers to v02.00.57 (jsc#SLE-10717). - scsi: mpt3sas: Fix double free in attach error handling (jsc#SLE-10717). - scsi: mpt3sas: change allocation option (jsc#SLE-10717). - scsi: mpt3sas: Clean up some indenting (jsc#SLE-10717). - commit 916674e - megaraid_sas-fixup-MSIx-interrupt-setup-during-resume.patch: replace with upstream version - commit 56ba2a9 - scsi: megaraid_sas: Update driver version to 07.713.01.00-rc1 (jsc#SLE-10720). - scsi: megaraid_sas: Use Block layer API to check SCSI device in-flight IO requests (jsc#SLE-10720). - scsi: megaraid_sas: Limit the number of retries for the IOCTLs causing firmware fault (jsc#SLE-10720). - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state (jsc#SLE-10720). - scsi: megaraid_sas: Re-Define enum DCMD_RETURN_STATUS (jsc#SLE-10720). - scsi: megaraid_sas: Do not set HBA Operational if FW is not in operational state (jsc#SLE-10720). - scsi: megaraid_sas: Do not kill HBA if JBOD Seqence map or RAID map is disabled (jsc#SLE-10720). - scsi: megaraid_sas: Do not kill host bus adapter, if adapter is already dead (jsc#SLE-10720). - scsi: megaraid_sas: Update optimal queue depth for SAS and NVMe devices (jsc#SLE-10720). - scsi: megaraid_sas: Set no_write_same only for Virtual Disk (jsc#SLE-10720). - scsi: megaraid_sas: Reset adapter if FW is not in READY state after device resume (jsc#SLE-10720). - commit 65e16b2 - Disable 'megaraid_sas-fixup-MSIx-interrupt-setup-during-resume' - commit e492554 - series.conf: cleanup Move patches.suse/suse-hv-kabi.patch into kABI padding section. - commit fc6dc14 - fix up iter on short count in fuse_direct_io() (git-fixes). - ovl: fix lseek overflow on 32bit (git-fixes). - ovl: fix wrong WARN_ON() in ovl_cache_update_ino() (git-fixes). - commit 508fa98 - Refresh patches.suse/new-helper-lookup_positive_unlocked.patch. Remove compiler warnings because of unused goto label. - commit 71e012e ++++ Mesa: - use 7G disk constraints also for x86_64 and i586 (bsc#1164488) ++++ gcc10: - Disable zstd use for SLES15 and older. ++++ openssl-1_1: - Use the newly build libcrypto shared library when computing the hmac checksums in order to avoid a bootstrapping issue by BuildRequiring libopenssl1_1 (bsc#1164102) ++++ libzypp: - Log patch status changes to history (jsc#SLE-5116) - Allow to disable all WebServer dependent tests when building. OBS wants to be able to get rid of the nginx/FastCGI-devel build requirement. Use 'rpmbuild --without mediabackend_tests' or 'cmake -DDISABLE_MEDIABACKEND_TESTS=1'. - version 17.23.0 (22) ++++ pam: - Add libdb as build-time dependency to enable pam_userdb module. Enable pam_userdb.so [jsc#sle-7258, bsc#1164562, pam.spec] ++++ raspberrypi-firmware: - Update to f4b5869 (2020-02-12) (bsc#1163476): * firmware: board_info: Fix GPIO expander reset trait * firmware: gencmd: Fix measure_clock name for CLOCK_OUTPUT_108 * firmware: platform: Compromise on gpu overclock settings - After the rpi-5.5.y update in raspberrypi-firmware-dt: * Remove rpi4-genet as it's not needed anymore * Remove gpu_mem entry for rpi4 ++++ raspberrypi-firmware-config: - Update to f4b5869 (2020-02-12) (bsc#1163476): * firmware: board_info: Fix GPIO expander reset trait * firmware: gencmd: Fix measure_clock name for CLOCK_OUTPUT_108 * firmware: platform: Compromise on gpu overclock settings - After the rpi-5.5.y update in raspberrypi-firmware-dt: * Remove rpi4-genet as it's not needed anymore * Remove gpu_mem entry for rpi4 ++++ u-boot-rpiarm64: Fix ethernet on RPi4 (bsc#1164512) Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2020.01 * Patches added: 0018-net-bcmgenet-Don-t-set-ID_MODE_DIS-.patch ++++ zypper: - Do not allow the abbreviation of cli arguments (bsc#1164543) - accoring to according in all translation files. - Always show exception history if available. - Use default package cache location for temporary repos (bsc#1130873) - version 1.14.34 ------------------------------------------------------------------ ------------------ 2020-2-20 - Feb 20 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - hyper-v: Untangle stimers and timesync from clocksources (jsc#SLE-8133). - commit a1b2308 - hv: kabi placeholders (jsc#SLE-8133). - commit c3e96e8 - KVM: x86/mmu: Add explicit access mask for MMIO SPTEs (bsc#1164354). - Refresh patches.suse/kvm-mmu-ITLB_MULTIHIT-mitigation.patch. - Refresh patches.suse/kvm-svm-override-default-mmio-mask-if-memory-encryption-is-enabled. - commit 8a15fbd - xfs: push the grant head when the log head moves forward (bsc#1164095). - commit d1770d3 - xfs: push iclog state cleaning into xlog_state_clean_log (bsc#1164095). - commit d1535a4 - xfs: factor iclog state processing out of xlog_state_do_callback() (bsc#1164095). - commit 3094c67 - xfs: factor callbacks out of xlog_state_do_callback() (bsc#1164095). - commit 901e51d - xfs: factor debug code out of xlog_state_do_callback() (bsc#1164095). - commit 860c5ae - KVM: x86/mmu: Revert "KVM: x86/mmu: Remove is_obsolete() call" (bsc#1164357). - Refresh patches.suse/kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch. - commit c9e37dc - KVM: x86/mmu: Revert "Revert "KVM: MMU: reclaim the zapped-obsolete page first"" (bsc#1164361). - Refresh patches.suse/kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch. - commit 3193cde - KVM: x86: Unconditionally call x86 ops that are always implemented (bsc#1164382). - Refresh patches.suse/kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch. - commit 3095ae2 - ARM: dts: stm32: add missing vdda-supply to adc on stm32429i-eval (bsc#1164461). - commit da5a397 - blacklist.conf: add duplicated commit ID - commit a626162 - xfs: prevent CIL push holdoff in log recovery (bsc#1164095). - commit d2cfffa - blacklist.conf: ignore fix for not supported arch - commit ca8ddc1 - iommu/qcom: Fix bogus detach logic (bsc#1164445). - iommu/vt-d: Simplify check in identity_mapping() (bsc#1159594). - iommu/vt-d: Remove deferred_attach_domain() (bsc#1159594). - iommu/vt-d: Do deferred attachment in iommu_need_mapping() (bsc#1159594). - iommu/vt-d: Move deferred device attachment into helper function (bsc#1159594). - iommu/vt-d: Add attach_deferred() helper (bsc#1159594). - iommu/vt-d: Fix compile warning from intel-svm.h (bsc#1164446). - KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging (bsc#1164356). - KVM: nVMX: Use correct root level for nested EPT shadow page tables (bsc#1164330). - KVM: x86: Mask off reserved bit from #DB exception payload (bsc#1164353). - KVM: Use vcpu-specific gva->hva translation when querying host page size (bsc#1164337). - KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest" (bsc#1164381). - KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation (bsc#1164344). - KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu() (bsc#1164349). - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164374). - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks (bsc#1164365). - KVM: x86: Protect exit_reason from being used in Spectre-v1/L1TF attacks (bsc#1164366). - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (bsc#1164371). - KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks (bsc#1164373). - KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bsc#1164372). - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks (bsc#1164370). - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks (bsc#1164368). - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks (bsc#1164367). - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks (bsc#1164376). - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks (bsc#1164369). - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks (bsc#1164375). - kvm/svm: PKU not currently supported (bsc#1164335). - KVM: x86: Remove spurious clearing of async #PF MSR (bsc#1164378). - KVM: x86: Remove spurious kvm_mmu_unload() from vcpu destruction path (bsc#1164379). - KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails (bsc#1164348). - KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM (bsc#1164355). - KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform (bsc#1164346). - kvm: nVMX: VMWRITE checks unsupported field before read-only field (bsc#1164331). - kvm: nVMX: VMWRITE checks VMCS-link pointer before VMCS field (bsc#1164332). - kvm: nVMX: Relax guest IA32_FEATURE_CONTROL constraints (bsc#1164329). - KVM: retpolines: x86: eliminate retpoline from vmx.c exit handlers (bsc#1164333). - KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1164340). - KVM: x86: Introduce vcpu->arch.xsaves_enabled (bsc#1164351). - KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (bsc#1164334). - KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1164336). - KVM: VMX: Do not change PID.NDST when loading a blocked vCPU (bsc#1164339). - KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (bsc#1164338). - KVM: nVMX: Don't leak L1 MMIO regions to L2 (bsc#1164328). - kvm: vmx: Limit guest PMCs to those supported on the host (bsc#1164342). - kvm: x86: Use AMD CPUID semantics for AMD vCPUs (bsc#1164383). - kvm: x86: Improve emulation of CPUID leaves 0BH and 1FH (bsc#1164350). - kvm: x86: Fix a spurious -E2BIG in __do_cpuid_func (bsc#1164345). - KVM: x86/mmu: Revert "Revert "KVM: MMU: collapse TLB flushes when zap all pages"" (bsc#1164360). - KVM: x86/mmu: Revert "Revert "KVM: MMU: zap pages in batch"" (bsc#1164363). - KVM: x86/mmu: Revert "Revert "KVM: MMU: add tracepoint for kvm_mmu_invalidate_all_pages"" (bsc#1164359). - KVM: x86/mmu: Revert "Revert "KVM: MMU: show mmu_valid_gen in shadow page related tracepoints"" (bsc#1164362). - KVM: x86/mmu: Treat invalid shadow pages as obsolete (bsc#1164364). - KVM: x86: Manually flush collapsible SPTEs only when toggling flags (bsc#1164352). - KVM: x86: Return to userspace with internal error on unexpected exit reason (bsc#1164380). - KVM: x86: Add kvm_emulate_{rd,wr}msr() to consolidate VXM/SVM code (bsc#1164343). - KVM: x86: Refactor up kvm_{g,s}et_msr() to simplify callers (bsc#1164377). - KVM: x86: Fix x86_decode_insn() return when fetching insn bytes fails (bsc#1164347). - commit d065de5 - xfs: push the AIL in xlog_grant_head_wake (bsc#1164095). - commit 1bce18c - enable patches.suse/lan78xx-Enable-LEDs-and-auto-negotiation.patch This is one of inherited SLE15-SP1 non-upstream patches. It doesn't really match the bug it references and there has not been any apparent attempt to get it into mainline since it was added to SLE15. To avoid regressions, keep it in SLE15-SP2 for now but drop with SLE16 unless it gets upstreamed or there is at least some serious attempt to upstream it. Rename patches.suse/bsc1084332-0003-lan78xx-Enable-LEDs-and-auto-negotiation.patch to patches.suse/lan78xx-Enable-LEDs-and-auto-negotiation.patch, refresh it, enable and move into NIC driver section. - commit 627e945 - hv_balloon: Balloon up according to request page number (git-fixes). - scsi: storvsc: Correctly set number of hardware queues for IDE disk (git-fixes). - hv_netvsc: Fix unwanted rx_table reset (git-fixes). - hv_netvsc: Fix tx_table init in rndis_set_subchannel() (git-fixes). - Drivers: hv: balloon: Remove dependencies on guest page size (git-fixes). - hv_netvsc: flag software created hash value (git-fixes). - hv_netvsc: Fix send_table offset in case of a host bug (git-fixes). - hv_netvsc: Fix offset usage in netvsc_send_table() (git-fixes). - commit 9bdb4de ++++ wayland: - Replace public key in keyring with 34FF9526CFEF0E97A340E2E40FDE7BE0E88F5E48 (Simon Ser ). ++++ podman: - The name of the cni-bridge in the default config changed from "cni0" to "podman-cni0" with podman-1.6.0. Add a %trigger to rename the bridge in the system to the new default if it exists. The trigger is only excuted when updating podman-cni-config from something older than 1.6.0. This is mainly needed for SLE where we're updating from 1.4.4 to 1.8.0 (bsc#1160460). ++++ qemu: - Add Obsoletes directive for qemu-audio-sdl and qemu-ui-sdl since for a qemu package upgrade from SLE12-SP5, support for SDL is dropped ++++ rpm: - Remove ocaml-find-provides.sh, ocaml-find-requires.sh, fileattrs/ocaml.attr ocaml(NAME) = HASH is now handled in ocaml-rpm-macros (bsc#1154874) ------------------------------------------------------------------ ------------------ 2020-2-19 - Feb 19 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery (bsc#1118338 ltc#173734). - commit 2e0d5f0 - ASoC: sun8i-codec: Fix setting DAI data format (git-fixes). - ASoC: fsl_sai: Fix exiting path on probing failure (git-fixes). - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs (git-fixes). - ALSA: hda/realtek - Apply quirk for yet another MSI laptop (git-fixes). - ALSA: hda/realtek - Apply quirk for MSI GP63, too (git-fixes). - ALSA: rawmidi: Avoid bit fields for state flags (git-fixes). - ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes). - ALSA: seq: Avoid concurrent access to queue flags (git-fixes). - commit a23ff90 - ata: ahci: Add shutdown to freeze hardware resources of ahci (bsc#1164388). - commit ce5f6e5 - iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA (bsc#1164308). - commit d6eceea - blacklist.conf: Add b06c076ea962 Revert "iommu/arm-smmu: Make arm-smmu explicitly non-modular" - commit 08f1fd5 - blacklist.conf: Add 6e8fa7404c13 Revert "iommu/arm-smmu: Make arm-smmu-v3 explicitly non-modular" - commit 4c1b45c - perf/x86/intel: Fix inaccurate period in context switch for auto-reload (bsc#1164307). - iommu/vt-d: Avoid sending invalid page response (bsc#1164304). - iommu/vt-d: Fix off-by-one in PASID allocation (bsc#1164305). - iommu/vt-d: Match CPU and IOMMU paging mode (bsc#1164306). - iommu/amd: Only support x2APIC with IVHD type 11h/40h (bsc#1164303). - iommu/amd: Check feature support bit before accessing MSI capability registers (bsc#1164302). - commit ead9f32 - tracing: Fix now invalid var_ref_vals assumption in trace action (git-fixes). - commit 9385a9b - block: fix get_max_segment_size() overflow on 32bit arch (bsc#1164285). - commit 88517df - ext4: fix support for inode sizes > 1024 bytes (bsc#1164284). - commit 05b8b1c - memcg: fix a crash in wb_workfn when a device disappears (bsc#1164276). - commit b25cbaa - arm64: dts: agilex/stratix10: fix pmu interrupt numbers (bsc#1164272). - commit 0c677d5 - arm64: KVM: Device mappings should be execute-never (bsc#1164268). - Refresh patches.suse/arm64-Ensure-VM_WRITE-VM_SHARED-ptes-are-clean-by-de.patch. - commit b79bc51 - fix upstream references - fix Patch-mainline: patches.suse/fix-autofs-regression-caused-by-follow_managed-changes.patch patches.suse/fix-dget_parent-fastpath-race.patch patches.suse/fsnamei.c-fix-missing-barriers-when-checking-positivity.patch patches.suse/fsnamei.c-pull-positivity-check-into-follow_managed.patch patches.suse/new-helper-lookup_positive_unlocked.patch - commit d37656d - series.conf: cleanup - update upstream reference and resort: patches.suse/dma-contiguous-cma-give-precedence-to-cmdline.patch - commit 1b96e18 - Replace Replace patches.suse/kvm-aarch64-avoid-guest-access-host-pmu-register.patch with patches.suse/KVM-arm64-Write-arch.mdcr_el2-changes-since-last-vcp.patch upstream id is 4942dec6638b0 (bsc#1161692). - commit 6264601 ++++ systemd: - move html documentation to sparate package to save space - move networkd and resolved binaries into correct subpackage ++++ policycoreutils: - Package perm_map as it's used by audit2* tools ++++ qemu: - Fix xenfv migration from xen host with pre-v4.0 qemu. We had previously dropped a similar patch, but have decided that for now we need to go with this type of solution (bsc#1159755) hw-i386-disable-smbus-migration-for-xenf.patch ++++ raspberrypi-firmware-dt: - Update to 6a3905568d (2020-02-03) (jsc#SLE-7296) * based on rpi-5.5.y - Remove obsolete overlays and patches because of bump to rpi-5.5.y: * rpi4-genet-overlay.dtso * upstream-rpi4-genet-phy.patch - Add remove-vmmc-emmc2.patch fixing issues with SD cards boot ++++ selinux-policy: - Update to version 20200219 Refreshed fix_hadoop.patch Updated * fix_dbus.patch * fix_hadoop.patch * fix_nscd.patch * fix_xserver.patch Renamed postfix_paths.patch to fix_postfix.patch Added * fix_init.patch * fix_locallogin.patch * fix_policykit.patch * fix_iptables.patch * fix_irqbalance.patch * fix_ntp.patch * fix_fwupd.patch * fix_firewalld.patch * fix_logrotate.patch * fix_selinuxutil.patch * fix_corecommand.patch * fix_snapper.patch * fix_systemd.patch * fix_unconfined.patch * fix_unconfineduser.patch * fix_chronyd.patch * fix_networkmanager.patch * xdm_entrypoint_pam.patch - Removed modules minimum_temp_fixes and targeted_temp_fixes from the corresponding policies - Reduced default module list of minimum policy by removing apache inetd nis postfix mta modules - Adding/removing necessary pam config automatically - Minimum and targeted policy: Enable domain_can_mmap_files by default - Targeted policy: Disable selinuxuser_execmem, selinuxuser_execmod and selinuxuser_execstack to have safe defaults ------------------------------------------------------------------ ------------------ 2020-2-18 - Feb 18 2020 ------------------- ------------------------------------------------------------------ ++++ glib2: - Update to version 2.62.5: + Fix potential relative read when calling g_printerr(), which could lead to a denial of service from a setuid-root process being used to block access to the TTY for another user. + Fix SOCKS proxy resolver sometimes not being used when resolving addresses via Happy Eyeballs (CVE-2020-6750). + Several other Happy Eyeballs fixes for address resolution. + Fix parsing of full Julian day range from `$TZ` environment variable. + Several race condition/crash fixes. + Bugs fixed: glgo#GNOME/GLib#1919, glgo#GNOME/GLib#1995, glgo#GNOME/GLib#1999, glgo#GNOME/GLib!1323, glgo#GNOME/GLib!1331, glgo#GNOME/GLib!1352, glgo#GNOME/GLib!1361, glgo#GNOME/GLib!1365, glgo#GNOME/GLib!1370, glgo#GNOME/GLib!1371. + Updated translations. ++++ grub2: - Fix grub hangs after loading rogue image without valid signature for uefi secure boot (bsc#1159102) * grub2-verifiers-fix-system-freeze-if-verify-failed.patch ++++ kernel-default: - netdevsim: fix ptr_ret.cocci warnings (bsc#1154353). - commit acfaee7 - fix autofs regression caused by follow_managed() changes (git-fixes, bsc#1159271). - commit a954cfa - fs/namei.c: fix missing barriers when checking positivity (bsc#1159271). - fix dget_parent() fastpath race (bsc#1159271). - new helper: lookup_positive_unlocked() (bsc#1159271). - fs/namei.c: pull positivity check into follow_managed() (bsc#1159271). - commit 15f64cd - sched/fair: fix statistics for find_idlest_group() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 2db86c8 - sched/fair: Fix kernel-doc warning in attach_entity_load_avg() (git fixes (sched)). - commit 366accc - powerpc/kexec: Move kexec files into a dedicated subdir (bsc#1140025 ltc#176086). Refresh patches.suse/powerpc-Avoid-clang-warnings-around-setjmp-and-longj.patch. - powerpc/32: Split kexec low level code out of misc_32.S (bsc#1140025 ltc#176086). - commit ea45911 - arm64: dts: fast models: Fix FVP PCI interrupt-map property (bsc#1164201). - arm64: ssbs: Fix context-switch when SSBS is present on all CPUs (bsc#1164221). - arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node (bsc#1164211). - arm64: acpi: fix DAIF manipulation with pNMI (bsc#1164197). - arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly (bsc#1164219). - arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations (bsc#1164220). - arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly (bsc#1164199). - arm64: cpufeature: Fix the type of no FP/SIMD capability (bsc#1164198). - arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean' (bsc#1164218). - arm64: dts: allwinner: a64: olinuxino: Fix SDIO supply regulator (bsc#1164200). - arm64: dts: imx8mq-librem5-devkit: use correct interrupt for the magnetometer (bsc#1164205). - arm64: dts: imx8mm: Change SDMA1 ahb clock for imx8mm (bsc#1164202). - arm64: dts: ls1028a: fix endian setting for dcfg (bsc#1164208). - arm64: Implement copy_thread_tls (bsc#1164195). - update arm64 config files (add HAVE_COPY_THREAD_TLS=y) - arm64: Move __ARCH_WANT_SYS_CLONE3 definition to uapi headers (bsc#1164196). - arm64: dts: ls1028a: fix reboot node (bsc#1164209). - Revert "arm64: dts: juno: add dma-ranges property" (bsc#1164194). - arm64: dts: juno: Fix UART frequency (bsc#1164206). - arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node (bsc#1164216). - arm64: dts: meson-gxl-s905x-khadas-vim: fix uart_A bluetooth node (bsc#1164215). - arm64: dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node (bsc#1164214). - arm64: dts: meson: odroid-c2: Disable usb_otg bus to avoid power failed warning (bsc#1164217). - arm64: dts: meson: axg: fix audio fifo reg size (bsc#1164212). - arm64: dts: marvell: Fix CP110 NAND controller node multi-line comment alignment (bsc#1164210). - arm64: dts: imx8mm: Correct OPP table according to latest datasheet (bsc#1164203). - commit 8ffc54a - powerpc: avoid adjusting memory_limit for capture kernel memory reservation (bsc#1140025). - powerpc: reserve memory for capture kernel after hugepages init (bsc#1140025). - commit 3e6df66 - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info (bsc#1163774). - commit f4930bf - ARM: npcm: Bring back GPIOLIB support (bsc#1164185). - commit 3c9a346 - blacklist.conf: blacklist commits with wrong fixes ID - commit b51d31a - ARM: dts: am43xx: add support for clkout1 clock (bsc#1164150). - ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP (bsc#1164174). - ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP (bsc#1164172). - ARM: dts: meson8b: fix the clock controller compatible string (bsc#1164173). - ARM: dts: at91: sama5d3: define clock rate range for tcb1 (bsc#1164156). - ARM: dts: at91: sama5d3: fix maximum peripheral clock rates (bsc#1164157). - ARM: dts: at91: Reenable UART TX pull-ups (bsc#1164155). - ARM: dts: stm32: Add power-supply for DSI panel on stm32f469-disco (bsc#1164177). - ARM: dts: imx7: Fix Toradex Colibri iMX7S 256MB NAND flash support (bsc#1164167). - ARM: dts: imx6sll-evk: Remove incorrect power supply assignment (bsc#1164164). - ARM: dts: imx6sl-evk: Remove incorrect power supply assignment (bsc#1164163). - ARM: dts: imx6sx-sdb: Remove incorrect power supply assignment (bsc#1164165). - ARM: dts: imx6qdl-sabresd: Remove incorrect power supply assignment (bsc#1164162). - ARM: dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL (bsc#1164161). - ARM: dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection (bsc#1164159). - ARM: dts: imx7ulp: fix reg of cpu node (bsc#1164168). - ARM: dts: imx6q-dhcom: fix rtc compatible (bsc#1164160). - ARM: dts: meson8: fix the size of the PMU registers (bsc#1164171). - ARM: dts: am571x-idk: Fix gpios property to have the correct gpio number (bsc#1164151). - ARM: OMAP2+: Fix ti_sysc_find_one_clockdomain to check for to_clk_hw_omap (bsc#1164146). - ARM: dts: imx6ul: imx6ul-14x14-evk.dtsi: Fix SPI NOR probing (bsc#1164166). - ARM: dts: bcm283x: Fix critical trip point (bsc#1164158). - ARM: dts: Cygnus: Fix MDIO node address/size cells (bsc#1164148). - ARM: dts: BCM5301X: Fix MDIO node address/size cells (bsc#1164147). - ARM: dts: Fix sgx sysconfig register for omap4 (bsc#1164149). - ARM: dts: logicpd-torpedo-37xx-devkit-28: Reference new DRM panel (bsc#1164170). - ARM: dts: s3c64xx: Fix init order of clock providers (bsc#1164176). - ARM: dts: stm32: relax qspi pins slew-rate for stm32mp157 (bsc#1164182). - ARM: dts: sunxi: Revert phy-names removal for ECHI and OHCI (bsc#1164184). - ARM: omap2plus_defconfig: Enable DRM_TI_TFP410 (bsc#1164186). - ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux (bsc#1164169). - ARM: dts: aspeed-g5: Fixe gpio-ranges upper limit (bsc#1164152). - ARM: dts: aspeed: swift: Change power supplies to version 2 (bsc#1164153). - ARM: dts: aspeed: swift: Fix FSI GPIOs (bsc#1164154). - ARM: dts: r8a7779: Use SYSC "always-on" PM Domain for HSCIF (bsc#1164175). - ARM: dts: stm32: add pwm cells to stm32f746 (bsc#1164180). - ARM: dts: stm32: add pwm cells to stm32f429 (bsc#1164179). - ARM: dts: stm32: add pwm cells to stm32mp157c (bsc#1164181). - ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval (bsc#1164178). - ARM: dts: stm32: remove fixed regulator unit address on stm32429i-eval (bsc#1164183). - commit 303d59d - asm-generic/tlb: avoid potential double flush (bsc#1163776 ltc#183929). - commit 3b90a7e - lib/vdso: Make __arch_update_vdso_data() logic understandable (bsc#1164141). - commit 0a18ce1 - ceph: noacl mount option is effectively ignored (jsc#SES-1134). - ceph: canonicalize server path in place (jsc#SES-1134). - ceph: do not execute direct write in parallel if O_APPEND is specified (jsc#SES-1134). - rbd: set the 'device' link in sysfs (jsc#SES-1134). - ceph: move net/ceph/ceph_fs.c to fs/ceph/util.c (jsc#SES-1134). - ceph: print name of xattr in __ceph_{get,set}xattr() douts (jsc#SES-1134). - ceph: print r_direct_hash in hex in __choose_mds() dout (jsc#SES-1134). - ceph: use copy-from2 op in copy_file_range (jsc#SES-1134). - ceph: close holes in structs ceph_mds_session and ceph_mds_request (jsc#SES-1134). - ceph: allocate the correct amount of extra bytes for the session features (jsc#SES-1134). - ceph: rename get_session and switch to use ceph_get_mds_session (jsc#SES-1134). - ceph: remove the extra slashes in the server path (jsc#SES-1134). - ceph: add possible_max_rank and make the code more readable (jsc#SES-1134). - ceph: print dentry offset in hex and fix xattr_version type (jsc#SES-1134). - ceph: only touch the caps which have the subset mask requested (jsc#SES-1134). - ceph: don't clear I_NEW until inode metadata is fully populated (jsc#SES-1134). - ceph: retry the same mds later after the new session is opened (jsc#SES-1134). - ceph: check availability of mds cluster on mount after wait timeout (jsc#SES-1134). - ceph: keep the session state until it is released (jsc#SES-1134). - ceph: add __send_request helper (jsc#SES-1134). - ceph: ensure we have a new cap before continuing in fill_inode (jsc#SES-1134). - ceph: drop unused ttl_from parameter from fill_inode (jsc#SES-1134). - ceph: fix possible long time wait during umount (jsc#SES-1134). - ceph: only choose one MDS who is in up:active state without laggy (jsc#SES-1134). - ceph: fix mdsmap cluster available check based on laggy number (jsc#SES-1134). - ceph: remove unnecessary assignment in ceph_pre_init_acls() (jsc#SES-1134). - ceph: delete redundant douts in con_get/put() (jsc#SES-1134). - commit 7a69ca8 - IB/mlx5: Use div64_u64 for num_var_hw_entries calculation (jsc#SLE-8446). - RDMA/core: Fix protection fault in get_pkey_idx_qp_list (jsc#SLE-8449). - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (jsc#SLE-8449). - RDMA/mlx5: Prevent overflow in mmap offset calculations (jsc#SLE-8446). - IB/umad: Fix kernel crash while unloading ib_umad (jsc#SLE-8449). - RDMA/mlx5: Fix async events cleanup flows (jsc#SLE-8446). - RDMA/core: Add missing list deletion on freeing event queue (jsc#SLE-8449). - RDMA/siw: Remove unwanted WARN_ON in siw_cm_llp_data_ready() (jsc#SLE-8381). - RDMA/iw_cxgb4: initiate CLOSE when entering TERM (jsc#SLE-8392). - IB/mlx5: Return failure when rts2rts_qp_counters_set_id is not supported (jsc#SLE-8446). - RDMA/core: Fix invalid memory access in spec_filter_size (jsc#SLE-8449). - IB/rdmavt: Reset all QPs when the device is shut down (jsc#SLE-8449). - IB/hfi1: Close window for pq and request coliding (jsc#SLE-8449). - IB/hfi1: Acquire lock to release TID entries when user file is closed (jsc#SLE-8449). - RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create (jsc#SLE-8449). - net: hns3: fix a copying IPv6 address error in hclge_fd_get_flow_tuples() (bsc#1154353). - net: hns3: fix VF bandwidth does not take effect in some case (bsc#1154353). - net: hns3: add management table after IMP reset (bsc#1154353). - page_pool: refill page when alloc.count of pool is zero (bsc#1154353). - ice: Trivial fixes (jsc#SLE-7926). - ice: Use correct netif error function (jsc#SLE-7926). - ice: Cleanup ice_vsi_alloc_q_vectors (jsc#SLE-7926). - ice: Make print statements more compact (jsc#SLE-7926). - ice: Use ice_pf_to_dev (jsc#SLE-7926). - ice: Remove possible null dereference (jsc#SLE-7926). - ice: update Unit Load Status bitmask to check after reset (jsc#SLE-7926). - ice: fix and consolidate logging of NVM/firmware version information (jsc#SLE-7926). - ice: Modify link message logging (jsc#SLE-7926). - ice: Remove CONFIG_PCI_IOV wrap in ice_set_pf_caps (jsc#SLE-7926). - ice: Remove ice_dev_onetime_setup() (jsc#SLE-7926). - ice: Don't allow same value for Rx tail to be written twice (jsc#SLE-7926). - ice: display supported and advertised link modes (jsc#SLE-7926). - ice: Fix switch between FW and SW LLDP (jsc#SLE-7926). - ice: Fix DCB rebuild after reset (jsc#SLE-7926). - net: ena: ena-com.c: prevent NULL pointer dereference (bsc#1154492). - net: ena: ethtool: use correct value for crc32 hash (bsc#1154492). - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE (bsc#1154492). - net: ena: fix corruption of dev_idx_to_host_tbl (bsc#1154492). - net: ena: fix incorrectly saving queue numbers when setting RSS indirection table (bsc#1154492). - net: ena: rss: store hash function as values and not bits (bsc#1154492). - net: ena: rss: fix failure to get indirection table (bsc#1154492). - net: ena: rss: do not allocate key when not supported (bsc#1154492). - net: ena: fix incorrect default RSS key (bsc#1154492). - net: ena: add missing ethtool TX timestamping indication (bsc#1154492). - net: ena: fix uses of round_jiffies() (bsc#1154492). - net: ena: fix potential crash when rxfh key is NULL (bsc#1154492). - i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps (bsc#1163036). - bpf: Improve bucket_log calculation logic (bsc#1154353). - i40e: Relax i40e_xsk_wakeup's return value when PF is busy (jsc#SLE-8025). - mlxsw: spectrum_dpipe: Add missing error path (bsc#1154488). - mlxsw: core: Add validation of hardware device types for MGPIR register (bsc#1154488). - ipv6/addrconf: fix potential NULL deref in inet6_set_link_af() (bsc#1154353). - taprio: Fix dropping packets when using taprio + ETF offloading (bsc#1154353). - taprio: Use taprio_reset_tc() to reset Traffic Classes configuration (bsc#1154353). - taprio: Add missing policy validation for flags (bsc#1154353). - taprio: Fix still allowing changing the flags during runtime (bsc#1154353). - taprio: Fix enabling offload with wrong number of traffic classes (bsc#1154353). - net/mlx5: Deprecate usage of generic TLS HW capability bit (jsc#SLE-8464). - net/mlx5e: TX, Error completion is for last WQE in batch (jsc#SLE-8464). - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx (jsc#SLE-8464). - net/mlx5: IPsec, Fix esp modify function attribute (jsc#SLE-8464). - net/mlx5: Fix deadlock in fs_core (jsc#SLE-8464). - skbuff: fix a data race in skb_queue_len() (bsc#1154353). - cxgb4: Added tls stats prints (jsc#SLE-8389). - net_sched: fix an OOB access in cls_tcindex (bsc#1154353). - netdevsim: remove unused sdev code (bsc#1154353). - netdevsim: use __GFP_NOWARN to avoid memalloc warning (bsc#1154353). - netdevsim: use IS_ERR instead of IS_ERR_OR_NULL for debugfs (bsc#1154353). - netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init() (bsc#1154353). - netdevsim: fix panic in nsim_dev_take_snapshot_write() (bsc#1154353). - netdevsim: disable devlink reload when resources are being used (bsc#1154353). - netdevsim: fix using uninitialized resources (bsc#1154353). - bnxt_en: Fix TC queue mapping (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix logic that disables Bus Master during firmware reset (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix RDMA driver failure with SRIOV after firmware reset (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor logic to re-enable SRIOV after firmware reset detected (jsc#SLE-8371 bsc#1153274). - cls_rsvp: fix rsvp_policy (bsc#1154353). - RDMA/core: Make the entire API tree static (jsc#SLE-8449). - RDMA/efa: Mask access flags with the correct optional range (jsc#SLE-5640). - RDMA/cma: Fix unbalanced cm_id reference count during address resolve (jsc#SLE-8449). - RDMA/umem: Fix ib_umem_find_best_pgsz() (jsc#SLE-8449). - IB/mlx4: Fix leak in id_map_find_del (jsc#SLE-8461). - IB/opa_vnic: Spelling correction of 'erorr' to 'error' (jsc#SLE-8449). - IB/hfi1: Fix logical condition in msix_request_irq (jsc#SLE-8449). - RDMA/cm: Use IBA functions for complex structure members (jsc#SLE-8449). - RDMA/cm: Use IBA functions for simple structure members (jsc#SLE-8449). - RDMA/cm: Use IBA functions for swapping get/set acessors (jsc#SLE-8449). - RDMA/cm: Use IBA functions for simple get/set acessors (jsc#SLE-8449). - RDMA/cm: Add SET/GET implementations to hide IBA wire format (jsc#SLE-8449). - RDMA/cm: Add accessors for CM_REQ transport_type (jsc#SLE-8449). - IB/mlx5: Return the administrative GUID if exists (jsc#SLE-8446). - RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence (jsc#SLE-8449). - IB/mlx4: Fix memory leak in add_gid error flow (jsc#SLE-8461). - IB/mlx5: Expose RoCE accelerator counters (jsc#SLE-8446). - RDMA/mlx5: Set relaxed ordering when requested (jsc#SLE-8446). - RDMA/uverbs: Add new relaxed ordering memory region access flag (jsc#SLE-8446). - RDMA/efa: Allow passing of optional access flags for MR registration (jsc#SLE-5640). - RDMA/core: Add optional access flags range (jsc#SLE-8449). - RDMA/uverbs: Verify MR access flags (jsc#SLE-8449). - RDMA/uverbs: Add ioctl command to get a device context (jsc#SLE-8449). - RDMA/core: Remove ucontext_lock from the uverbs_destry_ufile_hw() path (jsc#SLE-8449). - RDMA/core: Add UVERBS_METHOD_ASYNC_EVENT_ALLOC (jsc#SLE-8449). - net/mlx5: Expose relaxed ordering bits (jsc#SLE-8464). - net/mlx5: Add RoCE accelerator counters (jsc#SLE-8464). - IB/srp: Never use immediate data if it is disabled by a user (jsc#SLE-8449). - RDMA/rxe: Compute the maximum sges and inline size based on the WQE size (jsc#SLE-8449). - Introduce maximum WQE size to check limits (jsc#SLE-8449). - RDMA/efa: Remove unused ucontext parameter from efa_qp_user_mmap_entries_remove (jsc#SLE-5640). - RDMA/efa: Remove {} brackets from single statement if (jsc#SLE-5640). - RDMA/efa: Device definitions documentation updates (jsc#SLE-5640). - RDMA/hns: Add support for extended atomic in userspace (jsc#SLE-8449). - RDMA/hns: Get pf capabilities from firmware (jsc#SLE-8449). - RDMA/hns: Add interfaces to get pf capabilities from firmware (jsc#SLE-8449). - RDMA/hns: Remove some redundant variables related to capabilities (jsc#SLE-8449). - RDMA/core: Use READ_ONCE for ib_ufile.async_file (jsc#SLE-8449). - RDMA/core: Make ib_uverbs_async_event_file into a uobject (jsc#SLE-8449). - RDMA/core: Remove the ufile arg from rdma_alloc_begin_uobject (jsc#SLE-8449). - RDMA/core: Simplify type usage for ib_uverbs_async_handler() (jsc#SLE-8449). - RDMA/core: Do not erase the type of ib_wq.uobject (jsc#SLE-8449). - RDMA/core: Do not erase the type of ib_srq.uobject (jsc#SLE-8449). - RDMA/core: Do not erase the type of ib_qp.uobject (jsc#SLE-8449). - RDMA/core: Do not erase the type of ib_cq.uobject (jsc#SLE-8449). - RDMA/core: Make ib_ucq_object use ib_uevent_object (jsc#SLE-8449). - RDMA/core: Do not allow alloc_commit to fail (jsc#SLE-8449). - RDMA/mlx5: Simplify devx async commands (jsc#SLE-8446). - RDMA/core: Simplify destruction of FD uobjects (jsc#SLE-8449). - RDMA/mlx5: Use RCU and direct refcounts to keep memory alive (jsc#SLE-8446). - RDMA/uverbs: Remove needs_kfree_rcu from uverbs_obj_type_class (jsc#SLE-8449). - IB/mlx5: Add mmap support for VAR (jsc#SLE-8446). - IB/mlx5: Introduce VAR object and its alloc/destroy methods (jsc#SLE-8446). - IB/mlx5: Extend caps stage to handle VAR capabilities (jsc#SLE-8446). - RDMA/core: Remove err in iw_query_port (jsc#SLE-8449). - RDMA/hns: Add support for reporting wc as software mode (jsc#SLE-8449). - RDMA/hns: Bugfix for posting a wqe with sge (jsc#SLE-8449). - IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (jsc#SLE-8449). - IB/hfi1: Add software counter for ctxt0 seq drop (jsc#SLE-8449). - IB/hfi1: Return void in packet receiving functions (jsc#SLE-8449). - IB/hfi1: Decouple IRQ name from type (jsc#SLE-8449). - IB/hfi1: Create API for auto activate (jsc#SLE-8449). - IB/hfi1: IB/hfi1: Add an API to handle special case drop (jsc#SLE-8449). - IB/hfi1: Move common receive IRQ code to function (jsc#SLE-8449). - IB/hfi1: Add fast and slow handlers for receive context (jsc#SLE-8449). - IB/hfi1: Move chip specific functions to chip.c (jsc#SLE-8449). - RDMA/core: Fix locking in ib_uverbs_event_read (jsc#SLE-8449). - IB/core: Fix build failure without hugepages (jsc#SLE-8449). - IB/core: Rename event_handler_lock to qp_open_list_lock (jsc#SLE-8449). - IB/core: Cut down single member ib_cache structure (jsc#SLE-8449). - IB/core: Let IB core distribute cache update events (jsc#SLE-8449). - IB/mlx5: Do reverse sequence during device removal (jsc#SLE-8446). - RDMA/hns: Fix coding style issues (jsc#SLE-8449). - RDMA/hns: Replace custom macros HNS_ROCE_ALIGN_UP (jsc#SLE-8449). - RDMA/hns: Remove redundant print information (jsc#SLE-8449). - RDMA/hns: Delete unnessary parameters in hns_roce_v2_qp_modify() (jsc#SLE-8449). - RDMA/hns: Update the value of qp type (jsc#SLE-8449). - RDMA/hns: Remove unused function hns_roce_init_eq_table() (jsc#SLE-8449). - RDMA/hns: Avoid printing address of mtt page (jsc#SLE-8449). - RDMA/core: Add trace points to follow MR allocation (jsc#SLE-8449). - RDMA/core: Trace points for diagnosing completion queue issues (jsc#SLE-8449). - RDMA/cma: Add trace points in RDMA Connection Manager (jsc#SLE-8449). - RDMA/cm: Delete unused CM ARP functions (jsc#SLE-8449). - RDMA/cm: Delete unused CM LAP functions (jsc#SLE-8449). - RDMA/i40iw: fix a potential NULL pointer dereference (jsc#SLE-8449). - RDMA/rxe: Fix error type of mmap_offset (jsc#SLE-8449). - RDMA/mlx5: use true,false for bool variable (jsc#SLE-8446). - RDMA/mlx4: use true,false for bool variable (jsc#SLE-8461). - IB/iser: use true,false for bool variable (jsc#SLE-8449). - IB/hfi1: use true,false for bool variable (jsc#SLE-8449). - RDMA/siw: use true,false for bool variable (jsc#SLE-8381). - IB/core: Fix ODP with IB_ACCESS_HUGETLB handling (jsc#SLE-8449). - IB/core: Fix ODP get user pages flow (jsc#SLE-8449). - IB/mlx5: Unify ODP MR code paths to allow extra flexibility (jsc#SLE-8446). - IB/rdmavt: Correct comments in rdmavt_qp.h header (jsc#SLE-8449). - IB/hfi1: List all receive contexts from debugfs (jsc#SLE-8449). - IB/hfi1: Add accessor API routines to access context members (jsc#SLE-8449). - RDMA/mlx4: Redo TX checksum offload in line with docs (jsc#SLE-8461). - RDMA/cm: Use RCU synchronization mechanism to protect cm_id_private xa_load() (jsc#SLE-8449). - RDMA/srpt: Remove unnecessary assertion in srpt_queue_response (jsc#SLE-8449). - RDMA/netlink: Do not always generate an ACK for some netlink operations (jsc#SLE-8449). - IB/mlx5: Fix outstanding_pi index for GSI qps (jsc#SLE-8446). - RDMA/siw: Simplify QP representation (jsc#SLE-8381). - RDMA/hns: Simplify the calculation and usage of wqe idx for post verbs (jsc#SLE-8449). - RDMA/bnxt_re: Report more number of completion vectors (jsc#SLE-8372 bsc#1153275). - RDMA/qedr: Add kernel capability flags for dpm enabled mode (jsc#SLE-8215). - net/core: Do not clear VF index for node/port GUIDs query (bsc#1154353). - flow_dissector: Fix to use new variables for port ranges in bpf hook (bsc#1154353). - libbpf: Fix realloc usage in bpf_core_find_cands (bsc#1154353). - sfc: move mcdi filtering code (jsc#SLE-8314). - sfc: create header for mcdi filtering code (jsc#SLE-8314). - sfc: rename mcdi filtering functions/structs (jsc#SLE-8314). - bnxt_en: Add support for devlink info command (jsc#SLE-8371 bsc#1153274). - devlink: add macro for "fw.roce" (jsc#SLE-8371 bsc#1153274). - bnxt_en: Rename switch_id to dsn (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add support to update progress of flash update (jsc#SLE-8371 bsc#1153274). - bnxt_en: Move devlink_register before registering netdev (jsc#SLE-8371 bsc#1153274). - bnxt_en: Register devlink irrespective of firmware spec version (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor bnxt_dl_register() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Disable workaround for lost interrupts on 575XX B0 and newer chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Periodically check and remove aged-out ntuple filters (jsc#SLE-8371 bsc#1153274). - bnxt_en: Do not accept fragments for aRFS flow steering (jsc#SLE-8371 bsc#1153274). - bnxt_en: Support UDP RSS hashing on 575XX chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Remove the setting of dev_port (jsc#SLE-8371 bsc#1153274). - bnxt_en: Improve bnxt_probe_phy() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Improve link up detection (jsc#SLE-8371 bsc#1153274). - mlxsw: minimal: Fix an error handling path in 'mlxsw_m_port_create()' (bsc#1154488). - ice: Bump version (jsc#SLE-7926). - ice: Implement ethtool get/set rx-flow-hash (jsc#SLE-7926). - ice: Initilialize VF RSS tables (jsc#SLE-7926). - ice: Optimize table usage (jsc#SLE-7926). - ice: Enable writing filtering tables (jsc#SLE-7926). - ice: Populate TCAM filter software structures (jsc#SLE-7926). - ice: Allocate flow profile (jsc#SLE-7926). - ice: Enable writing hardware filtering tables (jsc#SLE-7926). - net: sched: sch_tbf: Don't overwrite backlog before dumping (bsc#1154353). - devlink: Add health recover notifications on devlink flows (bsc#1154353). - net/mlx5e: Enable all available stats for uplink reps (jsc#SLE-8464). - net/mlx5e: Create q counters on uplink representors (jsc#SLE-8464). - net/mlx5e: Convert rep stats to mlx5e_stats_grp-based infra (jsc#SLE-8464). - net/mlx5e: IPoIB, use separate stats groups (jsc#SLE-8464). - net/mlx5e: Convert stats groups array to array of group pointers (jsc#SLE-8464). - net/mlx5e: Declare stats groups via macro (jsc#SLE-8464). - net/mlx5e: Profile specific stats groups (jsc#SLE-8464). - net/mlx5e: Move uplink rep init/cleanup code into own functions (jsc#SLE-8464). - net/mlx5: DR, Allow connecting flow table to a lower/same level table (jsc#SLE-8464). - net/mlx5: DR, Modify header copy support (jsc#SLE-8464). - net/mlx5: DR, Modify set action limitation extension (jsc#SLE-8464). - net/mlx5e: Add mlx5e_flower_parse_meta support (jsc#SLE-8464). - net/mlx5e: allow TSO on VXLAN over VLAN topologies (jsc#SLE-8464). - net/mlx5e: Fix printk format warning (jsc#SLE-8464). - bpf: Fix trampoline usage in preempt (bsc#1154353). - net: hns3: cleanup some coding style issue (bsc#1154353). - net: hns3: remove redundant print on ENOMEM (bsc#1154353). - net: hns3: delete unnecessary blank line and space for cleanup (bsc#1154353). - net: hns3: rewrite a log in hclge_put_vector() (bsc#1154353). - net: hns3: refine the input parameter 'size' for snprintf() (bsc#1154353). - net: hns3: move duplicated macro definition into header (bsc#1154353). - net: hns3: set VF's default reset_type to HNAE3_NONE_RESET (bsc#1154353). - net: hns3: do not reuse pfmemalloc pages (bsc#1154353). - net: hns3: limit the error logging in the hns3_clean_tx_ring() (bsc#1154353). - net: hns3: replace snprintf with scnprintf in hns3_update_strings (bsc#1154353). - net: hns3: replace snprintf with scnprintf in hns3_dbg_cmd_read (bsc#1154353). - RDMA/mlx5: Fix handling of IOVA != user_va in ODP paths (jsc#SLE-8446). - IB/mlx5: Mask out unsupported ODP capabilities for kernel QPs (jsc#SLE-8446). - RDMA/mlx5: Don't fake udata for kernel path (jsc#SLE-8446). - IB/mlx5: Add ODP WQE handlers for kernel QPs (jsc#SLE-8446). - IB/core: Add interface to advise_mr for kernel users (jsc#SLE-8449). - IB/core: Introduce ib_reg_user_mr (jsc#SLE-8449). - net/mlx5: Allow creating autogroups with reserved entries (jsc#SLE-8464). - net/mlx5: Add ignore level support fwd to table rules (jsc#SLE-8464). - net/mlx5: fs_core: Introduce unmanaged flow tables (jsc#SLE-8464). - net/mlx5: Refactor mlx5_create_auto_grouped_flow_table (jsc#SLE-8464). - net/mlx5e: Add discard counters per priority (jsc#SLE-8464). - net/mlx5e: Expose FEC feilds and related capability bit (jsc#SLE-8464). - net/mlx5: Add mlx5_ifc definitions for connection tracking support (jsc#SLE-8464). - net/mlx5: Add copy header action struct layout (jsc#SLE-8464). - net/mlx5: Expose resource dump register mapping (jsc#SLE-8464). - net/mlx5: Add structures and defines for MIRC register (jsc#SLE-8464). - net/mlx5: Read MCAM register groups 1 and 2 (jsc#SLE-8464). - net/mlx5: Add structures layout for new MCAM access reg groups (jsc#SLE-8464). - net/mlx5: Expose vDPA emulation device capabilities (jsc#SLE-8464). - net/mlx5: Add Virtio Emulation related device capabilities (jsc#SLE-8464). - sfc: remove duplicated include from efx.c (jsc#SLE-8314). - sfc/ethtool_common: Make some function to static (jsc#SLE-8314). - net: hns3: refactor the notification scheme of PF reset (bsc#1154353). - net: hns3: modify hclge_func_reset_sync_vf()'s return type to void (bsc#1154353). - net: hns3: enlarge HCLGE_RESET_WAIT_CNT (bsc#1154353). - net: hns3: refactor the procedure of VF FLR (bsc#1154353). - net: hns3: refactor the precedure of PF FLR (bsc#1154353). - net: hns3: split hclgevf_reset() into preparing and rebuilding part (bsc#1154353). - net: hns3: split hclge_reset() into preparing and rebuilding part (bsc#1154353). - sfc: remove set but not used variable 'nic_data' (jsc#SLE-8314). - sfc: remove duplicated include from ef10.c (jsc#SLE-8314). - bnxt: Detach page from page pool before sending up the stack (jsc#SLE-8371 bsc#1153274). - devlink: add macro for "fw.psid" (bsc#1154353). - sfc: move RPS code (jsc#SLE-8314). - sfc: move yet more functions (jsc#SLE-8314). - sfc: move RSS code (jsc#SLE-8314). - sfc: move a couple more functions (jsc#SLE-8314). - sfc: move some ethtool code (jsc#SLE-8314). - sfc: move various functions (jsc#SLE-8314). - sfc: move more rx code (jsc#SLE-8314). - sfc: move more tx code (jsc#SLE-8314). - sfc: refactor selftest work init code (jsc#SLE-8314). - sfc: move MCDI logging device attribute (jsc#SLE-8314). - sfc: conditioned some functionality (jsc#SLE-8314). - sfc: move MCDI receive queue management code (jsc#SLE-8314). - sfc: move MCDI transmit queue management code (jsc#SLE-8314). - sfc: move MCDI event queue management code (jsc#SLE-8314). - sfc: move MCDI VI alloc/free code (jsc#SLE-8314). - sfc: move more MCDI port code (jsc#SLE-8314). - sfc: move some MCDI port utility functions (jsc#SLE-8314). - sfc: move some port link state/caps code (jsc#SLE-8314). - vmxnet3: Remove always false conditional statement (bsc#1154353). - bnxt_en: Call recovery done after reset is successfully done (jsc#SLE-8371 bsc#1153274). - devlink: add devink notification when reporter update health state (bsc#1154353). - devlink: add support for reporter recovery completion (bsc#1154353). - sfc: move common tx code (jsc#SLE-8314). - sfc: move common rx code (jsc#SLE-8314). - sfc: move event queue management code (jsc#SLE-8314). - sfc: move channel interrupt management code (jsc#SLE-8314). - sfc: move channel alloc/removal code (jsc#SLE-8314). - sfc: move channel start/stop code (jsc#SLE-8314). - sfc: move some channel-related code (jsc#SLE-8314). - sfc: move struct init and fini code (jsc#SLE-8314). - sfc: move some device reset code (jsc#SLE-8314). - sfc: move datapath management code (jsc#SLE-8314). - sfc: move mac configuration and status functions (jsc#SLE-8314). - sfc: move reset workqueue code (jsc#SLE-8314). - sfc: further preparation for code split (jsc#SLE-8314). - sfc: add new headers in preparation for code split (jsc#SLE-8314). - net/mlx5: DR, Create multiple destination action from dr_create_fte (jsc#SLE-8464). - net/mlx5: DR, Add support for multiple destination table action (jsc#SLE-8464). - net/mlx5: DR, Align dest FT action creation to API (jsc#SLE-8464). - net/mlx5: DR, Pass table flags at creation to lower layer (jsc#SLE-8464). - net/mlx5: DR, Create multi-destination table for SW-steering use (jsc#SLE-8464). - net/mlx5: DR, Create FTE entry in the FW from SW-steering (jsc#SLE-8464). - net/mlx5: DR, Use attributes struct for FW flow table creation (jsc#SLE-8464). - net/mlx5: Use async EQ setup cleanup helpers for multiple EQs (jsc#SLE-8464). - net/mlx5: Reduce No CQ found log level from warn to debug (jsc#SLE-8464). - net/mlx5: Increase the max number of channels to 128 (jsc#SLE-8464). - net/mlx5e: Support accept action on nic table (jsc#SLE-8464). - mlx5: work around high stack usage with gcc (jsc#SLE-8464). - net/mlx5: limit the function in local scope (jsc#SLE-8464). - mlxsw: spectrum: Disable DIP_LINK_LOCAL check in hardware pipeline (bsc#1154488). - mlxsw: spectrum: Disable SIP_DIP check in hardware pipeline (bsc#1154488). - mlxsw: spectrum: Disable MC_DMAC check in hardware pipeline (bsc#1154488). - mlxsw: spectrum: Disable SIP_CLASS_E check in hardware pipeline (bsc#1154488). - net: hns3: modify an unsuitable reset level for hardware error (bsc#1154353). - net: hns3: replace an unsuitable variable type in hclge_inform_reset_assert_to_vf() (bsc#1154353). - net: hns3: add protection when get SFP speed as 0 (bsc#1154353). - net: hns3: modify the IRQ name of misc vectors (bsc#1154353). - net: hns3: modify an unsuitable log in hclge_map_ring_to_vector() (bsc#1154353). - net: hns3: modify the IRQ name of TQP vector (bsc#1154353). - net: hns3: re-organize vector handle (bsc#1154353). - net: hns3: add trace event support for HNS3 driver (bsc#1154353). - ice: Suppress Coverity warnings for xdp_rxq_info_reg (jsc#SLE-7926). - ice: Add a boundary check in ice_xsk_umem() (jsc#SLE-7926). - ice: add extra check for null Rx descriptor (jsc#SLE-7926). - ice: suppress checked_return error (jsc#SLE-7926). - ice: Demote MTU change print to debug (jsc#SLE-7926). - ice: Enable ip link show on the PF to display VF unicast MAC(s) (jsc#SLE-7926). - ice: Fix VF link state when it's IFLA_VF_LINK_STATE_AUTO (jsc#SLE-7926). - ice: Remove Rx flex descriptor programming (jsc#SLE-7926). - ice: Return error on not supported ethtool -C parameters (jsc#SLE-7926). - ice: Restore interrupt throttle settings after VSI rebuild (jsc#SLE-7926). - ice: Set default value for ITR in alloc function (jsc#SLE-7926). - ice: Add ice_for_each_vf() macro (jsc#SLE-7926). - ice: Add code to keep track of current dflt_vsi (jsc#SLE-7926). - ice: Fix VF spoofchk (jsc#SLE-7926). - ice: Support UDP segmentation offload (jsc#SLE-7926). - sfc: Remove unnecessary dependencies on I2C (jsc#SLE-8314). - mlxsw: spectrum_dcb: Allow setting default port priority (bsc#1154488). - mlxsw: reg: Add QoS Port DSCP to Priority Mapping Register (bsc#1154488). - page_pool: help compiler remove code in case CONFIG_NUMA=n (bsc#1154353). - page_pool: handle page recycle for NUMA_NO_NODE condition (bsc#1154353). - e1000e: Use netdev_info instead of pr_info for link messages (jsc#SLE-8100). - igb: dont drop packets if rx flow control is enabled (jsc#SLE-7967 jsc#SLE-8010). - sfc: avoid duplicate error handling code in 'efx_ef10_sriov_set_vf_mac()' (jsc#SLE-8314). - net: ena: remove set but not used variable 'rx_ring' (bsc#1154492). - mlxsw: spectrum_router: Make route creation and destruction symmetric (bsc#1154488). - mlxsw: spectrum_router: Eliminate dead code (bsc#1154488). - mlxsw: spectrum_router: Remove unnecessary checks (bsc#1154488). - net: hns3: only print misc interrupt status when handling fails (bsc#1154353). - net: hns3: add a log for getting chain failure in hns3_nic_uninit_vector_data() (bsc#1154353). - net: hns3: add some VF VLAN information for command "ip link show" (bsc#1154353). - net: hns3: implement ndo_features_check ops for hns3 driver (bsc#1154353). - net: hns3: get FD rules location before dump in debugfs (bsc#1154353). - net: hns3: optimization for CMDQ uninitialization (bsc#1154353). - net: hns3: remove useless mutex vport_cfg_mutex in the struct hclge_dev (bsc#1154353). - net: hns3: check FE bit before calling hns3_add_frag() (bsc#1154353). - mlxsw: spectrum: Rename MLXSW_REG_QEEC_HIERARCY_* enumerators (bsc#1154488). - mlxsw: spectrum_qdisc: Clarify a comment (bsc#1154488). - net: pkt_cls: Clarify a comment (bsc#1154353). - sch_cake: drop unused variable tin_quantum_prio (bsc#1154353). - cxgb4/chtls: fix ULD connection failures due to wrong TID base (jsc#SLE-8389). - cxgb4: fix missed high priority region calculation (jsc#SLE-8389). - net: hns3: do not schedule the periodic task when reset fail (bsc#1154353). - net: hns3: allocate WQ with WQ_MEM_RECLAIM flag (bsc#1154353). - net: hns3: remove unnecessary work in hclgevf_main (bsc#1154353). - net: hns3: remove mailbox and reset work in hclge_main (bsc#1154353). - net: hns3: schedule hclgevf_service by using delayed workqueue (bsc#1154353). - tcp: Set rcv zerocopy hint correctly if skb last frag is < PAGE_SIZE (bsc#1154353). - Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace" (bsc#1154353). - net: ena: Add first_interrupt field to napi struct (bsc#1154492). - net: ena: Implement XDP_TX action (bsc#1154492). - net: ena: implement XDP drop support (bsc#1154492). - rtnetlink: provide permanent hardware address in RTM_NEWLINK (bsc#1154353). - cxgb4: add support for high priority filters (jsc#SLE-8389). - nfp: add support for TLV device stats (bsc#1154353). - tcp: Cleanup duplicate initialization of sk->sk_state (bsc#1154353). - qed: remove redundant assignments to rc (jsc#SLE-8401). - Documentation: nfp: add nfp driver specific notes (bsc#1154353). - commit 00df886 - ftrace: Protect ftrace_graph_hash with ftrace_sync (git-fixes). - commit 18b606e - ftrace: Add comment to why rcu_dereference_sched() is open coded (git-fixes). - commit 3920d17 - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu (git-fixes). - commit dca30ea - tracing: Annotate ftrace_graph_hash pointer with __rcu (git-fixes). - commit 0478306 - xen/balloon: Support xend-based toolstack take two (bsc#1065600). - commit 97502bd - tracing: Fix sched switch start/stop refcount racy updates (git-fixes). - commit cccfa7b - tracing: Simplify assignment parsing for hist triggers (git-fixes). - commit 4ec91e7 - tracing: Fix tracing_stat return values in error handling paths (git-fixes). - commit f3d8551 - tracing: Fix very unlikely race of registering two stat tracers (git-fixes). - commit f65b168 - serial: 8250_dw: Avoid double error messaging when IRQ absent (bsc#1164118). - commit f336e59 - blacklist.conf: ignore duplicated commit ID - commit 720d999 - powerpc: convert to copy_thread_tls (bsc#1163988). - Update config files: Add CONFIG_HAVE_COPY_THREAD_TLS=y - commit f351204 - cifs: fix mount option display for sec=krb5i (bsc#1161907). - commit c56405f - Delete patches.rpmify/powerpc-boot-Fix-missing-crc32poly.h-when-building-w.patch. - commit 18a7f4d - arm64: Revert support for execute-only user mappings (bsc#1160218). - commit 373929f - memcg: account security cred as well to kmemcg (bsc#1164094). - commit 28f2006 - ext4: add cond_resched() to ext4_protect_reserved_inode (bsc#1164069 CVE-2020-8992). - commit e44be93 - btrfs: Fix split-brain handling when changing FSID to metadata uuid (git-fixes). - btrfs: Handle another split brain scenario with metadata uuid feature (git-fixes). - btrfs: Factor out metadata_uuid code from find_fsid (git-fixes). - btrfs: Call find_fsid from find_fsid_inprogress (git-fixes). - commit d6dd57b - btrfs: Correctly handle empty trees in find_first_clear_extent_bit (git-fixes). - commit 35b5ead - bcache: remove macro nr_to_fifo_front() (bsc#1163762). - bcache: Revert "bcache: shrink btree node cache after bch_btree_check()" (bsc#1163762, bsc#1112504). - bcache: ignore pending signals when creating gc and allocator thread (bsc#1163762, bsc#1112504). - bcache: check return value of prio_read() (bsc#1163762). - bcache: fix incorrect data type usage in btree_flush_write() (bsc#1163762). - bcache: add readahead cache policy options via sysfs interface (bsc#1163762). - bcache: explicity type cast in bset_bkey_last() (bsc#1163762). - bcache: fix memory corruption in bch_cache_accounting_clear() (bsc#1163762). - bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762). - bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan() (bsc#1163762). - bcache: remove member accessed from struct btree (bsc#1163762). - bcache: print written and keys in trace_bcache_btree_write (bsc#1163762). - bcache: avoid unnecessary btree nodes flushing in btree_flush_write() (bsc#1163762). - bcache: add code comments for state->pool in __btree_sort() (bsc#1163762). - lib: crc64: include for 'crc64_be' (bsc#1163762). - bcache: don't export symbols (bsc#1163762). - bcache: remove the extra cflags for request.o (bsc#1163762). - bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762). - bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762). - bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762). - bcache: fix deadlock in bcache_allocator (bsc#1163762). - bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front() (bsc#1163762). - bcache: deleted code comments for dead code in bch_data_insert_keys() (bsc#1163762). - bcache: add more accurate error messages in read_super() (bsc#1163762). - bcache: fix static checker warning in bcache_device_free() (bsc#1163762). - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock (bsc#1163762). - bcache: Fix an error code in bch_dump_read() (bsc#1163762). - bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762). - commit fdeab1e ++++ kernel-default-base: - Add the brd module, used by the LTP testsuite and tiny ++++ Mesa: - only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for older products still use 'BuildRequires: llvm9-devel'; fixed build on openSUSE Leap 15.2 ++++ gcc10: - Bump to rfa1160f6e50500aa38162fefb43bfb10c25e0363. - Bump to r33351ff9faa21c4c1af377d661a52ac0ce366db3. ++++ NetworkManager: - Update to version 1.22.8: + Added configuration option to customize IPv6 RA timeout. + Internal DHCP client will now request a lease renewal using the previously obtained IP address when expired. + Removed length limitation for OVS Bridge, Patches and Interfaces (only Patch types) names. + Fixed initialization of 'secs' DHCP header field, this caused some DHCP relays to drop packets. + Fixed failure when creating team interfaces using 'nmstate'. + Various bug fixes and improvements. ++++ openssh: - Add patches to fix the sandbox blocking glibc on 32bit platforms (boo#1164061): * openssh-8.1p1-seccomp-clock_nanosleep_time64.patch * openssh-8.1p1-seccomp-clock_gettime64.patch ++++ system-users: - Align /var/lib/tss permissions with trousers (boo#1162360). ------------------------------------------------------------------ ------------------ 2020-2-17 - Feb 17 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - clone3: ensure copy_thread_tls is implemented (bsc#1163988). - commit 480a977 - cgroup: Prevent double killing of css when enabling threaded cgroup (bsc#1153013). - commit c46884c - ext4: fix kernel oops caused by spurious casefold flag (bsc#1163984). - commit 91a9b4c - blacklist.conf: Blacklist 44d282796f81 - commit 13cd15a - blacklist.conf: Blacklist 311ae9e159d8 - commit 72fb7d5 - Update patches.suse/powerpc-pseries-vio-Fix-iommu_table-use-after-free-r.patch (bsc#1065729 bsc#1163838 ltc#183850). - commit 7b4b6e2 - KVM: s390: do not clobber registers during guest reset/store status (bsc#1133021). - KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups (bsc#1133021). - commit 25937f8 - bdev: Refresh bdev size for disks without partitioning (bsc#1163921). - commit 6da307d - bdev: Factor out bdev revalidation into a common helper (bsc#1163920). - commit 7d363e5 - udf: Allow writing to 'Rewritable' partitions (bsc#1163919). - commit ae441d0 - blacklist.conf: Blacklist d9e9866803f7 - commit 53fef3b - reiserfs: Fix memory leak of journal device string (bsc#1163867). - commit 56254a8 - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling (bsc#1163869). - commit f560b4f - aio: prevent potential eventfd recursion on poll (bsc#1163918). - commit d377261 - eventfd: track eventfd_signal() recursion depth (bsc#1163917). - commit 29a8cc7 - ubifs: Fix memory leak from c->sup_node (bsc#1163916). - commit fe0e8a1 - ubifs: Fix ino_t format warnings in orphan_delete() (bsc#1163915). - commit 9d44fec - ubifs: Fix deadlock in concurrent bulk-read and writepage (bsc#1163856). - commit d4691a3 - ubifs: Fix wrong memory allocation (bsc#1163913). - commit 08cc8d9 - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag (bsc#1163855). - commit 3341be7 - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock (bsc#1163912). - commit d51c1c8 - ext4, jbd2: ensure panic when aborting with zero errno (bsc#1163853). - commit f604866 - jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record (bsc#1163852). - commit c3599a5 - jbd2_seq_info_next should increase position index (bsc#1163911). - commit d64397e - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal (bsc#1163910). - commit 78b7063 - erofs: fix out-of-bound read for shifted uncompressed block (bsc#1163909). - commit a97e621 - ubifs: don't trigger assertion on invalid no-key filename (bsc#1163850). - commit 64c82f1 - readdir: be more conservative with directory entry names (bsc#1163907). - commit 879663d - locks: print unsigned ino in /proc/locks (bsc#1163905). - blacklist.conf: blacklist e39e773ad100 - commit 611e661 - iomap: fix sub-page uptodate handling (bsc#1163904). - commit f83b374 - ubifs: do_kill_orphans: Fix a memory leak bug (bsc#1163902). - commit 37ace01 - ubifs: Fixed missed le64_to_cpu() in journal (bsc#1163901). - commit cc34990 - fcntl: fix typo in RWH_WRITE_LIFE_NOT_SET r/w hint name (bsc#1163843). - commit bc0e099 - ext4: improve explanation of a mount failure caused by a misconfigured kernel (bsc#1163843). - commit 900aad6 - ext4: fix race conditions in ->d_compare() and ->d_hash() (bsc#1163899). - commit cfc289b - ext4: fix deadlock allocating crypto bounce page from mempool (bsc#1163898). - commit 21b72aa - ext4: validate the debug_want_extra_isize mount option at parse time (bsc#1163897). - commit b0ee42b - ext4: unlock on error in ext4_expand_extra_isize() (bsc#1163896). - commit cd7a6d4 - block, bfq: do not plug I/O for bfq_queues with no proc refs (bsc#1163894). - commit 3c9b27c - block: fix splitting segments on boundary masks (bsc#1163893). - commit 8b3de45 - compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES (bsc#1163892). - commit c3d2ac2 - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (bsc#1163891). - commit bbed8ba - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer (bsc#1163836). - commit 17af302 - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() (bsc#1163880). - commit 2f2419e - ext4: fix checksum errors with indexed dirs (bsc#1160979). - commit b490dab - fix patches metadata - fix Patch-mainline: patches.suse/0001-crypto-sun4i-ss-fix-big-endian-issues.patch patches.suse/0001-perf-imx_ddr-Add-MODULE_DEVICE_TABLE.patch - commit 9d8931e - blaklist.conf: improve comments - "already gone in" is rather cryptic, change the d51224b73d18 entry to "duplicate of ac479b51f3f4" - change the 1340cc631bd0 entry to "duplicate of d79749f7716d" - commit 580e740 - powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case (bsc#1163776 ltc#183929). - Refresh patches.suse/mm-mmu_gather-invalidate-TLB-correctly-on-batch-allo.patch. - commit b99c448 - fix patches metadata - fix Patch-mainline: patches.suse/fmc-remove-left-over-ipmi-fru.h-after-fmc-deletion.patch patches.suse/mm-thp-don-t-need-care-deferred-split-queue-in-memcg-charge-move-path.patch patches.suse/mm-vmscan-protect-shrinker-idr-replace-with-CONFIG_MEMCG.patch patches.suse/ptr_ring-add-include-of-linux-mm.h.patch patches.suse/taskstats-fix-data-race.patch - commit b311938 - crypto: atmel - Fix build error of CRYPTO_AUTHENC (git-fixes). - commit 96a9a36 - series.conf: cleanup - update upstream references and resort: patches.suse/scsi-lpfc-Fix-Fabric-hostname-registration-if-system.patch patches.suse/scsi-lpfc-Fix-MDS-Latency-Diagnostics-Err-drop-rates.patch patches.suse/scsi-lpfc-Fix-Rework-setting-of-fdmi-symbolic-node-n.patch patches.suse/scsi-lpfc-Fix-disablement-of-FC-AL-on-lpe35000-model.patch patches.suse/scsi-lpfc-Fix-improper-flag-check-for-IO-type.patch patches.suse/scsi-lpfc-Fix-missing-check-for-CSF-in-Write-Object-.patch patches.suse/scsi-lpfc-Fix-ras_log-via-debugfs.patch patches.suse/scsi-lpfc-Fix-unmap-of-dpp-bars-affecting-next-drive.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.6.0.3.patch No effect on expanded tree. - commit b74bc8d - blacklist.conf: Append 'drm/panfrost: Handle resetting on timeout better' - commit c1cf6b0 - drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank() (bsc#1152489) - commit 5f73109 - series.conf: cleanup Keep ACPI patches in one place. No effect on expanded tree. - commit daba698 - drm/etnaviv: fix dumping of iommuv2 (bsc#1152472) - commit f714fd7 - blacklist.conf: Append 'drm/i915/ehl: Define EHL powerwells independently of ICL' - commit 2edb74e - blacklist.conf: Append 'drm/i915: Copy across scheduler behaviour flags across submit fences' - commit fe75061 - hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions (git-fixes). - commit f1c1df9 - drivers: ipmi: fix off-by-one bounds check that leads to a out-of-bounds write (git-fixes). - commit 901290b - vt: selection, close sel_buffer race (bnc#1162928 CVE-2020-8648). - vt: selection, handle pending signals in paste_selection (bnc#1162928 CVE-2020-8648). - commit c7af915 - series.conf: cleanup - update upstream references and resort: patches.suse/drivers-ipmi-Modify-max-length-of-IPMB-packet.patch patches.suse/drivers-ipmi-Support-raw-i2c-packet-in-IPMB.patch No effect on expanded tree. - commit cb3f6eb - bpf, sockmap: Don't sleep while holding RCU lock on tear-down (bsc#1155518). - bpftool: Don't crash on missing xlated program instructions (bsc#1155518). - samples: bpf: Allow for -ENETDOWN in xdpsock (bsc#1155518). - bpf: Fix modifier skipping logic (bsc#1155518). - commit c617a95 - enic: prevent waking up stopped tx queues over watchdog reset (bsc#1133147). - commit b9b83d8 ++++ toolbox: - Update to version 1.0+git20200217.cd18bfb: * Multiple toolboxes, with different names * Configure `sudo` access for an user toolbox * Correctly setup the user * Add -u|--user parameter * Handle arguments with 'getopt' ++++ u-boot-rpiarm64: - Update patch to fix boo#1163723 : * 0001-XXX-openSUSE-XXX-Prepend-partition-.patch ++++ yast2: - SysctlConfig class: Handle sysctl entries in different directories (bsc#1151649). - 4.2.66 - Fixed user-visible messages (bsc#1084015) - 4.2.65 ------------------------------------------------------------------ ------------------ 2020-2-16 - Feb 16 2020 ------------------- ------------------------------------------------------------------ ++++ Mesa: - Update to version 19.3.4 * changes all over the tree, but aco and anv are leading the way in changes - supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch ------------------------------------------------------------------ ------------------ 2020-2-15 - Feb 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched/fair: Take into account runnable_avg to classify group (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 60b875c - sched/pelt: Add a new runnable average signal (bnc#1155798 (CPU scheduler functional and performance backports)). - commit eb2bc08 - sched/pelt: Remove unused runnable load average (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 99634f9 - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (git-fixes). - mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (git-fixes). - commit 0a55d21 - mac80211: fix quiet mode activation in action frames (git-fixes). - qmi_wwan: re-add DW5821e pre-production variant (git-fixes). - drm/i915/gvt: more locking for ppgtt mm LRU list (git-fixes). - Revert "drm/sun4i: drv: Allow framebuffer modifiers in mode config" (git-fixes). - commit 8c7a45f - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes). - ALSA: usb-audio: Apply 48kHz fixed rate playback for Jabra Evolve 65 headset (git-fixes). - commit 36550e5 - ALSA: pcm: Fix double hw_free calls (git-fixes). - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 (git-fixes). - ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes). - ALSA: hda/realtek - Add more codec supported Headset Button (git-fixes). - ALSA: usb-audio: Fix UAC2/3 effect unit parsing (git-fixes). - ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82 (git-fixes). - ALSA: usb-audio: add implicit fb quirk for MOTU M Series (git-fixes). - ALSA: usb-audio: unlock on error in probe (git-fixes). - ALSA: usb-audio: Add boot quirk for MOTU M Series (git-fixes). - ALSA: usb-audio: Use lower hex numbers for IDs (git-fixes). - commit 70d0fd1 ------------------------------------------------------------------ ------------------ 2020-2-14 - Feb 14 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched/numa: Stop an exhastive search if a reasonable swap candidate or idle CPU is found (bnc#1155798 (CPU scheduler functional and performance backports)). - commit a207d84 - Move ipmi_si fix to subsystem sorted section (bsc#1161943) - commit 53fab48 - sched/numa: Bias swapping tasks based on their preferred node (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Find an alternative idle CPU if the CPU is part of an active NUMA balance (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Prefer using an idle cpu as a migration target instead of comparing tasks (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Use similar logic to the load balancer for moving between domains with spare capacity (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: replace runnable_load_avg by load_avg (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: reorder enqueue/dequeue_task_fair path (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Distinguish between the different task_numa_migrate failure cases (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Trace when no candidate CPU was found on the preferred node (bnc#1155798 (CPU scheduler functional and performance backports)). - mm: thp: don't need care deferred split queue in memcg charge move path (git fixes (mm/memcg)). - fmc: remove left-over ipmi-fru.h after fmc deletion (git fixes (FRU removal)). - ptr_ring: add include of linux/mm.h (git fixes (mm/includes)). - taskstats: fix data-race (git fixes (taskstats)). - mm: vmscan: protect shrinker idr replace with CONFIG_MEMCG (git fixes (mm/vmscan)). - commit a00a8d0 - Refresh patches.suse/sched-fair-Optimize-select_idle_core.patch. - commit 59efedb ++++ microos-tools: - Update to version 1.0+git20200214.c7654a7: * Remove btrfsQuota, snapper list provides now the same informations * Adjust README.md ------------------------------------------------------------------ ------------------ 2020-2-13 - Feb 13 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update config files: enable CONFIG_FW_CFG_SYSFS for arm64 (bsc#1163521) - commit 3795961 - Refresh patches.suse/sched-fair-Allow-a-small-load-imbalance-between-low-utilisation-SD_NUMA-domains.patch. - commit d461156 ++++ openssl-1_1: - Fix wrong return values of FIPS DSA and ECDH selftests (bsc#1163569) * add openssl-fips_fix_selftests_return_value.patch ------------------------------------------------------------------ ------------------ 2020-2-12 - Feb 12 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ACPI / watchdog: Set default timeout in probe (bsc#1162557). - ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557). - commit 54f65f7 - patches.suse/simple_recursive_removal-kernel-side-rm-rf-for-ramfs.patch: (bsc#1159198,CVE-2019-19770). - commit ae16628 - cpuidle: use first valid target residency as poll time (jsc#SLE-11312). - commit 4e4e473 - cpuidle: haltpoll: Take 'idle=' override into account (jsc#SLE-11312). - commit b7ea903 - cpuidle-haltpoll: Enable kvm guest polling when dedicated physical CPUs are available (jsc#SLE-11312). - commit c957ec1 - cpuidle-haltpoll: do not set an owner to allow modunload (jsc#SLE-11312). - commit dc19dcc - cpuidle-haltpoll: return -ENODEV on modinit failure (jsc#SLE-11312). - commit 5f4abc5 - cpuidle-haltpoll: set haltpoll as preferred governor (jsc#SLE-11312). - commit f056412 - cpuidle: allow governor switch on cpuidle_register_driver() (jsc#SLE-11312). - commit a8f3113 - scsi: lpfc: Update lpfc version to 12.6.0.4 (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Clean up hba max_lun_queue_depth checks (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Remove handler for obsolete ELS - Read Port (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix coverity errors in fmdi attribute handling (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix compiler warning on frame size (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix release of hwq to clear the eq relationship (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix registration of ELS type support in fdmi (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix broken Credit Recovery after driver load (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix lpfc_io_buf resource leak in (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.6.0.3 (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix improper flag check for IO type (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix MDS Latency Diagnostics Err-drop rates (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix unmap of dpp bars affecting next driver load (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix disablement of FC-AL on lpe35000 models (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix ras_log via debugfs (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix Fabric hostname registration if system (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix missing check for CSF in Write Object Mbox (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration (bsc#1156632,jsc#SLE-8654). - commit ad7b473 - tools/kvm_stat: Fix kvm_exit filter name (git-fixes). - tools lib: Fix builds when glibc contains strlcpy() (git-fixes). - tools/power/acpi: fix compilation error (git-fixes). - sh_eth: check sh_eth_cpu_data::dual_port when dumping registers (git-fixes). - commit a1660a4 - enetc: Don't print from enetc_sched_speed_set when link goes down (git-fixes). - PM / devfreq: Add new name attribute for sysfs (git-fixes). - PM / devfreq: Don't fail devfreq_dev_release if not in list (git-fixes). - PM / devfreq: Set scaling_max_freq to max on OPP notifier error (git-fixes). - PM / devfreq: Fix devfreq_notifier_call returning errno (git-fixes). - commit 280c62f - cpuidle-haltpoll: vcpu hotplug support (jsc#SLE-11312). - commit be83569 - cpuidle: header file stubs must be "static inline" (jsc#SLE-11312). - commit 72c5ab4 - blacklist.conf: Add already cherry-picked i915 commits - commit e79e886 - cpuidle-haltpoll: disable host side polling when kvm virtualized (jsc#SLE-11312). - Update config files. - commit 7a92459 - alarmtimer: Unregister wakeup source when module get fails (git-fixes). - afs: Fix characters allowed into cell names (git-fixes). - afs: Fix afs_lookup() to not clobber the version on a new dentry (git-fixes). - afs: Fix use-after-loss-of-ref (git-fixes). - atm: eni: fix uninitialized variable warning (git-fixes). - staging: axis-fifo: add unspecified HAS_IOMEM dependency (git-fixes). - afs: Fix missing cell comparison in afs_test_super() (git-fixes). - afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP (git-fixes). - afs: Fix mountpoint parsing (git-fixes). - afs: Fix SELinux setting security label on /afs (git-fixes). - afs: Fix afs_find_server lookups for ipv4 peers (git-fixes). - afs: Remove set but not used variables 'before', 'after' (git-fixes). - affs: fix a memory leak in affs_remount (git-fixes). - afs: Fix large file support (git-fixes). - afs: Fix possible assert with callbacks from yfs servers (git-fixes). - afs: Fix missing timeout reset (git-fixes). - commit 70f7941 - Btrfs: make deduplication with range including the last block work (bsc#1163496). - commit 177be09 - cpuidle: add haltpoll governor (jsc#SLE-11312). - Update config files. - commit 3395a31 - fs: allow deduplication of eof block into the end of the destination file (bsc#1163496). - commit a6f621e - Btrfs: send, fix emission of invalid clone operations within the same file (bsc#1163493). - commit e5b1bf0 - governors: unify last_state_idx (jsc#SLE-11312). - Refresh patches.suse/cpuidle-teo-Allow-tick-to-be-stopped-if-PM-QoS-is-us.patch. - Refresh patches.suse/cpuidle-teo-Avoid-using-early-hits-incorrectly.patch. - commit 5219109 - cpuidle: add poll_limit_ns to cpuidle_device structure (jsc#SLE-11312). - commit 39e79ea - Btrfs: fix race between adding and putting tree mod seq elements and nodes (bsc#1163384). - commit 20ba722 - Btrfs: fix infinite loop during fsync after rename operations (bsc#1163383). - commit d4b4993 - Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES (bsc#1158749). - commit 1e49dd1 - add cpuidle-haltpoll driver (jsc#SLE-11312). - Update config files. - supported.conf: add cpuidle-haltpoll as supported supported.conf: Add newly introduced cpuidle-haltpoll driver - commit ba1edb5 - drop obsolete btrfs patches inherited from SLE15-SP1 - drop patches.suse/btrfs-prevent-ioctls-from-interfering-with-a-swap-file.patch (mainline commit eede2bf34f4f, v5.0-rc1) patches.suse/btrfs-rename-and-export-get_chunk_map.patch (mainline commit 60ca842e3457, v5.0-rc1) patches.suse/btrfs-support-swap-files.patch (mainline commit ed46ff3d4237, v5.0-rc1) - commit 7f19d4b - ASoC: sgtl5000: Fix VDDA and VDDIO comparison (git-fixes). - commit 75f282a - crypto: ccree - fix pm wrongful error reporting (git-fixes). - Refresh patches.suse/crypto-ccree-fix-PM-race-condition.patch. - commit dbcb926 - iwlwifi: don't throw error when trying to remove IGTK (git-fixes). - ARM: tegra: Enable PLLP bypass during Tegra124 LP1 (git-fixes). - drm/amd/dm/mst: Ignore payload update failures (git-fixes). - clk: tegra: Mark fuse clock as critical (git-fixes). - mfd: dln2: More sanity checking for endpoints (git-fixes). - media: rc: ensure lirc is initialized before registering input device (git-fixes). - media: v4l2-core: compat: ignore native command codes (git-fixes). - PM: core: Fix handling of devices deleted during system-wide resume (git-fixes). - media/v4l2-core: set pages dirty upon releasing DMA buffers (git-fixes). - power: supply: ltc2941-battery-gauge: fix use-after-free (git-fixes). - usb: gadget: legacy: set max_speed to super-speed (git-fixes). - crypto: ccree - fix FDE descriptor sequence (git-fixes). - crypto: ccree - fix backlog memory leak (git-fixes). - ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards (git-fixes). - regulator fix for "regulator: core: Add regulator_is_equal() helper" (git-fixes). - regulator: core: Add regulator_is_equal() helper (git-fixes). - platform/x86: intel_scu_ipc: Fix interrupt support (git-fixes). - mmc: spi: Toggle SPI polarity, do not hardcode it (git-fixes). - mmc: sdhci-pci: Make function amd_sdhci_reset static (git-fixes). - commit 798d10c - fix mainline references - fix Patch-mainline: patches.suse/apparmor-Switch-to-GFP_KERNEL-where-possible.patch patches.suse/apparmor-Use-a-memory-pool-instead-per-CPU-caches.patch patches.suse/apparmor-fix-aa_xattrs_match-may-sleep-while-holding-a-RCU-lock.patch patches.suse/apparmor-fix-bind-mounts-aborting-with-ENOMEM.patch patches.suse/apparmor-fix-wrong-buffer-allocation-in-aa_new_mount.patch patches.suse/apparmor-increase-left-match-history-buffer-size.patch patches.suse/apparmor-make-it-so-work-buffers-can-be-allocated-from-atomic-context.patch patches.suse/apparmor-only-get-a-label-reference-if-the-fast-path-check-fails.patch patches.suse/apparmor-reduce-rcu_read_lock-scope-for-aa_file_perm-mediation.patch - commit 04ce0c4 - update patch metadata - update Git-commit after (likely) maintainer tree rebase: patches.suse/scsi-tcm_qla2xxx-Make-qlt_alloc_qfull_cmd-set-cmd-se.patch - commit 1747315 ++++ gcc10: - Adjust installed headers for arm and aarch64, enable link-mutex for riscv64. ++++ openssl-1_1: - Added SHA3 FIPS self-tests bsc#1155345 * openssl-fips-add-SHA3-selftest.patch ++++ wayland: - Update to release 1.18 * Add API to tag proxy objects to allow applications and toolkits to share the same Wayland connection * Track wayland-server timers in user-space to prevent creating too many FDs * Add wl_global_remove, a new function to mitigate race conditions with globals ++++ salt: - Fix 'os_family' grain for Astra Linux Common Edition - Added: * add-astra-linux-common-edition-to-the-os-family-list.patch ------------------------------------------------------------------ ------------------ 2020-2-11 - Feb 11 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ipc/msg.c: consolidate all xxxctl_down() functions (bsc#1159886). - ipc/sem.c: document and update memory barriers (bsc#1159886). - ipc/msg.c: update and document memory barriers (bsc#1159886). - ipc/mqueue.c: update/document memory barriers (bsc#1159886). - ipc/mqueue.c: remove duplicated code (bsc#1159886). - locking/osq: Use optimized spinning loop for arm64 (bsc#1149032). - cgroup: Optimize single thread migration (bsc#1163388). - cgroup/cpuset: Convert cpuset_mutex to percpu_rwsem (bsc#1163388). - commit 95157e6 - vfio/spapr/nvlink2: Skip unpinning pages on error exit (git-fixes). - commit 97b7cca - smp_mb__{before,after}_atomic(): update Documentation (git-fixes). - tomoyo: Use atomic_t for statistics counter (git-fixes). - irqdomain: Fix a memory leak in irq_domain_push_irq() (git-fixes). - commit ab7e36c - irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL (git-fixes). - hrtimer: Annotate lockless access to timer->state (git-fixes). - commit 18567f5 - dma-mapping: fix handling of dma-ranges for reserved memory (again) (git-fixes). - commit 854b530 - kconfig: fix broken dependency in randconfig-generated .config (git-fixes). - clocksource: Prevent double add_timer_on() for watchdog_timer (git-fixes). - iwlwifi: mvm: avoid use after free for pmsr request (git-fixes). - drop_monitor: Do not cancel uninitialized work item (git-fixes). - soc: qcom: rpmhpd: Set 'active_only' for active only power domains (git-fixes). - soc/tegra: fuse: Correct straps' address for older Tegra124 device trees (git-fixes). - bus: tegra-aconnect: Remove PM_CLK dependency (git-fixes). - ARM: at91: pm: use of_device_id array to find the proper shdwc node (git-fixes). - ARM: at91: pm: use SAM9X60 PMC's compatible (git-fixes). - ARM: dma-api: fix max_pfn off-by-one error in __dma_supported() (git-fixes). - commit 80930f7 ++++ openssh: - Add openssh-8.1p1-use-openssl-kdf.patch (jsc#SLE-9443). This performs key derivation using OpenSSL's SSHKDF facility, which allows OpenSSH to benefit from the former's FIPS certification status. ------------------------------------------------------------------ ------------------ 2020-2-10 - Feb 10 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/kuap: Fix set direction in allow/prevent_user_access() (bsc#1156395). - powerpc/32s: Fix bad_kuap_fault() (bsc#1156395). - commit ecc6175 - ipmi_si: Avoid spurious errors for optional IRQs (bsc#1161943). - commit 807bbff - media: go7007: Fix URB type for interrupt handling (bsc#1162583). - commit 658c146 - powerpc/futex: Fix incorrect user access blocking (bsc#1156395). - powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX (bsc#1156395). - powerpc/ptdump: Fix W+X verification (bsc#1156395). - powerpc: Define arch_is_kernel_initmem_freed() for lockdep (bsc#1156395). - powerpc/ptdump: get out of note_prot_wx() when CONFIG_PPC_DEBUG_WX is not selected (bsc#1156395). - commit f8eff5c - mm/sparse.c: reset section's mem_map when fully deactivated (bnc#1162503). - commit f068a8c - powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths (FATE#327775 bsc#1142685 ltc#179509). - commit 1c49eb1 - apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock (bnc#1158765). - apparmor: only get a label reference if the fast path check fails (bnc#1158765). - apparmor: fix bind mounts aborting with -ENOMEM (bnc#1158765). - apparmor: make it so work buffers can be allocated from atomic context (bnc#1158765). - apparmor: reduce rcu_read_lock scope for aa_file_perm mediation (bnc#1158765). - apparmor: fix wrong buffer allocation in aa_new_mount (bnc#1158765). - apparmor: increase left match history buffer size (bnc#1158765). - apparmor: Switch to GFP_KERNEL where possible (bnc#1158765). - apparmor: Use a memory pool instead per-CPU caches (bnc#1158765). - commit db8094b - Move upstreamed wireless fixes into sorted section Refreshed: patches.suse/libertas-dont-exit-from-lbs_ibss_join_existing-with.patch patches.suse/libertas-make-lbs_ibss_join_existing-return-error.patch patches.suse/mwifiex-fix-unbalanced-locking-in-mwifiex_process_co.patch - commit 8dbbd1d - powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning (bsc#1065729). - powerpc/pseries: Advance pfn if section is not present in lmb_is_removable() (bsc#1065729). - powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW (bsc#1065729). - powerpc/pseries/hotplug-memory: Change rc variable to bool (bsc#1065729). - commit fe5c033 - tomoyo: Don't use nifty names on sockets (git-fixes). Bring the patch again as bsc#1162590 turned out to be bogus. - commit e6918af - series.conf: cleanup - update upstream references and resort: patches.suse/scsi-qla2xxx-Fix-unbound-NVME-response-length.patch - commit f9847d8 ++++ gcc10: - Don't remove go tool buildid, needed for bootstrapping go - Increase disk constraint ------------------------------------------------------------------ ------------------ 2020-2-8 - Feb 8 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero (git-fixes). - clk: qcom: rcg2: Don't crash if our parent can't be found; return an error (git-fixes). - clk: qcom: Don't overwrite 'cfg' in clk_rcg2_dfs_populate_freq() (git-fixes). - watchdog: fix UAF in reboot notifier handling in watchdog core code (git-fixes). - drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe (git-fixes). - virtio_balloon: Fix memory leaks on errors in virtballoon_probe() (git-fixes). - virtio-balloon: Fix memory leak when unloading while hinting is in progress (git-fixes). - virtio-pci: check name when counting MSI-X vectors (git-fixes). - virtio-balloon: initialize all vq callbacks (git-fixes). - commit 56decc0 ++++ python3-core: - Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674) - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367) - Add Requires: libpython%{so_version} == %{version}-%{release} to python3-base to keep both packages always synchronized (bsc#1162224). ++++ python3: - Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674) - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367) - Add Requires: libpython%{so_version} == %{version}-%{release} to python3-base to keep both packages always synchronized (bsc#1162224). ------------------------------------------------------------------ ------------------ 2020-2-7 - Feb 7 2020 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-15-27e2c6180a45cca63d71ffa5de7b32dec749d2cd.patch change rp_filter to 2 to follow the current default (bsc#1160735) ++++ audit-secondary: - Resolve build errors when using glibc-devel-5.3 (bsc#1163040) New patch: audit-make-audit_filter_exclude-definition-optional.patch ++++ btrfsprogs: - btrfs-progs: check: fix segfault with -Q (bsc#1158560) - Added patches: * btrfs-progs-check-initialize-qgroup_item_count-in-ea.patch ++++ glib2: - remove dependencies on dbus-launch, gio-branding, shared-mime-info to reduce deps (boo#1162600) - don't recommend lang package ++++ kernel-default: - x86/apic/x2apic: Implement IPI shorthands support (bsc#1162702). - commit af57cfd - x86/apic/flat64: Remove the IPI shorthand decision logic (bsc#1162702). - commit 309c2e1 - x86/apic: Share common IPI helpers (bsc#1162702). - commit e29e384 - x86/apic: Remove the shorthand decision logic (bsc#1162702). - commit b931a9c - x86/smp: Enhance native_send_call_func_ipi() (bsc#1162702). - commit f0857f7 - x86/smp: Move smp_function_call implementations into IPI code (bsc#1162702). - commit 10bcbc5 - x86/apic: Provide and use helper for send_IPI_allbutself() (bsc#1162702). - commit ee9e660 - livepatch/samples/selftest: Use klp_shadow_alloc() API correctly (bsc#1071995). - commit 00eed06 - x86/apic: Add static key to Control IPI shorthands (bsc#1162702). - commit 6d35b8a - livepatch/selftest: Clean up shadow variable names and type (bsc#1071995). - commit e95b82b - x86/apic: Move no_ipi_broadcast() out of 32bit (bsc#1162702). - commit 9c72d3f - x86/apic: Add NMI_VECTOR wait to IPI shorthand (bsc#1162702). - commit 11f617e - x86/apic: Remove dest argument from __default_send_IPI_shortcut() (bsc#1162702). - commit 6e1b483 - x86/hotplug: Silence APIC and NMI when CPU is dead (bsc#1162702). - commit c8f6f01 - x86/cpu: Move arch_smt_update() to a neutral place (bsc#1162702). - Refresh patches.suse/x86-speculation-taa-Add-mitigation-for-TSX-Async-Abo.patch. - Refresh patches.suse/x86-speculation-taa-Fix-printing-of-TAA_MSG_SMT-on-I.patch. - commit 1c4fec9 - x86/apic/uv: Make x2apic_extra_bits static (bsc#1162702). - Refresh patches.suse/x86-platform-uv-Add-UV-Hubbed-Hubless-Proc-FS-Files.patch. - Refresh patches.suse/x86-platform-uv-Return-UV-Hubless-System-Type.patch. - commit c91a792 - btrfs: drop log root for dropped roots (bsc#1166772). - btrfs: do not delete mismatched root refs (bsc#1166772). - btrfs: fix invalid removal of root ref (bsc#1166772). - btrfs: rework arguments of btrfs_unlink_subvol (bsc#1166772). - btrfs: do not leak reloc root if we fail to read the fs root (bsc#1166772). - commit 9f44227 - x86/apic: Consolidate the apic local headers (bsc#1162702). - commit c920fec - x86/apic: Move apic_flat_64 header into apic directory (bsc#1162702). - commit 73a08d5 - x86/apic: Move ipi header into apic directory (bsc#1162702). - commit 06589f2 - x86/apic: Cleanup the include maze (bsc#1162702). - Refresh patches.suse/x86-platform-uv-Check-EFI-Boot-to-set-reboot-type.patch. - Refresh patches.suse/x86-platform-uv-Return-UV-Hubless-System-Type.patch. - Refresh patches.suse/x86-platform-uv-Save-OEM_ID-from-ACPI-MADT-probe.patch. - commit 327f5f6 - x86/apic: Move IPI inlines into ipi.c (bsc#1162702). - commit 81a4d6d - x86/apic: Invoke perf_events_lapic_init() after enabling APIC (bsc#1162702). - Refresh patches.suse/x86-apic-32-Avoid-bogus-LDR-warnings.patch. - commit b5224ec - uaccess: disallow > INT_MAX copy sizes (git-fixes). - commit 59e5f9a - thermal: brcmstb_thermal: Do not use DT coefficients (git-fixes). - soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot (git-fixes). - serdev: Don't claim unsupported ACPI serial devices (git-fixes). - commit ea25f56 - rtc: cmos: Stop using shared IRQ (git-fixes). - rtc: hym8563: Return -EINVAL if the time is known to be invalid (git-fixes). - commit 15ca52d - pxa168fb: Fix the function used to release some memory in an error handling path (git-fixes). - qmi_wwan: Add support for Quectel RM500Q (git-fixes). - commit b92716e - power: supply: core: Update sysfs-class-power ABI document (git-fixes). - power: supply: sbs-battery: Fix a signedness bug in sbs_get_battery_capacity() (git-fixes). - power: supply: axp20x_ac_power: Fix reporting online status (git-fixes). - power/supply: ingenic-battery: Don't change scale if there's only one (git-fixes). - commit cfd3f61 - blacklist.conf: Add already cherry-picked platform drivers - commit 57ff8bd - mtd: sharpslpart: Fix unsigned comparison to zero (git-fixes). - mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock (git-fixes). - net: phy: dp83867: Set FORCE_LINK_GOOD to default after reset (git-fixes). - commit 9763e59 - mfd: rn5t618: Mark ADC control register volatile (git-fixes). - mfd: da9062: Fix watchdog compatible string (git-fixes). - mfd: max77650: Select REGMAP_IRQ in Kconfig (git-fixes). - mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile (git-fixes). - mfd: bd70528: Fix hour register mask (git-fixes). - leds: pca963x: Fix open-drain initialization (git-fixes). - lib/scatterlist.c: adjust indentation in __sg_alloc_table (git-fixes). - ide: remove set but not used variable 'hwif' (git-fixes). - ima: ima/lsm policy rule loading logic bug fixes (git-fixes). - hwmon: (pmbus/ibm-cffps) Fix LED blink behavior (git-fixes). - commit e4dc7c5 - fbdev: fix numbering of fbcon options (git-fixes). - habanalabs: remove variable 'val' set but not used (git-fixes). - habanalabs: rate limit error msg on waiting for CS (git-fixes). - habanalabs: skip VA block list update in reset flow (git-fixes). - commit afb5fba - clk: qcom: Add missing msm8998 gcc_bimc_gfx_clk (git-fixes). - clk: qcom: smd: Add missing bimc clock (git-fixes). - clk: ti: dra7: fix parent for gmac_clkctrl (git-fixes). - clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (git-fixes). - clk: meson: meson8b: make the CCF use the glitch-free mali mux (git-fixes). - clk: meson: pll: Fix by 0 division in __pll_params_to_rate() (git-fixes). - clk: meson: g12a: fix missing uart2 in regmap table (git-fixes). - clk: renesas: rcar-gen3: Allow changing the RPC[D2] clocks (git-fixes). - clk: imx: imx8mq: fix sys3_pll_out_sels (git-fixes). - commit edbbc8e - Bluetooth: hci_bcm: Drive RTS only for BCM43438 (git-fixes). - Bluetooth: hci_bcm: Add device-tree compatible for BCM4329 (git-fixes). - Bluetooth: hci_bcm: Disallow set_baudrate for BCM4354 (git-fixes). - Bluetooth: btbcm: Add entry for BCM4335A0 UART bluetooth (git-fixes). - Bluetooth: hci_bcm: Add compatible string for BCM43540 (git-fixes). - commit f42c6a9 - cpumask: Implement cpumask_or_equal() (bsc#1162702). - commit a130302 - Refresh and re-enable patches.suse/0005-modsign-print-module-name-along-with-error-message.patch. - commit e9c76fb - clk: at91: sam9x60: fix programmable clock prescaler (git-fixes). - clk: uniphier: Add SCSSI clock gate for each channel (git-fixes). - clk: actually call the clock init before any other callback of the clock (git-fixes). - media: vp7045: do not read uninitialized values if usb transfer fails (git-fixes). - media: af9005: uninitialized variable printked (git-fixes). - media: digitv: don't continue if remote control state can't be read (git-fixes). - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 (git-fixes). - media: gspca: zero usb_buf (git-fixes). - Bluetooth: Fix race condition in hci_release_sock() (git-fixes). - r8152: disable DelayPhyPwrChg (git-fixes). - r8152: avoid the MCU to clear the lanwake (git-fixes). - r8152: disable test IO for RTL8153B (git-fixes). - r8152: get default setting of WOL before initializing (git-fixes). - Input: max77650-onkey - add of_match table (git-fixes). - Input: evdev - convert kzalloc()/vzalloc() to kvzalloc() (git-fixes). - led: max77650: add of_match table (git-fixes). - wireless: wext: avoid gcc -O3 warning (git-fixes). - mac80211: Fix TKIP replay protection immediately after key setup (git-fixes). - cfg80211: Fix radar event during another phy CAC (git-fixes). - wireless: fix enabling channel 12 for custom regulatory domain (git-fixes). - mac80211: mesh: restrict airtime metric to peered established plinks (git-fixes). - clk: mmp2: Fix the order of timer mux parents (git-fixes). - clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order (git-fixes). - clk: sunxi-ng: sun8i-r: Fix divider on APB0 clock (git-fixes). - platform/x86: intel_pmc_core: update Comet Lake platform driver (git-fixes). - platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits (git-fixes). - commit eff0f28 ++++ audit: - Resolve build errors when using glibc-devel-5.3 (bsc#1163040) New patch: audit-make-audit_filter_exclude-definition-optional.patch ++++ libzypp: - update translations - Replace mongoose/webrick with nginx in test suite. This patch makes use of nginx to replace the current WebServer mongoose implementation. Also adds support for registering callback functions for certain URL requests via FCGI, making it possible to mock HTTP responses and test more complex HTTP setups. - boost: Fix deprecated auto_unit_test.hpp includes. - Disable zchunk on Leap-15.0 and SLE15-* while there is no libzck. - Fix decision whether to download ZCHUNK files. libzypp and libsolv must both be able to read the format. - version 17.22.1 (22) ++++ mdadm: - Enable probe_roms to scan more than 6 roms. (bsc#1156040) 0026-Enable-probe_roms-to-scan-more-than-6-roms.patch - Create: add support for RAID0 layouts. (bsc#1162479) 0024-Create-add-support-for-RAID0-layouts.patch - Assemble: add support for RAID0 layouts. (bsc#1162479) 0025-Assemble-add-support-for-RAID0-layouts.patch - mdadm.8: add note information for raid0 growing operation (bsc#1129900) 1002-mdadm.8-add-note-information-for-raid0-growing-opera.patch ++++ podman: - Remove: 0001-clarify-container-prune-force.patch because it's now included in the release - Update podman to v1.8.0 (bsc#1160460): * Features - The podman system service command has been added, providing a preview of Podman's new Docker-compatible API. This API is still very new, and not yet ready for production use, but is available for early testing - Rootless Podman now uses Rootlesskit for port forwarding, which should greatly improve performance and capabilities - The podman untag command has been added to remove tags from images without deleting them - The podman inspect command on images now displays previous names they used - The podman generate systemd command now supports a --new option to generate service files that create and run new containers instead of managing existing containers - Support for --log-opt tag= to set logging tags has been added to the journald log driver - Added support for using Seccomp profiles embedded in images for podman run and podman create via the new --seccomp-policy CLI flag - The podman play kube command now honors pull policy * Bugfixes - Fixed a bug where the podman cp command would not copy the contents of directories when paths ending in /. were given - Fixed a bug where the podman play kube command did not properly locate Seccomp profiles specified relative to localhost - Fixed a bug where the podman info command for remote Podman did not show registry information - Fixed a bug where the podman exec command did not support having input piped into it - Fixed a bug where the podman cp command with rootless Podman on CGroups v2 systems did not properly determine if the container could be paused while copying - Fixed a bug where the podman container prune --force command could possible remove running containers if they were started while the command was running - Fixed a bug where Podman, when run as root, would not properly configure slirp4netns networking when requested - Fixed a bug where podman run --userns=keep-id did not work when the user had a UID over 65535 - Fixed a bug where rootless podman run and podman create with the --userns=keep-id option could change permissions on /run/user/$UID and break KDE - Fixed a bug where rootless Podman could not be run in a systemd service on systems using CGroups v2 - Fixed a bug where podman inspect would show CPUShares as 0, instead of the default (1024), when it was not explicitly set - Fixed a bug where podman-remote push would segfault - Fixed a bug where image healthchecks were not shown in the output of podman inspect - Fixed a bug where named volumes created with containers from pre-1.6.3 releases of Podman would be autoremoved with their containers if the --rm flag was given, even if they were given names - Fixed a bug where podman history was not computing image sizes correctly - Fixed a bug where Podman would not error on invalid values to the --sort flag to podman images - Fixed a bug where providing a name for the image made by podman commit was mandatory, not optional as it should be - Fixed a bug where the remote Podman client would append an extra " to %PATH - Fixed a bug where the podman build command would sometimes ignore the -f option and build the wrong Containerfile - Fixed a bug where the podman ps --filter command would only filter running containers, instead of all containers, if - -all was not passed - Fixed a bug where the podman load command on compressed images would leave an extra copy on disk - Fixed a bug where the podman restart command would not properly clean up the network, causing it to function differently from podman stop; podman start - Fixed a bug where setting the --memory-swap flag to podman create and podman run to -1 (to indicate unlimited) was not supported * Misc - Initial work on version 2 of the Podman remote API has been merged, but is still in an alpha state and not ready for use. Read more here - Many formatting corrections have been made to the manpages - The changes to address (#5009) may cause anonymous volumes created by Podman versions 1.6.3 to 1.7.0 to not be removed when their container is removed - Updated vendored Buildah to v1.13.1 - Updated vendored containers/storage to v1.15.8 - Updated vendored containers/image to v5.2.0 ------------------------------------------------------------------ ------------------ 2020-2-6 - Feb 6 2020 ------------------- ------------------------------------------------------------------ ++++ cyrus-sasl: - Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518) * Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * Add 0003-Check-return-error-from-gss_wrap_size_limit.patch * Add 0004-Add-support-for-retrieving-the-mech_ssf.patch - Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518) * Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch ++++ kernel-default: - ALSA: hda: Clear RIRB status before reading WP (git-fixes). - ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported (git-fixes). - ASoC: SOF: trace: fix unconditional free in trace release (git-fixes). - ALSA: hda - Fix DP-MST support for NVIDIA codecs (git-fixes). - ALSA: dummy: Fix PCM format loop in proc output (git-fixes). - ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk (git-fixes). - ALSA: usb-audio: Fix endianess in descriptor validation (git-fixes). - ALSA: hda: Add JasperLake PCI ID and codec vid (git-fixes). - ALSA: pcm: Fix memory leak at closing a stream without hw_free (git-fixes). - ALSA: hda: Reset stream if DMA RUN bit not cleared (git-fixes). - ASoC: Intel: Skylake: Explicitly include linux/io.h for virt_to_phys() (git-fixes). - commit 90e1eab - rpm/kernel-binary.spec.in: Replace Novell with SUSE - commit 8719d69 - kabi: arm64: reserve space in cpu_hwcaps and cpu_hwcap_keys arrays (bsc#1089086). Enable and refresh cpu_hwcaps kabi reservation patch. - commit a2cfe97 - btrfs: don't double lock the subvol_sem for rename exchange (bsc#1162943). - commit 6492de6 - blacklist.conf: different IDs in stable and mainline - commit a8a637a - Update patches.suse/btrfs-qgroups-fix-rescan-worker-running-races.patch (bsc#1091101, bsc#1156919). Since the problem is still here and not solved, re-enable it and rebase the code. - commit 5647b0a ++++ Mesa: - u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch * replaces U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch by an official merge request (bsc#1162252, gitlab issue#2472) ++++ gcc10: - Bump to rc940105cc17111be98d8d42ba48a413b0e63aebe. - Bump libtool version of libgo. ++++ systemd: - Import commit f8adabc2b1f3e3ad150e7a3bfa88341eda5a8a57 (merge v244.2) 77c04ce5c2 hwdb: update to v245-rc1 b4eb884824 Fix typo in function name e2d4cb9843 polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it 83bfc0d8dd sd-bus: introduce API for re-enqueuing incoming messages 5926f9f172 polkit: use structured initialization 0697d0d972 polkit: on async pk requests, re-validate action/details 2589995acd polkit: reuse some common bus message appending code 5b2442d5c3 bus-polkit: rename return error parameter to ret_error 0a19ff7004 shared: split out polkit stuff from bus-util.c → bus-polkit.c 1325dfb577 test: adapt to the new capsh format 3538fafb47 meson: update efi path detection to gnu-efi-3.0.11 3034855a5b presets: "disable" all passive targets by default c2e3046819 shared/sysctl-util: normalize repeated slashes or dots to a single value 6f4364046f dhcp6: do not use T1 and T2 longer than one provided by the lease 0ed6cda28d network: fix implicit type conversion warning by GCC-10 f6a5c02d26 bootspec: parse random-seed-mode line in loader.conf ddc5dca8a7 sd-boot: fix typo 2bbbe9ae41 test: Synchronize journal before reading from it 072485d661 sd-bus: fix introspection bug in signal parameter names 80af3cf5e3 efi: fix build. [...] ++++ permissions: - Update to version 20181224: * mariadb: settings for new auth_pam_tool (bsc#1160285) * chkstat: capability handling fixes (bsc#1161779) * chkstat: fix regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594) * dumpcap: remove 'other' executable bit because of capabilities (boo#1148788, CVE-2019-3687) ++++ python-libvirt-python: - Stop building for python2 Dropped patches: revert-b22e4f24.patch ++++ sudo: - add sudo-1.8.22-CVE-2019-18634.patch to fix a buffer overflow when pwfeedback is enabled and input is a not a tty [bsc#1162202] [CVE-2019-18634] - add sudo-1.8.22-fix_listpw.patch to fix listpw=never option in sudoers [bsc#1162675] ------------------------------------------------------------------ ------------------ 2020-2-5 - Feb 5 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - pwm: Remove set but not set variable 'pwm' (git-fixes). - pwm: omap-dmtimer: put_device() after of_find_device_by_node() (git-fixes). - pwm: omap-dmtimer: Simplify error handling (git-fixes). - pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional (git-fixes). - commit f1507d7 - Refresh patches.suse/powerpc-drmem-avoid-NULL-pointer-dereference-when-dr.patch. - commit 3c1c79f - PCI: Add DMA alias quirk for Intel VCA NTB (git-fixes). - Refresh patches.suse/0001-PCI-Vulcan-AHCI-PCI-bar-fix-for-Broadcom-Vulcan-earl.patch. - commit 55d6c4b - mei: me: add comet point (lake) H device ids (git-fixes). - mei: hdcp: bind only with i915 on the same PCH (git-fixes). - staging: most: net: fix buffer overflow (git-fixes). - staging: vt6656: Fix false Tx excessive retries reporting (git-fixes). - staging: vt6656: use NULLFUCTION stack on mac80211 (git-fixes). - staging: vt6656: correct packet types for CTS protect, mode (git-fixes). - serial: imx: fix a race condition in receive path (git-fixes). - usb: dwc3: pci: add ID for the Intel Comet Lake -V variant (git-fixes). - ARM: 8955/1: virt: Relax arch timer version check during early boot (git-fixes). - phy: cpcap-usb: Prevent USB line glitches from waking up modem (git-fixes). - phy: qcom-qmp: Increase PHY ready timeout (git-fixes). - usb: musb: jz4740: Silence error if code is -EPROBE_DEFER (git-fixes). - drm/amd/display: Reduce HDMI pixel encoding if max clock is exceeded (git-fixes). - gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP (git-fixes). - HID: steam: Fix input device disappearing (git-fixes). - HID: intel-ish-hid: ipc: Add Tiger Lake PCI device ID (git-fixes). - drivers/hid/hid-multitouch.c: fix a possible null pointer access (git-fixes). - HID: wacom: Recognize new MobileStudio Pro PID (git-fixes). - HID: intel-ish-hid: ipc: add CMP device id (git-fixes). - HID: Add quirk for incorrect input length on Lenovo Y720 (git-fixes). - HID: asus: Ignore Asus vendor-page usage-code 0xff events (git-fixes). - HID: ite: Add USB id match for Acer SW5-012 keyboard dock (git-fixes). - HID: Add quirk for Xin-Mo Dual Controller (git-fixes). - HID: multitouch: Add LG MELF0410 I2C touchscreen support (git-fixes). - watchdog: rn5t618_wdt: fix module aliases (git-fixes). - watchdog: max77620_wdt: fix potential build errors (git-fixes). - spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls (git-fixes). - platform/x86: dell-laptop: disable kbd backlight on Inspiron 10xx (git-fixes). - staging: mt7621-pci: add quirks for 'E2' revision using 'soc_device_attribute' (git-fixes). - extcon-intel-cht-wc: Don't reset USB data connection at probe (git-fixes). - usb-storage: Disable UAS on JMicron SATA enclosure (git-fixes). - mmc: sdhci-pci: Add support for Intel JSL (git-fixes). - mmc: sdhci-pci: Quirk for AMD SDHC Device 0x7906 (git-fixes). - ASoC: Intel: cht_bsw_rt5645: Add quirk for boards using pmc_plt_clk_0 (git-fixes). - ARM: OMAP2+: SmartReflex: add omap_sr_pdata definition (git-fixes). - Bluetooth: btbcm: Use the BDADDR_PROPERTY quirk (git-fixes). - Bluetooth: Allow combination of BDADDR_PROPERTY and INVALID_BDADDR quirks (git-fixes). - HID: wacom: add new MobileStudio Pro 13 support (git-fixes). - commit 2f59d11 - ceph: fix compat_ioctl for ceph_dir_operations (jsc#SES-1134). - compat_ioctl: add compat_ptr_ioctl() (jsc#SES-1134). - commit e540507 - crypto: sun4i-ss - fix big endian issues (git-fixes). - commit 0bfb337 - blacklist.conf: not needed in our config - commit a23b2d7 - blacklist.conf: upstream has a wrong Fixes - commit 3b66050 - perf/imx_ddr: Add MODULE_DEVICE_TABLE (git-fixes). - commit f0f1d6b - bitmap.h: fix kernel-doc warning and typo (bsc#1162702). - commit be235a4 - blacklist.conf: duplication - commit 0224176 - iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes). - commit fa51eb6 - iwlwifi: mvm: don't send the IWL_MVM_RXQ_NSSN_SYNC notif to Rx queues (git-fixes). - commit 861212e - iommu/vt-d: Refactor find_domain() helper (bsc#1159594). - commit e9b12d5 - blacklist.conf: only cosmetics - commit 1870278 - blacklist.conf: patch is wrong, later reverted - commit ed8aa8a - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1152489). - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup (bsc#1152489). - x86/resctrl: Fix use-after-free when deleting resource groups (bsc#1152489). - commit 1107939 - coresight: etm4x: Fix unused function warning (jsc#SLE-9326). - coresight: replicator: Fix missing spin_lock_init() (jsc#SLE-9326). - coresight: funnel: Fix missing spin_lock_init() (jsc#SLE-9326). - coresight: etm4x: Fix BMVAL misuse (jsc#SLE-9326). - coresight: Add explicit architecture dependency (jsc#SLE-9326). - coresight: etm4x: Add missing single-shot control API to sysfs (jsc#SLE-9326). - coresight: etm4x: Add view comparator settings API to sysfs (jsc#SLE-9326). - coresight: etm4x: Improve usability of sysfs - CID and VMID masks (jsc#SLE-9326). - coresight: etm4x: Improve usability of sysfs - include/exclude addr (jsc#SLE-9326). - coresight: etm4x: Fix issues with start-stop logic (jsc#SLE-9326). - coresight: etm4x: Add missing API to set EL match on address filters (jsc#SLE-9326). - coresight: etm4x: Fixes for ETM v4.4 architecture updates (jsc#SLE-9326). - coresight: etm4x: Add support for ThunderX2 (jsc#SLE-9326). - coresight: etm4x: Save/restore state across CPU low power states (jsc#SLE-9326). - coresight: tmc-etr: Add barrier packets when moving offset forward (jsc#SLE-9326). - coresight: tmc-etr: Decouple buffer sync and barrier packet insertion (jsc#SLE-9326). - coresight: tmc: Make memory width mask computation into a function (jsc#SLE-9326). - coresight: tmc-etr: Fix updating buffer in not-snapshot mode (jsc#SLE-9326). - coresight: etm4x: improve clarity of etm4_os_unlock comment (jsc#SLE-9326). - coresight: etm4x: use module_param instead of module_param_named (jsc#SLE-9326). - coresight: etm4x: Remove superfluous setting of os_unlock (jsc#SLE-9326). - coresight: acpi: Static funnel support (jsc#SLE-9326). - coresight: Convert pr_warn to dev_warn for obsolete bindings (jsc#SLE-9326). - coresight: tmc-etr: Check if non-secure access is enabled (jsc#SLE-9326). - coresight: tmc-etr: Handle memory errors (jsc#SLE-9326). - coresight: etr_buf: Consolidate refcount initialization (jsc#SLE-9326). - coresight: cpu-debug: Add support for Qualcomm Kryo (jsc#SLE-9326). - coresight: etm4x: Add ETM PIDs for SDM845 and MSM8996 (jsc#SLE-9326). - coresight: etm4x: Two function calls less (jsc#SLE-9326). - commit 42abd9d - config: refresh - drop no longer available option - commit df9bfb1 - fix patch metadata - fix Patch-mainline: patches.suse/mm-mmu_gather-invalidate-TLB-correctly-on-batch-allo.patch - commit 11779f3 - update patch metadata - update Git-commit (maintainer repository rebased?): patches.suse/scsi-qla2xxx-Fix-unbound-NVME-response-length.patch - commit 6a6f7db - series.conf: cleanup - update upstream references and resort: patches.suse/powerpc-mm-Remove-kvm-radix-prefetch-workaround-for-.patch patches.suse/powerpc-papr_scm-Don-t-enable-direct-map-for-a-regio.patch patches.suse/powerpc-pseries-lparcfg-Fix-display-of-Maximum-Memor.patch patches.suse/powerpc-xmon-don-t-access-ASDR-in-VMs.patch - commit b278cb1 - fix patch metadata - fix Patch-mainline: patches.suse/vfs-fix-do_last-regression.patch - commit d2a495c - libbpf: Add missing newline in opts validation macro (bsc#1155518). - libbpf: Fix printf compilation warnings on ppc64le arch (bsc#1155518). - commit 413fb24 ++++ gcc10: - Bump to r269e8130b77065452698ab97e5da77d132d00276. ++++ NetworkManager: - Add -fcommon to CFLAGS. This is currently being done upstream (boo#1160381). ++++ libvirt: - xen: Fix the list of supported ovmf firmwares suse-xen-ovmf-loaders.patch bsc#1159793 ++++ perl: - Backport perl-fix2020.patch to make timelocal calls work in the year 2020 [bnc#1102840] [bnc#1160039] new patch: perl-fix2020.patch ++++ permissions: Sync upstream SLE-15-SP1 branch with our SLE-15-SP1:Update package. Therefore remove all of the following patches which are now included in the tarball: - 0001-whitelisting-update-virtualbox.patch - 0002-consistency-between-profiles.patch 0003-var-run-postgresql.patch - 0004-var-cache-man.patch - 0005-singularity-starter-suid.patch - 0006-bsc1110797_amanda.patch - 0007-chkstat-fix-privesc-CVE-2019-3690.patch - 0008-squid-pinger-owner-fix-CVE-2019-3688.patch - 0009-chkstat-handle-missing-proc.patch - 0010-chkstat-capabilities-implicit-changes.patch Because of inconsistencies between the upstream branch and the package state the following previously missing changes are introduced by this update: - Update to version 20181117: * removed old entry for rmtab * Fixed typo in icinga2 whitelist entry ------------------------------------------------------------------ ------------------ 2020-2-4 - Feb 4 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+git120.dbfbfcb8: * 95zfcp_rules/parse-zfcp.sh: remove rule existence check (bsc#1008352) ++++ fuse-overlayfs: - Update to v0.7.6 (bsc#1160460) - do not look in lower layers for the ino if there is no origin xattr set - attempt to use the file path if the operation on the fd fails with ENXIO ++++ grub2: - From Stefan Seyfried : Fix grub2-install fails with "not a directory" error (boo#1161641, bsc#1162403) * grub2-install-fix-not-a-directory-error.patch ++++ kernel-default: - powerpc: Do not consider weak unresolved symbol relocations as bad (bsc#1148868). - powerpc: Provide initial documentation for PAPR hcalls (bsc#1156395). - gen_initramfs_list.sh: fix 'bad variable name' error (bsc#1148868). - mkcompile_h: use printf for LINUX_COMPILE_BY (bsc#1148868). - mkcompile_h: git rid of UTS_TRUNCATE from LINUX_COMPILE_{BY,HOST} (bsc#1148868). - scripts/setlocalversion: clear local variable to make it work for sh (bsc#1148868). - kbuild: add $(BASH) to run scripts with bash-extension (bsc#1148868). - commit 200c822 - jbd2: Free journal head outside of locked region (bsc#1162702). - jbd2: Make state lock a spinlock (bsc#1162702). - jbd2: Don't call __bforget() unnecessarily (bsc#1162702). - jbd2: Drop unnecessary branch from jbd2_journal_forget() (bsc#1162702). - jbd2: Move dropping of jh reference out of un/re-filing functions (bsc#1162702). - jbd2: Remove jbd_trylock_bh_state() (bsc#1162702). - jbd2: Simplify journal_unmap_buffer() (bsc#1162702). - commit 64d9c8c - KVM: SVM: Override default MMIO mask if memory encryption is enabled (bsc#1162684). - commit 6f8451a - x86/fpu: Deactivate FPU state after failure during state load (bsc#1152489). - commit fb7702a - x86/resctrl: Check monitoring static key in the MBM overflow handler (bsc#1152489). - commit 8f4ba2c - Delete patches.suse/tomoyo-Don-t-use-nifty-names-on-sockets.patch (bsc#1162590) We've hit mysterious regression and the git bisection points this one. As this is no serious fix backport, let's try to revert it at first. - commit 0ecd623 - ocfs2: fix oops when writing cloned file (bsc#1160831). - commit dd0a42c - dma-contiguous: CMA: give precedence to cmdline (bsc#1160609). - commit d7a3b9d - mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush (bsc#1055186). - commit c9dade1 - rpm/modules.fips: add keywrap (bsc#1160561) - commit 68cc4b8 - ceph: hold extra reference to r_parent over life of request (jsc#SES-1134). - ceph: add more debug info when decoding mdsmap (jsc#SES-1134). - ceph: switch to global cap helper (jsc#SES-1134). - ceph: trigger the reclaim work once there has enough pending caps (jsc#SES-1134). - ceph: show tasks waiting on caps in debugfs caps file (jsc#SES-1134). - ceph: convert int fields in ceph_mount_options to unsigned int (jsc#SES-1134). - commit 5bcfbba - blacklist.conf: 6cd18453b689 EDAC/sifive: Fix return value check in ecc_register() - commit 267e9ae - libceph, rbd, ceph: convert to use the new mount API (jsc#SES-1134). - Refresh patches.suse/rbd-move-structs-used-by-lio-rbd-to-new-header.patch. - commit dd179b3 - rbd: ask for a weaker incompat mask for read-only mappings (jsc#SES-1134). - commit 1660de5 - rbd: don't query snapshot features (jsc#SES-1134). - Refresh patches.suse/rbd-move-structs-used-by-lio-rbd-to-new-header.patch. - commit 578ddcb - rbd: remove snapshot existence validation code (jsc#SES-1134). - Refresh patches.suse/rbd-move-structs-used-by-lio-rbd-to-new-header.patch. - commit 15f7151 - rbd: don't establish watch for read-only mappings (jsc#SES-1134). - rbd: don't acquire exclusive lock for read-only mappings (jsc#SES-1134). - rbd: disallow read-write partitions on images mapped read-only (jsc#SES-1134). - rbd: treat images mapped read-only seriously (jsc#SES-1134). - commit 3b44169 - rbd: introduce RBD_DEV_FLAG_READONLY (jsc#SES-1134). - Refresh patches.suse/rbd-move-structs-used-by-lio-rbd-to-new-header.patch. - commit 8848484 - rbd: introduce rbd_is_snap() (jsc#SES-1134). - ceph: don't leave ino field in ceph_mds_request_head uninitialized (jsc#SES-1134). - ceph: tone down loglevel on ceph_mdsc_build_path warning (jsc#SES-1134). - ceph: fix geting random mds from mdsmap (jsc#SES-1134). - rbd: fix spelling mistake "requeueing" -> "requeuing" (jsc#SES-1134). - ceph: make several helper accessors take const pointers (jsc#SES-1134). - libceph: drop unnecessary check from dispatch() in mon_client.c (jsc#SES-1134). - commit ea0e3ab - x86/intel_pstate: Handle runtime turbo disablement/enablement in frequency invariance (bsc#1155798). - commit d2ecce1 - x86, sched: Add support for frequency invariance on ATOM (bsc#1155798). - commit 5a622ef - net: aquantia: add an error handling in aq_nic_set_multicast_list (jsc#SLE-10218). - commit d467792 - x86, sched: Add support for frequency invariance on ATOM_GOLDMONT* (bsc#1155798). - commit 6550e7c - x86, sched: Add support for frequency invariance on XEON_PHI_KNL/KNM (bsc#1155798). - commit 708e8cb - x86, sched: Add support for frequency invariance on SKYLAKE_X (bsc#1155798). - commit 0ae5deb - x86, sched: Add support for frequency invariance (bsc#1155798). - commit 54365d2 ++++ nvme-cli: - Add additional smart log critical warn decoding (bsc#1161768) * add 0003-Add-additional-smart-log-critical-warn-decoding.patch - Update patches with upstream version: * delete 0101-Makefile-use-UDEVRULESDIR-instead-of-UDEVDIR.patch * add 0002-Makefile-use-UDEVRULESDIR-instead-of-UDEVDIR.patch * delete 0102-nvme-cli-Add-script-to-determine-host-NQN.patch * add 0005-nvme-cli-Add-script-to-determine-host-NQN.patch - Add nvmf autoconnect service * add 0004-nvmf-autoconnect.service.patch ++++ qemu: - Avoid query-cpu-model-expansion crashed qemu when using machine type none, patch is queued in upstream now, will update commit id later (bsc#1159443) target-arm-monitor-query-cpu-model-expan.patch ++++ yast2: - Show on WSL only WSL capable modules in control center (bsc#1162650) - 4.2.64 ------------------------------------------------------------------ ------------------ 2020-2-3 - Feb 3 2020 ------------------- ------------------------------------------------------------------ ++++ branding-openSUSE: - Sync with Tumbleweed ++++ kernel-default: - scsi: qla2xxx: Fix unbound NVME response length (bsc#1157966 bsc#1158013 bsc#1157424). - scsi: tcm_qla2xxx: Make qlt_alloc_qfull_cmd() set cmd->se_cmd.map_tag (bsc#1157966 bsc#1158013 bsc#1157424). - scsi: qla2xxx: Fix a NULL pointer dereference in an error path (bsc#1157966 bsc#1158013 bsc#1157424). - commit 586fcc6 - vfs: fix do_last() regression (bsc#1162109,CVE-2020-8428). - Update patches.suse/do_last-fetch-directory--i_mode-and--i_uid-before-its-too-late.patch (bsc#1162109,CVE-2020-8428). - commit 7adeb03 - KVM: PPC: Book3S PR: Fix -Werror=return-type build failure (bsc#1061840). - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails (bsc#1061840). - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bsc#1061840). - commit 45012b1 - Update "drm/amdkfd: fix a potential NULL pointer dereference (v2)" We have a bug report and a CVE for this patch. Point references tag there. - commit db7a4f2 - tracing/kprobes: Have uname use __get_str() in print_fmt (git-fixes). - commit 1cc7e66 - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/0001-x86-kvm-Be-careful-not-to-clear-KVM_VCPU_FLUSH_TLB-b.patch patches.suse/0002-x86-kvm-Introduce-kvm_-un-map_gfn.patch patches.suse/0003-x86-kvm-Cache-gfn-to-pfn-translation.patch patches.suse/0004-x86-KVM-Make-sure-KVM_VCPU_FLUSH_TLB-flag-is-not-mis.patch patches.suse/0005-x86-KVM-Clean-up-host-s-steal-time-structure.patch - commit 488b94c - patch whitespace cleanup - delete whitespace on line separating rfc2822 header and body: patches.suse/ocfs2-make-local-header-paths-relative-to-C-files.patch - commit bbd1cb9 ++++ libeconf: - Update to version 0.3.5+git20200203.3144b69: * Release version 0.3.5 * Use float.h instead of obsolete gnuism values.h * Remove gnuism (strdupa) * Check for empty value (NULL pointer) before calling strdup. ++++ Mesa: - U_gallium-Fix-big-endian-addressing-of-non-bitmask-arr.patch * reverse apply since it caused a regression in rendering on s390x (bsc#1162252) ++++ plymouth: - Sync the default openSUSE theme from Tumbleweed ++++ python3-core: - Reame idle icons to idle3 in order to not conflict with python2 variant of the package bsc#1165894 * renamed the icons * renamed icon load in desktop file ++++ systemd: - Use suse.pool.ntp.org server pool on SLE (jsc#SLE-7683) ++++ libvirt: - lib: Prohibit parallel connections with tunneled migration e092daac-prohib-parallel-tunneled-mig.patch jsc#SLE-6998 - BuildRequire pkgconfig((lib)?udev) instead of (lib)?udev: allow OBS to shortcut through -mini flavors. ++++ python3: - Reame idle icons to idle3 in order to not conflict with python2 variant of the package bsc#1165894 * renamed the icons * renamed icon load in desktop file ++++ salt: - Update to Salt version 2019.2.3 (CVE-2019-17361) (bsc#1163981) (bsc#1162504) See release notes: https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html - Modified: * use-adler32-algorithm-to-compute-string-checksums.patch ++++ qemu: - BuildRequire pkgconfig(libudev) instead of libudev-devel: Allow OBS to shortcut through -mini flavors. ------------------------------------------------------------------ ------------------ 2020-2-2 - Feb 2 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ocfs2: make local header paths relative to C files (bsc#1159889). - commit fafd040 ------------------------------------------------------------------ ------------------ 2020-2-1 - Feb 1 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30 (git-fixes). - PCI: tegra: Fix return value check of pm_runtime_get_sync() (git-fixes). - PCI: keystone: Fix error handling when "num-viewport" DT property is not populated (git-fixes). - PCI: keystone: Fix outbound region mapping (git-fixes). - PCI: keystone: Fix link training retries initiation (git-fixes). - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (git-fixes). - PCI/switchtec: Fix vep_vector_number ioread width (git-fixes). - PCI/switchtec: Use dma_set_mask_and_coherent() (git-fixes). - PCI: Don't disable bridge BARs when assigning bus resources (git-fixes). - PCI/AER: Initialize aer_fifo (git-fixes). - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (git-fixes). - media: iguanair: fix endpoint sanity check (git-fixes). - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments (git-fixes). - media: ov5640: Fix check for PLL1 exceeding max allowed rate (git-fixes). - media: imx7-mipi-csis: remove subdev_notifier (git-fixes). - media: meson: add missing allocation failure check on new_buf (git-fixes). - media: i2c: adv748x: Fix unsafe macros (git-fixes). - commit 0778c54 ------------------------------------------------------------------ ------------------ 2020-1-31 - Jan 31 2020 ------------------- ------------------------------------------------------------------ ++++ gstreamer-plugins-base: - No longer recommend -lang: supplements are in use. ++++ open-iscsi: - Bug fixes, including addig support for "-fno-common" compiler option, 586 bug fixes, a bug fix for SHA1 handling, and other needed but small fixes (bsc#1160287), updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - EDAC/mc: Fix use-after-free and memleaks during device removal (jsc#SLE-9482). - Refresh patches.suse/EDAC-mc-Reorder-functions-edac_mc_alloc.patch. - commit 7999d28 - Refresh and reenable patches.suse/prepare-arm64-kgraft. - Delete patches.suse/pstore-backend-autoaction. (see commit 62c0377bb94742def) - commit 2e37144 - s390/dasd: disable ese support due to possible data corruption (bsc#1161428). - commit daa742e - iommu/amd: Fix IOMMU perf counter clobbering during init (bsc#1162393). - iommu/vt-d: Call __dmar_remove_one_dev_info with valid pointer (bsc#1159594). - commit 3146a75 - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes). - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes). - commit 21afd27 - crypto: vmx - Avoid weird build failures (git-fixes). - commit 5668910 - drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add (git-fixes). - drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable (git-fixes). - drm/msm/adreno: fix zap vs no-zap handling (git-fixes). - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler (git-fixes). - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() (git-fixes). - drm/mediatek: Add gamma property according to hardware capability (git-fixes). - drm: atmel-hlcdc: prefer a lower pixel-clock than requested (git-fixes). - drm: atmel-hlcdc: enable clock before configuring timing engine (git-fixes). - drm: atmel-hlcdc: use double rate for pixel clock only if supported (git-fixes). - drm: bridge: dw-hdmi: constify copied structure (git-fixes). - drm/rockchip: lvds: Fix indentation of a #define (git-fixes). - drm/amdkfd: remove set but not used variable 'top_dev' (git-fixes). - drm/amd/powerplay: remove set but not used variable 'us_mvdd' (git-fixes). - drm/amdgpu: remove set but not used variable 'invalid' (git-fixes). - drm/amdgpu: remove set but not used variable 'count' (git-fixes). - drm/amdgpu: remove set but not used variable 'amdgpu_connector' (git-fixes). - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from 'gfx_v6_0.c' and 'gfx_v7_0.c' (git-fixes). - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' (git-fixes). - drm/amdgpu: remove always false comparison in 'amdgpu_atombios_i2c_process_i2c_ch' (git-fixes). - drm/amdgpu: remove set but not used variable 'dig' (git-fixes). - drm/amdgpu: remove set but not used variable 'dig_connector' (git-fixes). - drm/amdgpu: add function parameter description in 'amdgpu_gart_bind' (git-fixes). - drm/amdgpu: add function parameter description in 'amdgpu_device_set_cg_state' (git-fixes). - drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table (git-fixes). - drm/panel: simple: Add Logic PD Type 28 display support (git-fixes). - drm/qxl: Complete exception handling in qxl_device_init() (git-fixes). - drm/rect: update kerneldoc for drm_rect_clip_scaled() (git-fixes). - drm/rect: Avoid division by zero (git-fixes). - drm/fourcc: Fill out all block sizes for P210 (git-fixes). - drm/fourcc: Fill out all block sizes for P10/12/16 (git-fixes). - drm/ttm: ttm_tt_init_fields() can be static (git-fixes). - commit 93987eb - PM: hibernate: fix crashes with init_on_free=1 (git-fixes). - commit 748603f - Add the already cherry-picked id to pinctrl fix patch - commit fdc0f64 - x86/KVM: Clean up host's steal time structure (bsc#1161154, CVE-2019-3016). - x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (bsc#1161154, CVE-2019-3016). - x86/kvm: Cache gfn to pfn translation (bsc#1161154, CVE-2019-3016). - x86/kvm: Introduce kvm_(un)map_gfn() (bsc#1161154, CVE-2019-3016). - x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (bsc#1161154, CVE-2019-3016). - commit b5111ca - supported.conf: mark ufshcd_core and ufshcd_pltfrm as supported (bsc#1158776) kernel-source commit ba2a8909aec7 marked modules ufs_hisi, ufs_medatek and ufs_qcom as supported (with reference to comment 14 here); these depend on ufshcd_core and ufshcd_pltfrm which are unsupported so that IBS build (aarch64/default) now fails one of the late checks. Mark ufshcd_core and ufshcd_pltfrm as supported to avoid unfulfilled dependencies in arm64 kernel-default. - commit e66a364 - series.conf: cleanup - update upstream references and resort: patches.suse/scsi-qla2xxx-Add-D-Port-Diagnostic-reason-explanatio.patch patches.suse/scsi-qla2xxx-Add-a-shadow-variable-to-hold-disc_stat.patch patches.suse/scsi-qla2xxx-Cleanup-unused-async_logout_done.patch patches.suse/scsi-qla2xxx-Consolidate-fabric-scan.patch patches.suse/scsi-qla2xxx-Correct-fcport-flags-handling.patch patches.suse/scsi-qla2xxx-Fix-RIDA-Format-2.patch patches.suse/scsi-qla2xxx-Fix-fabric-scan-hang.patch patches.suse/scsi-qla2xxx-Fix-mtcp-dump-collection-failure.patch patches.suse/scsi-qla2xxx-Fix-stuck-login-session-using-prli_pend.patch patches.suse/scsi-qla2xxx-Fix-stuck-session-in-GNL.patch patches.suse/scsi-qla2xxx-Fix-the-endianness-of-the-qla82xx_get_f.patch patches.suse/scsi-qla2xxx-Fix-update_fcport-for-current_topology.patch patches.suse/scsi-qla2xxx-Improve-readability-of-the-code-that-ha.patch patches.suse/scsi-qla2xxx-Remove-defer-flag-to-indicate-immeadiat.patch patches.suse/scsi-qla2xxx-Update-driver-version-to-10.01.00.22-k.patch patches.suse/scsi-qla2xxx-Use-common-routine-to-free-fcport-struc.patch patches.suse/scsi-qla2xxx-Use-get_unaligned_-instead-of-open-codi.patch No effect on expanded tree. - commit 35cf494 ++++ NetworkManager: - Update to version 1.22.6: + Various fixes for the internal DHCP client. + Slave devices now do not get created/activated if master is missing. + Fixed 'startup-complete' bug where NetworkManager would reach the network-online.target even when not all the connections had been tried. + Updated translations. ++++ permissions: - fix regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594, 0009-chkstat-handle-missing-proc.patch) - fix capability handling when doing multiple permission changes at once (bsc#1161779, 0010-chkstat-capabilities-implicit-changes.patch) ++++ python-gobject: - Remove %{python_module gobject-devel = %{version}} from common-devel: Assuming that consumers of the .pc and include headers are not really using the python bindings. ++++ system-users: - Add tss user for TPM tools (boo#1162360). ++++ yast2: - Add new widgets CWM::ProgressBar and CWM::DynamicProgressBar. - Needed for bsc#1135366. - 4.2.63 ------------------------------------------------------------------ ------------------ 2020-1-30 - Jan 30 2020 ------------------- ------------------------------------------------------------------ ++++ health-checker: - Update to version 1.3.1 * Support multiple menuentries in GRUB configuration [gh#kubic-project/health-checker#5] ++++ kernel-default: - s390/ftrace: generate traced function stack frame (jsc#SLE-11050). - commit 8abd203 - scripts/find-unused-docs: Fix massive false positives (git-fixes). - selftests: settings: tests can be in subsubdirs (git-fixes). - visorbus: fix uninitialized variable access (git-fixes). - debugfs: Return -EPERM when locked down (git-fixes). - driver core: Fix test_async_driver_probe if NUMA is disabled (git-fixes). - component: do not dereference opaque pointer in debugfs (git-fixes). - iio: adc: stm32-dfsdm: fix single conversion (git-fixes). - iio: st_gyro: Correct data for LSM9DS0 gyro (git-fixes). - staging: wlan-ng: ensure error return is actually returned (git-fixes). - serial: 8250_bcm2835aux: Fix line mismatch on driver unbind (git-fixes). - USB: serial: ir-usb: fix IrLAP framing (git-fixes). - USB: serial: ir-usb: fix link-speed handling (git-fixes). - USB: serial: ir-usb: add missing endpoint sanity check (git-fixes). - usb: typec: wcove: fix "op-sink-microwatt" default that was in mW (git-fixes). - usb: typec: tcpci: mask event interrupts when remove driver (git-fixes). - usb: host: xhci-tegra: set MODULE_FIRMWARE for tegra186 (git-fixes). - phy: qualcomm: Adjust indentation in read_poll_timeout (git-fixes). - usb: gadget: f_ecm: Use atomic_t to track in-flight request (git-fixes). - usb: gadget: f_ncm: Use atomic_t to track in-flight request (git-fixes). - usb: dwc3: gadget: Delay starting transfer (git-fixes). - usb: dwc3: gadget: Check END_TRANSFER completion (git-fixes). - usb: dwc3: turn off VBUS when leaving host mode (git-fixes). - usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer (git-fixes). - pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B (git-fixes). - pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control (git-fixes). - gpiolib: Set lockdep class for hierarchical irq domains (git-fixes). - commit 28a738b ++++ libsepol: - Add fnocommon.patch to prevent build failures on gcc10 and remove_cil_mem_error_handler.patch to prevent build failures due to leftovers from the removal of cil_mem_error_handler (bsc#1160874) ++++ libvirt: - spec: Fix several rpmlint warnings 72ed254b-drop-exec-perms-bashcompletion.patch - xen: Support setting credit2 scheduler parameters 849052ec-libxl-support-credit2.patch bsc#1162160 ++++ u-boot-rpiarm64: Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2020.01 * Patches added: 0017-net-phy-Fix-overlong-PHY-timeout.patch ++++ yast2: - Do not crash when the "software/base_products" is not defined in the control.xml (bsc#1161956) - 4.2.62 ------------------------------------------------------------------ ------------------ 2020-1-29 - Jan 29 2020 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049.1+git119.abf1a408: * 30convertfs: adopt for SUSE (boo#1158777) ++++ kernel-default: - do_last(): fetch directory ->i_mode and ->i_uid before it's too late (bsc#1152109,CVE-2020-8428). - commit 6a0a735 - crypto: ccp - Verify access to device registers before initializing (bsc#1161073). - crypto: ccp - Change a message to reflect status instead of failure (bsc#1161073). - commit 9d00d4d - firestream: fix memory leaks (git-fixes). - net: usb: lan78xx: Add .ndo_features_check (git-fixes). - PCI: Mark AMD Navi14 GPU rev 0xc5 ATS as broken (git-fixes). - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input (git-fixes). - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT (git-fixes). - commit 0f48df8 - EDAC/mc: Remove per layer counters (jsc#SLE-9482). - EDAC/mc: Remove detail[] string and cleanup error string generation (jsc#SLE-9482). - EDAC/mc: Pass the error descriptor to error reporting functions (jsc#SLE-9482). - EDAC/mc: Remove enable_per_layer_report function arguments (jsc#SLE-9482). - EDAC/mc: Report "unknown memory" on too many DIMM labels found (jsc#SLE-9482). - EDAC/mc: Create new function edac_inc_csrow() (jsc#SLE-9482). - EDAC/mc: Determine mci pointer from the error descriptor (jsc#SLE-9482). - EDAC: Store error type in struct edac_raw_error_desc (jsc#SLE-9482). - EDAC/mc: Reorder functions edac_mc_alloc*() (jsc#SLE-9482). - EDAC/mc: Split edac_mc_alloc() into smaller functions (jsc#SLE-9482). - commit d500698 - mm/hmm: hmm_range_fault() infinite loop (HMM Functionality, jsc#SLE-8176). - commit f666122 - mm/hmm: hmm_range_fault() NULL pointer bug (HMM Functionality, jsc#SLE-8176). - commit 27fd79f - Fix applying via rapidquilt again Refresh patches.suse/sched-topology-Assert-non-NUMA-topology-masks-don-t-partially-overlap.patch. A patch in a patch description is confusing. - commit 82f83e9 - update upstream references - update Patch-mainline: patches.suse/sched-Use-fair-prio_changed-instead-of-ad-hoc-implementation.patch patches.suse/sched-core-Remove-unused-variable-from-set_user_nice.patch patches.suse/sched-fair-Define-sched_idle_cpu-only-for-SMP-configurations.patch patches.suse/sched-fair-Fix-sgc-min-max-_capacity-calculation-for-SD_OVERLAP.patch patches.suse/sched-topology-Assert-non-NUMA-topology-masks-don-t-partially-overlap.patch patches.suse/sched-wait-fix-___wait_var_event-exclusive.patch patches.suse/schied-fair-Skip-calculating-contrib-without-load.patch - commit 1c0fc31 - config: enable CONFIG_DRM_ETNAVIV on arm64 (jsc#SLE-9263). - supported.conf: mark etnaviv as supported (jsc#SLE-9263). - commit ff1abc4 - supported.conf: Support lima and panfrost (jsc#SLE-8203). - commit aa64aa2 - powerpc/mm: Remove kvm radix prefetch workaround for Power9 DD2.2 (bsc#1061840). - commit 8d2d7a2 - mmc: host: sdhci-pci: Add Genesys Logic GL975x support (bsc#1144168). - Update config files - mmc: sdhci: Export sdhci_abort_tuning function symbol (bsc#1144168). - PCI: Add Genesys Logic, Inc. Vendor ID (bsc#1144168). - mmc: sdhci: Add PLL Enable support to internal clock setup (bsc#1144168). - commit 418d5df - powerpc/xmon: don't access ASDR in VMs (bsc#1065729). - commit cc778b6 - powerpc/papr_scm: Don't enable direct map for a region by default (bsc#1129551). - commit 5d46d16 - Add already cherry-picked id for mdio_bus fix - commit e3cd812 - opp: Free static OPPs on errors while adding them (git-fixes). - ptp: free ptp device pin descriptors properly (git-fixes). - clk: samsung: exynos5420: Keep top G3D clocks enabled (git-fixes). - commit 003f497 - sched/fair: Define sched_idle_cpu() only for SMP configurations (bnc#1155798 (CPU scheduler functional and performance backports)). - commit c8faafc - sched/topology: Assert non-NUMA topology masks don't (partially) overlap (bnc#1155798 (CPU scheduler functional and performance backports)). - commit ffd4102 - sched/fair: Fix sgc->{min,max}_capacity calculation for SD_OVERLAP (bnc#1155798 (CPU scheduler functional and performance backports)). - commit d5c0168 - sched/core: Remove unused variable from set_user_nice() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit d56a5d4 - schied/fair: Skip calculating @contrib without load (bnc#1155798 (CPU scheduler functional and performance backports)). - commit e039f48 - sched/wait: fix ___wait_var_event(exclusive) (bnc#1155798 (CPU scheduler functional and performance backports)). - commit a75fdb5 - sched: Use fair:prio_changed() instead of ad-hoc implementation (bnc#1155798 (CPU scheduler functional and performance backports)). - commit d945568 - supported.conf: cleanup Drop entries which no longer match any module built. - commit c5f35cc - drm/mgag200: Flag all G200 SE A machines as broken wrt (bsc#1152489) - commit 9c74a8c - series.conf: cleanup - update upstream references and move into sorted section: patches.suse/ASoC-fsl_sai-add-IRQF_SHARED.patch patches.suse/USB-Fix-Don-t-skip-endpoint-descriptors-with-maxpack.patch patches.suse/enetc-add-software-timestamping.patch patches.suse/enetc-remove-variable-tc_max_sized_frame-set-but-not.patch patches.suse/gpio-mpc8xxx-Add-platform-device-to-gpiochip-parent.patch patches.suse/libertas-Fix-two-buffer-overflows-at-parsing-bss-des.patch patches.suse/sched-Spare-resched-IPI-when-prio-changes-on-a-single-fair-task.patch patches.suse/sched-clock-Use-static_branch_likely-with-sched_clock_running.patch patches.suse/sched-fair-Improve-update_sd_pick_busiest-for-spare-capacity-case.patch patches.suse/sched-fair-Load-balance-aggressively-for-SCHED_IDLE-CPUs.patch patches.suse/sched-fair-Make-sched-idle-CPU-selection-consistent-throughout.patch patches.suse/sched-fair-Optimize-select_idle_cpu.patch patches.suse/sched-fair-Remove-redundant-call-to-cpufreq_update_util.patch patches.suse/sched-fair-calculate-delta-runnable-load-only-when-it-s-needed.patch No effect on expanded tree. - commit 06db07c - drm/mgag200: Add workaround for HW that does not support 'startadd' (bsc#1152489) - commit 8ad9863 - series.conf: refresh - update upstream references (mainline now) and resort: patches.suse/hwrng-iproc-rng200-add-support-for-bcm2711.patch patches.suse/ice-Add-device-ids-for-E822-devices.patch patches.suse/igc-Add-64-bit-DMA-access-support.patch patches.suse/igc-Add-PHY-power-management-control.patch patches.suse/igc-Add-SKU-for-i225-device.patch patches.suse/igc-Add-basic-skeleton-for-PTP.patch patches.suse/igc-Add-legacy-power-management-support.patch patches.suse/igc-Add-scatter-gather-support.patch patches.suse/igc-Add-support-for-RX-timestamping.patch patches.suse/igc-Add-support-for-TSO.patch patches.suse/igc-Add-support-for-TX-timestamping.patch patches.suse/igc-Add-support-for-ethtool-GET_TS_INFO-command.patch patches.suse/igc-Fix-parameter-descriptions-for-a-several-functio.patch patches.suse/igc-Fix-the-parameter-description-for-igc_alloc_rx_b.patch patches.suse/igc-Fix-typo-in-a-comment.patch patches.suse/igc-Improve-the-DMA-mapping-flow.patch patches.suse/igc-Prefer-to-use-the-pci_release_mem_regions-method.patch patches.suse/igc-Remove-excess-parameter-description-from-igc_is_.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_alloc_mapp.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_assign_vec.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_clean_tx_r.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_configure.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_configure_.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_free_q_vec-f7bcca5d.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_free_q_vec.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_irq_disabl.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_irq_enable.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_power_down.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_set_defaul.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_set_interr.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_set_rx_mod.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_sw_init.patch patches.suse/igc-Remove-no-need-declaration-of-the-igc_write_itr.patch patches.suse/igc-Remove-serdes-comments-from-a-description-of-met.patch patches.suse/igc-Remove-unused-definition.patch patches.suse/igc-Use-Start-of-Packet-signal-from-PHY-for-timestam.patch - commit a2cb839 - crypto: ccree - fix PM race condition (git-fixes). - crypto: caam/qi2 - fix typo in algorithm's driver name (git-fixes). - crypto: atmel-sha - fix error handling when setting hmac key (git-fixes). - crypto: artpec6 - return correct error code for failed setkey() (git-fixes). - crypto: chelsio - fix writing tfm flags to wrong place (git-fixes). - crypto: api - fix unexpectedly getting generic implementation (git-fixes). - crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill (git-fixes). - crypto: api - Fix race condition in crypto_spawn_alg (git-fixes). - crypto: api - Check spawn->alg under lock in crypto_drop_spawn (git-fixes). - crypto: af_alg - Use bh_lock_sock in sk_destruct (git-fixes). - crypto: testmgr - don't try to decrypt uninitialized buffers (git-fixes). - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request (git-fixes). - crypto: arm64/ghash-neon - bump priority to 150 (git-fixes). - crypto: ccp - set max RSA modulus size for v3 platform devices as well (git-fixes). - commit 57ecf54 - ASoC: topology: fix soc_tplg_fe_link_create() - link->dobj initialization order (git-fixes). - ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug (git-fixes). - ALSA: hda: Add Clevo W65_67SB the power_save blacklist (git-fixes). - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s (git-fixes). - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() (git-fixes). - ALSA: hda/realtek - Add Headset Mic supported for HP cPC (git-fixes). - ALSA: hda/analog - Minor optimization for SPDIF mux connections (git-fixes). - ALSA: hda: patch_hdmi: remove warnings with empty body (git-fixes). - ALSA: hda: correct kernel-doc parameter descriptions (git-fixes). - ALSA: hda: Manage concurrent reg access more properly (git-fixes). - ALSA: hda: patch_realtek: fix empty macro usage in if block (git-fixes). - ALSA: hda: Fix a typo in comments (git-fixes). - ALSA: sh: Fix compile warning wrt const (git-fixes). - ALSA: hda: More constifications (git-fixes). - ALSA: hda/realtek - More constifications (git-fixes). - ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too (git-fixes). - ALSA: sh: Fix unused variable warnings (git-fixes). - ALSA: hda - constify and cleanup static NodeID tables (git-fixes). - ALSA: hda: Constify snd_pci_quirk tables (git-fixes). - ALSA: hda: Constify snd_kcontrol_new items (git-fixes). - ALSA: hda: constify copied structure (git-fixes). - ALSA: hda: Comment about snd_hdac_bus_update_rirb() and spinlock (git-fixes). - ALSA: control: remove useless assignment in .info callback of PCM chmap element (git-fixes). - ALSA: hda: Unify get_response handling (git-fixes). - ALSA: hda: Use waitqueue for RIRB in HDA-core helper, too (git-fixes). - ALSA: hda: Use standard waitqueue for RIRB wakeup (git-fixes). - ath10k: Correct the DMA direction for management tx buffers (git-fixes). - Revert "ath10k: fix DMA related firmware crashes on multiple devices" (git-fixes). - ath10k: pci: Fix comment on ath10k_pci_dump_memory_sram (git-fixes). - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe (git-fixes). - iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop (git-fixes). - rtw88: fix potential NULL skb access in TX ISR (git-fixes). - brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362 (git-fixes). - mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() (git-fixes). - net: socionext: fix xdp_result initialization in netsec_process_rx (git-fixes). - net: socionext: fix possible user-after-free in netsec_process_rx (git-fixes). - ath9k: fix storage endpoint lookup (git-fixes). - brcmfmac: Fix memory leak in brcmf_usbdev_qinit (git-fixes). - zd1211rw: fix storage endpoint lookup (git-fixes). - rsi_91x_usb: fix interface sanity check (git-fixes). - rtl8xxxu: fix interface sanity check (git-fixes). - orinoco_usb: fix interface sanity check (git-fixes). - brcmfmac: fix interface sanity check (git-fixes). - mwifiex: delete unused mwifiex_get_intf_num() (git-fixes). - brcmfmac: Fix use after free in brcmf_sdio_readframes() (git-fixes). - rsi: fix non-atomic allocation in completion handler (git-fixes). - rsi: fix memory leak on failed URB submission (git-fixes). - rsi: fix use-after-free on probe errors (git-fixes). - rsi: fix use-after-free on failed probe and unbind (git-fixes). - bcma: remove set but not used variable 'sizel' (git-fixes). - brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev() (git-fixes). - wil6210: fix break that is never reached because of zero'ing of a retry counter (git-fixes). - ath10k: Fix qmi init error handling (git-fixes). - ath10k: correct the tlv len of ath10k_wmi_tlv_op_gen_config_pno_start (git-fixes). - NFC: pn544: Adjust indentation in pn544_hci_check_presence (git-fixes). - ppp: Adjust indentation into ppp_async_input (git-fixes). - Bluetooth: btusb: fix memory leak on fw (git-fixes). - Bluetooth: btusb: fix non-atomic allocation in completion handler (git-fixes). - commit b16c1ef - regulator: core: Fix exported symbols to the exported GPL version (git-fixes). - commit b623820 - btrfs: dev-replace: remove warning for unknown return codes when finished (dependency for bsc#1162067). - commit c6cf4b1 - btrfs: scrub: Require mandatory block group RO for dev-replace (bsc#1162067). - commit 1eeede9 - Update config files. (bsc#1160067) The 8379bb84be be backported by Takashi from v5.5-rc7 to SLE15-SP2 kernel. This patch fixed bsc#1160067. After long run testing, we confirmed that the issue be fixed on SLE15-SP2 and also v5.5 mainline kernel. So I enable CONFIG_KEYS_REQUEST_CACHE again. commit 8379bb84be757d5df2d818509faec5d66adb861d Author: David Howells Date: Tue Jan 14 16:06:14 2020 +0000 keys: Fix request_key() cache - commit 8e290bd - sched, fair: Allow a per-cpu kthread waking a task to stack on the same CPU (bsc#1154329). - commit 8765a0f ++++ kexec-tools: - Fix build errors on old distributions * kexec-tools-video-capability.patch * kexec-tools-SYS_getrandom.patch ++++ Mesa: - require and check for llvm-devel >= 9 instead of llvm9-devel on openSUSE - enabled build of gallium based llvmpipe driver for s390x (related to jsc#IBM-369, jsc#SLE-7452) - Update to version 19.3.3 * There's plenty of changes here, but intel, docs, radeonsi, and aco are the biggest sets of changes. - supersedes U_0005-radv-Remove-syncobj_handle-variable-in-header.patch - set optflags also for g++ compiler ++++ libvirt: - xen: Inhibit libvirtd shutdown when domains are running 6c1dddaf-libxl-shutdown-inhibit.patch bsc#1157100 ++++ makedumpfile: - makedumpfile-PN_XNUM.patch: Define PN_XNUM if missing. ++++ salt: - Enable passing grains to start event based on 'start_event_grains' configuration parameter - Added: * restrict-the-start_event_grains-only-to-the-start-ev.patch * enable-passing-grains-to-start-event-based-on-start_.patch ++++ rebootmgr: - Disable ectd support (no current etcd C-library available) ++++ sysconfig: - Mark /etc/yp.conf as %config(noreplace): this is the same as the file shipped by ypbind has as mode. In sysconfig we create a symlink, in ypbind, the file is actually only owned for reference. Having the same modes allows for the bots to do their work properly (boo#1159566). ++++ u-boot-rpiarm64: Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2020.01 Add support for Jetson Nano. Enable btrfs by default. (jsc#SLE-10302) Add network support for RPi4 (jsc#SLE-7276) * Patches added: 0010-ARM-tegra-Add-NVIDIA-Jetson-Nano-De.patch 0011-net-Add-support-for-Broadcom-GENETv.patch 0012-rpi4-Update-memory-map-to-accommoda.patch 0013-rpi4-Enable-GENET-Ethernet-controll.patch 0014-Kconfig-add-btrfs-to-distro-boot.patch 0015-configs-Re-sync-with-CONFIG_DISTRO_.patch 0016-configs-am335x_evm-disable-BTRFS.patch ++++ yast2: - Speed up run on WSL (bsc#1157575) - 4.2.61 ------------------------------------------------------------------ ------------------ 2020-1-28 - Jan 28 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: enable arm-specific UFS modules (bsc#1158776 comment 14). - supported.conf: mark arm-specific UFS modules as supported. - commit ba2a890 - config: enable CONFIG_SCSI_SNIC_DEBUG_FS (bsc#1158776 comment 19). - commit 1120a0c - kvm: aarch64: Avoid guest access host debug/PMU registers (bnc#1161692). - commit 392760e - config: enable CONFIG_NVM_PBLK on arm64 (bsc#1158776 comment 18). - commit 1f58f3e - config: disable CONFIG_VIRTIO_BLK_SCSI (bsc#1158776 comment 17). - commit a547bc2 - powerpc/pseries/lparcfg: Fix display of Maximum Memory (bsc#1162028 ltc#181740). - commit c2573b2 - config: enable BLK_SED_OPAL on arm64 (bsc#1158776 comment 16). - commit 5c8c73b - config: disable CONFIG_RD_LZ4 in arm64/default and s390x/zfcpdump (bsc#1158776 comment 15). - commit 6466f6e - config: adjust block device options on arm64 to match x86_64 (bsc#1158776 comment 14). - commit 6b66509 - config: disable MANDATORY_FILE_LOCKING on arm64. To the best of my knowledge this is dead code that no one cares about. (bsc#1158776 comment 12). - commit 6b4bc5e - config: Disable 842 compression on arm64 (bsc#1158776 comment 11). - commit 998bea1 - config: file system options on arm64 (bsc#1158776 comment 10). - commit b603b82 - config: USB options on arm64 (bsc#1158776 comment 9). - commit f06de5d - config: update non-x86_64 header (gcc 7.5.0) - commit a033e88 - blacklist.conf: aeed8aa3874d ("tracing: trigger: Replace unneeded RCU-list traversals") Needs 28875945ba98 ("rcu: Add support for consolidated-RCU reader checking"), which seems to be too invasive for the potential gain. - commit d3073ab - Update patches.suse/target-add-lio-rbd-to-makefile-Kconfig.patch. TCM_RBD depends on BLK_DEV_RBD (rbd_img_request_put) - commit 804b592 - config: refresh - update x86_64/default header (gcc 7.5.0) - clean up x86_64/kvmsmall - commit 88fb509 - patch metadata cleanup - fix Patch-mainline: patches.suse/sched-cfs-fix-spurious-active-migration.patch patches.suse/sched-fair-Fix-find_idlest_group-to-handle-CPU-affinity.patch patches.suse/sched-fair-Optimize-select_idle_core.patch - commit 2dd79f3 - Consistent network-related options (bsc#1158776 comment 7). - commit 8954e4c - clocksource/drivers/bcm2835_timer: Fix memory leak of timer (git-fixes). - ACPI / battery: Deal better with neither design nor full capacity not being reported (git-fixes). - ACPI / battery: Use design-cap for capacity calculations if full-cap is not available (git-fixes). - ACPI / battery: Deal with design or full capacity being reported as -1 (git-fixes). - regulator: rk808: Lower log level on optional GPIOs being not available (git-fixes). - regulator: vctrl-regulator: Avoid deadlock getting and setting the voltage (git-fixes). - spi: fsl-lpspi: fix only one cs-gpio working (git-fixes). - spi: spi-fsl-qspi: Ensure width is respected in spi-mem operations (git-fixes). - regmap: fix writes to non incrementing registers (git-fixes). - dmaengine: fsl-qdma: fix duplicated argument to && (git-fixes). - dmaengine: axi-dmac: add a check for devm_regmap_init_mmio (git-fixes). - platform/x86: intel_mid_powerbtn: Take a copy of ddata (git-fixes). - commit 9a9e8fa ++++ kernel-firmware: - Revert vega10_sos.bin again as the latest firmware still broken for SLE15-SP1 (4.19 DRM-base) amdgpu driver (bsc#1143331) ++++ openssl-1_1: - Support for CPACF enhancements - part 2 (crypto) [jsc#SLE-7403] - Add patches: * openssl-s390x-assembly-pack-accelerate-X25519-X448-Ed25519-and-Ed448.patch * openssl-s390x-fix-x448-and-x448-test-vector-ctime-for-x25519-and-x448.patch ++++ python3-core: - Add pep538_coerce_legacy_c_locale.patch to coerce locale to C.UTF-8 always (bsc#1162423). ++++ python3: - Add pep538_coerce_legacy_c_locale.patch to coerce locale to C.UTF-8 always (bsc#1162423). ++++ qemu: - Stop using system membarriers (ie switch from --enable-membarrier to --disable-membarrier). This is a blocker for using qemu in the context of containers (boo#1130134 jsc#SLE-11089) - Drop this recently added patch - in consultation with upstream it was decided it needed to be solved a different way (bsc#1159755) hw-i386-disable-smbus-migration-for-xenf.patch - Include upstream patches targeted for the next stable release (bug fixes only) block-backup-fix-memory-leak-in-bdrv_bac.patch iscsi-Cap-block-count-from-GET-LBA-STATU.patch s390x-adapter-routes-error-handling.patch target-i386-kvm-initialize-feature-MSRs-.patch ++++ xfsprogs: - mkfs.xfs: validate extent size hint parameters (bsc#1158509) * Add xfsprogs-mkfs-validate-extent-size-hint-parameters.patch * Add xfsprogs-xfs-move-inode-extent-size-hint-validation-to-libxfs.patch * Add xfsprogs-xfs_repair-use-libxfs-extsize-cowextsize-validation-.patch ++++ yast2: - Added classes for handling the old repository setup during upgrade (related to bsc#1159433) - 4.2.60 ------------------------------------------------------------------ ------------------ 2020-1-27 - Jan 27 2020 ------------------- ------------------------------------------------------------------ ++++ kdump: - kdump-activate-udev-rules-late-during-boot.patch: Activate kdump udev rules late during boot (bsc#1154837) ++++ kernel-default: - Btrfs: always copy scrub arguments back to user space (bsc#1161948). - commit 08b80dc - btrfs: skip log replay on orphaned roots (bsc#1161935). - commit eeeba1a - btrfs: handle ENOENT in btrfs_uuid_tree_iterate (bsc#1161937). - commit 2acecda - btrfs: abort transaction after failed inode updates in create_subvol (bsc#1161936). - commit 78f55a1 - btrfs: do not call synchronize_srcu() in inode_tree_del (bsc#1161934). - commit 433b7cb - Btrfs: make tree checker detect checksum items with overlapping ranges (bsc#1161931). - commit 1bcc04b - Btrfs: fix missing data checksums after replaying a log tree (bsc#1161931). - commit fe9925a - tracing: Fix histogram code when expression has same var as value (git-fixes). - commit 70a4335 - tracing: xen: Ordered comparison of function pointers (git-fixes). - commit 1c35b4a - mwifiex: fix unbalanced locking in mwifiex_process_country_ie() (CVE-2019-14895 bsc#1157158). - commit b2eb35f - iwlwifi: mvm: fix SKB leak on invalid queue (git-fixes). - can, slip: Protect tty->disc_data in write_wakeup and close with RCU (git-fixes). - Input: pm8xxx-vib - fix handling of separate enable register (git-fixes). - Input: keyspan-remote - fix control-message timeouts (git-fixes). - Input: sur40 - fix interface sanity checks (git-fixes). - Input: gtco - fix endpoint sanity check (git-fixes). - Input: aiptek - fix endpoint sanity check (git-fixes). - Input: pegasus_notetaker - fix endpoint sanity check (git-fixes). - Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register (git-fixes). - drm/i915: Align engine->uabi_class/instance with i915_drm.h (git-fixes). - drm/i915/userptr: fix size calculation (git-fixes). - mmc: sdhci: fix minimum clock rate for v3 controller (git-fixes). - mmc: tegra: fix SDR50 tuning override (git-fixes). - mmc: sdhci_am654: Reset Command and Data line after tuning (git-fixes). - mmc: sdhci_am654: Remove Inverted Write Protect flag (git-fixes). - hwmon: (core) Do not use device managed functions for memory allocations (git-fixes). - hwmon: (nct7802) Fix non-working alarm on voltages (git-fixes). - hwmon: (nct7802) Fix voltage limits to wrong registers (git-fixes). - batman-adv: Fix DAT candidate selection on little endian systems (git-fixes). - cfg80211: check for set_wiphy_params (git-fixes). - iio: adc: ad7124: Fix DT channel configuration (git-fixes). - USB: serial: option: add support for Quectel RM500Q in QDL mode (git-fixes). - USB: serial: option: Add support for Quectel RM500Q (git-fixes). - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx (git-fixes). - usb: core: hub: Improved device recognition on remote wakeup (git-fixes). - macb: Don't unregister clks unconditionally (git-fixes). - drm/arm/mali: make malidp_mw_connector_helper_funcs static (git-fixes). - tomoyo: Don't use nifty names on sockets (git-fixes). - drm/i915/gvt: set guest display buffer as readonly (git-fixes). - rtc: bd70528: fix module alias to autoload module (git-fixes). - drm/amdgpu: allow direct upload save restore list for raven2 (git-fixes). - mt76: fix possible out-of-bound access in mt7615_fill_txs/mt7603_fill_txs (git-fixes). - commit daca0f5 - Update patches.suse/ipv6-fix-a-typo-in-fib6_rule_lookup.patch (bnc#1151927 5.3.4 CVE-2019-20422). Added CVE reference. - commit afdb381 - net: Fix skb->csum update in inet_proto_csum_replace16() (bsc#1154353). - netfilter: nf_tables: autoload modules from the abort path (bsc#1154353). - netfilter: nf_tables: add __nft_chain_type_get() (bsc#1154353). - netfilter: conntrack: sctp: use distinct states for new SCTP connections (bsc#1154353). - netfilter: ipset: use bitmap infrastructure completely (bsc#1154353). - netfilter: nft_osf: add missing check for DREG attribute (bsc#1154353). - net/mlx5e: kTLS, Do not send decrypted-marked SKBs via non-accel path (jsc#SLE-8464). - net/mlx5e: kTLS, Remove redundant posts in TX resync flow (jsc#SLE-8464). - net/mlx5e: kTLS, Fix corner-case checks in TX resync flow (jsc#SLE-8464). - net/mlx5e: Clear VF config when switching modes (jsc#SLE-8464). - net/mlx5: DR, use non preemptible call to get the current cpu number (jsc#SLE-8464). - net/mlx5: E-Switch, Prevent ingress rate configuration of uplink rep (jsc#SLE-8464). - net/mlx5: DR, Enable counter on non-fwd-dest objects (jsc#SLE-8464). - net/mlx5: Update the list of the PCI supported devices (jsc#SLE-8464). - net/mlx5: Fix lowest FDB pool size (jsc#SLE-8464). - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM (bsc#1154353). - ipv6_route_seq_next should increase position index (bsc#1154353). - rt_cpu_seq_next should increase position index (bsc#1154353). - neigh_stat_seq_next() should increase position index (bsc#1154353). - vcc_seq_next should increase position index (bsc#1154353). - l2t_seq_next should increase position index (bsc#1154353). - seq_tab_next() should increase position index (bsc#1154353). - tcp: do not leave dangling pointers in tp->highest_sack (bsc#1154353). - net/rose: fix spelling mistake "to" -> "too" (bsc#1154353). - caif_usb: fix spelling mistake "to" -> "too" (bsc#1154353). - ipvs: fix spelling mistake "to" -> "too" (bsc#1154353). - i40e: fix spelling mistake "to" -> "too" (jsc#SLE-8025). - net_sched: fix datalen for ematch (bsc#1154353). - qlcnic: Fix CPU soft lockup while collecting firmware dump (bsc#1154353). - fou: Fix IPv6 netlink policy (bsc#1154353). - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user() (bsc#1154353). - mlxsw: spectrum_acl: Fix use-after-free during reload (bsc#1154488). - gtp: make sure only SOCK_DGRAM UDP sockets are accepted (bsc#1154353). - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() (bsc#1154353). - net, ip6_tunnel: fix namespaces move (bsc#1154353). - net_sched: use validated TCA_KIND attribute in tc_new_tfilter() (bsc#1154353). - Revert "udp: do rmem bulk free even if the rx sk queue is empty" (bsc#1154353). - net: Fix packet reordering caused by GRO and listified RX cooperation (bsc#1154353). - net, sk_msg: Don't check if sock is locked when tearing down psock (bsc#1154353). - net, ip_tunnel: fix namespaces move (bsc#1154353). - tcp: remove redundant assigment to snd_cwnd (bsc#1154353). - tcp_bbr: improve arithmetic division in bbr_update_bw() (bsc#1154353). - net-sysfs: Fix reference count leak (bsc#1154353). - ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions (bsc#1154353). - xfrm: support output_mark for offload ESP packets (bsc#1154353). - xfrm interface: fix packet tx through bpf_redirect() (bsc#1154353). - vti: fix packet tx through bpf_redirect() (bsc#1154353). - net: ip6_gre: fix moving ip6gre between namespaces (bsc#1154353). - commit 3508aa7 - x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() (bsc#1152489). - Refresh patches.suse/x86-mce-amd-allow-reserved-types-to-be-overwritten-in-smca_banks.patch. - commit 0c7e16a - Input: rmi_f54 - read from FIFO in 32 byte blocks (git-fixes). - Input: synaptics-rmi4 - simplify data read in rmi_f54_work (git-fixes). - Delete patches.suse/Input-synaptics-rmi4-don-t-increment-rmiaddr-for-SMB.patch. a284e11c371e was reverted in 8ff771f8c8d5. c15f8ba6dc1f is a proper fix. - commit 396ae25 - net_sched: use validated TCA_KIND attribute in tc_new_tfilter() (git-fixes). - readdir: make user_access_begin() use the real access range (git-fixes). - commit 4c11de1 - Fix off-by-one error in the previous i915 fix (bsc#1161720 bsc#1161785) - commit 079d24f - rpm/kabi.pl: support new (>=5.4) Module.symvers format (new symbol namespace field) - commit eecbd97 - powerpc/mm/hash: Fix sharing context ids between kernel & userspace (bsc#1156395). - commit c178acd - powerpc/xive: Discard ESB load value when interrupt is invalid (fate#322438 bsc#1085030). - commit ee23543 - Update patches.suse/powerpc-xive-Implement-get_irqchip_state-method-for-.patch (fate#322438 bsc#1085030). - commit 9781d7d - libnvdimm/namespace: Differentiate between probe mapping and runtime mapping (bsc#1153535). - commit 515c670 ++++ Mesa: - require llvm9 (jsc#IBM-369, jsc#SLE-7452) ++++ makedumpfile: - Update to version 1.6.7: + Makefile: remove -lebl from LIBS when no libebl.a. + Fix compilation warnings on 32-bit system. + Support newer kernels up to v5.4. - Drop makedumpfile-Increase-SECTION_MAP_LAST_BIT-to-4.patch: fixed upstream. - Drop libebl-devel BuildRequires: ebl is being absorbed by libdw. ------------------------------------------------------------------ ------------------ 2020-1-25 - Jan 25 2020 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - No longer recommend -lang: supplements are in use ++++ glib2: - No longer recommend -lang: supplements are in use ++++ gsettings-desktop-schemas: - No longer recommend -lang: supplements are in use ++++ json-glib: - No longer recommend -lang: supplements are in use ++++ NetworkManager: - No longer recommend -lang: supplements are in use ------------------------------------------------------------------ ------------------ 2020-1-24 - Jan 24 2020 ------------------- ------------------------------------------------------------------ ++++ kdump: - Use BuildRequire(udev) instead of udev: allow OBS to shortcut through the -mini flavors. - Use systemd_ordering instead of systemd_requires: systemd is not a strict requirement, but if the system is going to use it, we want it to beinstalled prior to kdump. ++++ kernel-default: - drm/i915/gt: Detect if we miss WaIdleLiteRestore (bsc#1161720). Remove the corresponding blacklist entry, too - commit 480b94e - sched/fair: Load balance aggressively for SCHED_IDLE CPUs (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Make sched-idle CPU selection consistent throughout (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/clock: Use static_branch_likely() with sched_clock_running (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Remove redundant call to cpufreq_update_util() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: calculate delta runnable load only when it's needed (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair : Improve update_sd_pick_busiest for spare capacity case (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Spare resched IPI when prio changes on a single fair task (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Optimize select_idle_core (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Optimize select_idle_cpu (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix find_idlest_group() to handle CPU affinity (bnc#1155798 (CPU scheduler functional and performance backports)). - commit aa673a4 - x86/CPU/AMD: Ensure clearing of SME/SEV features is maintained (bsc#1161731). - commit 4ba75bd - net/smc: unregister ib devices in reboot_event (jsc#SLE-7395). - net/smc: remove unused constant (jsc#SLE-7395). - net/smc: use rcu_barrier() on module unload (jsc#SLE-7395). - net/smc: guarantee removal of link groups in reboot (jsc#SLE-7395). - net/smc: introduce bookkeeping of SMCR link groups (jsc#SLE-7395). - net/smc: immediate termination for SMCR link groups (jsc#SLE-7395). - net/smc: wait for tx completions before link freeing (jsc#SLE-7395). - net/smc: abnormal termination without orderly flag (jsc#SLE-7395). - net/smc: no WR buffer wait for terminating link group (jsc#SLE-7395). - net/smc: introduce bookkeeping of SMCD link groups (jsc#SLE-7395). - net/smc: abnormal termination of SMCD link groups (jsc#SLE-7395). - net/smc: immediate termination for SMCD link groups (jsc#SLE-7395). - net/smc: fix final cleanup sequence for SMCD devices (jsc#SLE-7395). - net/smc: remove close abort worker (jsc#SLE-7395). - net/smc: introduce link group termination worker (jsc#SLE-7395). - net/smc: improve abnormal termination of link groups (jsc#SLE-7395). - net/smc: tell peers about abnormal link group termination (jsc#SLE-7395). - net/smc: improve link group freeing (jsc#SLE-7395). - net/smc: improve abnormal termination locking (jsc#SLE-7395). - net/smc: terminate link group without holding lgr lock (jsc#SLE-7395). - net/smc: cancel send and receive for terminated socket (jsc#SLE-7395). - net/smc: improve close of terminated socket (jsc#SLE-7395). - net/smc: no new connections on disappearing devices (jsc#SLE-7395). - net/smc: increase device refcount for added link group (jsc#SLE-7395). - net/smc: separate locks for SMCD and SMCR link group lists (jsc#SLE-7395). - net/smc: separate SMCD and SMCR link group lists (jsc#SLE-7395). - commit 57bf8aa ++++ rdma-core: - Add disable-rdma-interface-renaming.patch to disable interface renaming which causes mvapich2 to fail (bsc#1161794) ++++ openldap2: - bsc#1158921 libldap-data should be requires, not recommends to help prevent user confusion around configuration ownership. ++++ podman: - Add apparmor-abstractions as required runtime dependency to have `tunables/global` available. ++++ qemu: - Include upstream patches targeted for the next stable release (bug fixes only) hw-i386-pc-fix-regression-in-parsing-vga.patch m68k-Fix-regression-causing-Single-Step-.patch migration-Rate-limit-inside-host-pages.patch migration-test-ppc64-fix-FORTH-test-prog.patch Revert-vnc-allow-fall-back-to-RAW-encodi.patch runstate-ignore-finishmigrate-prelaunch-.patch target-arm-Return-correct-IL-bit-in-merg.patch target-arm-Set-ISSIs16Bit-in-make_issinf.patch vnc-prioritize-ZRLE-compression-over-ZLI.patch - BuildRequire pkconfig(systemd) instead of systemd: allow OBS to shortcut through the -mini flavors. - Use systemd_ordering in place of systemd_requires: systemd is never a strict requirement for qemu; but when installing qemu on a systemd-managed system, we want system to be present first. ------------------------------------------------------------------ ------------------ 2020-1-23 - Jan 23 2020 ------------------- ------------------------------------------------------------------ ++++ hwinfo: - BuildRequire pkgconfig(udev) instead of udev: allow OBS to shortcut through the -mini flavor. ++++ kernel-default: - EDAC: Remove misleading comment in struct edac_raw_error_desc (jsc#SLE-9482). - commit f2fb341 - xfs: fix mount failure crash on invalid iclog memory access (bsc#1161726). - commit fbaeaa1 - blacklist.conf: df1a7524741b ("x86/entry/32: Remove unused resume_userspace label") - commit 175a9c1 - x86/ioapic: Prevent inconsistent state when moving an interrupt (bsc#1152489). - commit a9854ec - EDAC: Unify the mc_event tracepoint call (jsc#SLE-9482). - EDAC/ghes: Remove intermediate buffer pvt->detail_location (jsc#SLE-9482). - EDAC/ghes: Fix grain calculation (jsc#SLE-9482). - EDAC/ghes: Use standard kernel macros for page calculations (jsc#SLE-9482). - EDAC/mc: Reduce indentation level in edac_mc_handle_error() (jsc#SLE-9482). - EDAC/mc: Remove needless zero string termination (jsc#SLE-9482). - EDAC/mc: Do not BUG_ON() in edac_mc_alloc() (jsc#SLE-9482). - EDAC: Introduce an mci_for_each_dimm() iterator (jsc#SLE-9482). - EDAC: Remove EDAC_DIMM_OFF() macro (jsc#SLE-9482). - EDAC: Replace EDAC_DIMM_PTR() macro with edac_get_dimm() function (jsc#SLE-9482). - commit 242a2b2 - EDAC/mc_sysfs: Make debug messages consistent (jsc#SLE-9482). - EDAC/mc_sysfs: Remove pointless gotos (jsc#SLE-9482). - EDAC: Prefer 'unsigned int' to bare use of 'unsigned' (jsc#SLE-9482). - commit 919516b - EDAC/mc: Cleanup _edac_mc_free() code (jsc#SLE-9482). - commit 0c79b9b - s390/qeth: vnicc Fix init to default (jsc#SLE-7474). - s390/qeth: Fix vnicc_is_in_use if rx_bcast not set (jsc#SLE-7474). - s390/qeth: fix false reporting of VNIC CHAR config failure (jsc#SLE-7474). - s390/qeth: lock the card while changing its hsuid (jsc#SLE-7474). - s390/qeth: fix qdio teardown after early init error (jsc#SLE-7474). - s390/qeth: don't return -ENOTSUPP to userspace (jsc#SLE-7474). - s390/qeth: fix promiscuous mode after reset (jsc#SLE-7474). - s390/qeth: handle error due to unsupported transport mode (jsc#SLE-7474). - s390/qeth: ensure linear access to packet headers (jsc#SLE-7474). - s390/qeth: guard against runt packets (jsc#SLE-7474). - s390/qeth: don't check drvdata in sysfs code (jsc#SLE-7474). - s390/qeth: replace qeth_l3_get_addr_buffer() (jsc#SLE-7474). - s390/qeth: remove VLAN tracking for L3 devices (jsc#SLE-7474). - s390/qeth: consolidate L3 mcast registration code (jsc#SLE-7474). - s390/qeth: remove gratuitious RX modeset (jsc#SLE-7474). - s390/qeth: fine-tune L3 mcast locking (jsc#SLE-7474). - s390/qeth: clean up error path in qeth_core_probe_device() (jsc#SLE-7474). - s390/qeth: handle skb allocation error gracefully (jsc#SLE-7474). - s390/qeth: drop unwanted packets earlier in RX path (jsc#SLE-7474). - s390/qeth: support per-frame invalidation (jsc#SLE-7474). - s390/qeth: gather more detailed RX dropped/error statistics (jsc#SLE-7474). - s390/qeth: don't cache MAC addresses for multicast IPs (jsc#SLE-7474). - s390/qeth: use helpers for IP address hashing (jsc#SLE-7474). - s390/qeth: don't set card state in qeth_qdio_clear_card() (jsc#SLE-7474). - commit 97e2cae - s390/qeth: keep IRQ disabled until NAPI is really done (jsc#SLE-7474). - s390/qeth: use QDIO_BUFNR() (jsc#SLE-7474). - s390/qdio: move SSQD Sniffer mask definition (jsc#SLE-7474). - commit 0fcd468 - Update patches.suse/net-mlx5-prevent-memory-leak-in-mlx5_fpga_conn_creat.patch (jsc#SLE-8464 bnc#1151927 5.3.11 CVE-2019-19045). Added CVE reference - commit 9835bdc - btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588). - commit fc30409 ++++ openssl-1_1: - Temporarily ignore broken OPENSSL_INIT_NO_ATEXIT due to our layered FIPS initialization (bsc#1161789) * openssl-fips-ignore_broken_atexit_test.patch ++++ libzypp: - yum::Downloader: Prefer zchunk compressed metadata if libvsolv supports it. - BuildRequires: libsolv-devel >= 0.7.11. - version 17.22.0 (22) ++++ runc: - Upgrade to runc v1.0.0~rc10. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc10 - Drop upstreamed patches: - CVE-2019-19921.patch ++++ yast2: - Add an option to enable the online search in the package selector (jsc#SLE-9109). - 4.2.59 - don't use /bin/systemd compat symlink (bsc#1160890) - 4.2.58 ------------------------------------------------------------------ ------------------ 2020-1-22 - Jan 22 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI (bsc#1152489). - commit d1023df - blacklist.conf: 7720804a2ae4 ("x86, perf: Fix the dependency of the x86 insn decoder selftest") - commit b934c08 - Update patches.suse/mm-memory_hotplug-don-t-free-usage-map-when-removing-a-re-added-early-section.patch (bsc#1160366 ltc#183002 git fixes (mm/hotplug)). - commit 4057d37 - blacklist.conf: Add iwlwifi revert entry that isn't suitable - commit 8b00a89 - bus: ti-sysc: Fix iterating over clocks (git-fixes). - clk: Don't try to enable critical clocks if prepare failed (git-fixes). - clk: tegra: Fix double-free in tegra_clk_init() (git-fixes). - commit 7747d41 - blacklist.conf: Add drm/virtio entries, insufficent for SLE15-SP2 - commit c1ea031 - x86/resctrl: Fix potential memory leak (bsc#1152489). - x86/resctrl: Fix an imbalance in domain_remove_cpu() (bsc#1152489). - commit b6bd4fe - PCI: dwc: Add validation that PCIe core is set to correct mode (jsc#SLE-10562). - commit a4552c1 - blacklist.conf: Append 'drm/amdgpu: register gpu instance before fan boost feature enablment' - commit 6fe4000 - sched/cfs: fix spurious active migration (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 8b16f2e - drm/amdgpu: fix license on Kconfig and Makefiles (bsc#1152472) - commit af71d3c - drm/amdgpu: Call find_vma under mmap_sem (bsc#1152489) - commit 45b9c9d - drm/amd/powerplay: Fix error handling in smu_init_fb_allocations() (bsc#1152489) - commit ac2af40 - exit: panic before exit_mm() on global init exit (bsc#1161549). - commit e6e6d28 - rpmsg: char: release allocated memory (CVE-2019-19053 bsc#1161520). - commit bdab989 - media: rc: prevent memory leak in cx23888_ir_probe (CVE-2019-19054 bsc#1161518). - commit 91d7fee - libertas: make lbs_ibss_join_existing() return error code on rates overflow (CVE-2019-14896 bsc#1157157 CVE-2019-14897 bsc#1157155). - libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held (CVE-2019-14896 bsc#1157157 CVE-2019-14897 bsc#1157155). - commit a649646 - libnvdimm/region: Enable MAP_SYNC for volatile regions (bsc#1161291). - commit 8ecd112 ++++ Mesa: - U_0001-gallium-Fix-a-couple-of-multiple-definition-warnings.patch U_0002-r600-Move-get_pic_param-to-radeon_vce.c.patch U_0003-radeon-Move-si_get_pic_param-to-radeon_vce.c.patch U_0004-radeon-Fix-multiple-definition-error-with-radeon_deb.patch U_0005-radv-Remove-syncobj_handle-variable-in-header.patch U_0006-nouveau-nvc0-add-extern-keyword-to-nvc0_miptree_vtbl.patch * fixes build with gcc10 using -fno-common as default now (boo#1160578) ++++ openssl-1_1: - Import FIPS patches from SLE-15 * openssl-fips-dont_run_FIPS_module_installed.patch * openssl-fips_mode.patch * openssl-ship_fips_standalone_hmac.patch * openssl-fips-clearerror.patch * openssl-fips-selftests_in_nonfips_mode.patch ++++ libsolv: - fixed solv_zchunk decoding error if large chunks are used - treat retracted pathes as irrelevant - made add_update_target work with multiversion installs - bump version to 0.7.11 ++++ libxml2: - Security fix: [bsc#1161517, CVE-2020-7595] * xmlStringLenDecodeEntities in parser.c has an infinite loop in a certain end-of-file situation - Add libxml2-CVE-2020-7595.patch ++++ raspberrypi-firmware: - Update to be2713bed4 (2020-01-16): * firmware: master: arm_ldconfig: Support multiple initramfs files See: #1318 * firmware: power: Make pmicrd/pmicwr available to all * firmware: arm_ldconfig: Support multiple initramfs files See: #1318 * firmware: Add support for backlight enable * firmware: Revert mmal: Support 64 bit clients See: raspberrypi/userland#586 * firmware: arm_dt/dtoverlay fixes for ARM side camera driver power control * firmware: Fixup for vcgencmd display_power See: #1224 * firmware: Add hdmi_wifi_pixel_freq_adj config option ++++ raspberrypi-firmware-config: - Update to be2713bed4 (2020-01-16): * firmware: master: arm_ldconfig: Support multiple initramfs files See: #1318 * firmware: power: Make pmicrd/pmicwr available to all * firmware: arm_ldconfig: Support multiple initramfs files See: #1318 * firmware: Add support for backlight enable * firmware: Revert mmal: Support 64 bit clients See: raspberrypi/userland#586 * firmware: arm_dt/dtoverlay fixes for ARM side camera driver power control * firmware: Fixup for vcgencmd display_power See: #1224 * firmware: Add hdmi_wifi_pixel_freq_adj config option ++++ u-boot-rpiarm64: - Package u-boot.img instead of u-boot.bin for snow and spring ++++ yast2: - CommandLine: Add ability to actions to skip writing. Useful for more CLI bug fixes e.g. bsc#1160928 - 4.2.57 - Evaluating system release/version in an more understandable form for the user e.g. "15-SP2" (improvement for fate#325834). - 4.2.56 ------------------------------------------------------------------ ------------------ 2020-1-21 - Jan 21 2020 ------------------- ------------------------------------------------------------------ ++++ glibc: - backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423) ++++ ignition: - Do not use SSH keys fragments, those are not supported by openSUSE. [boo#1161265] ++++ kernel-default: - powerpc: drmem: avoid NULL pointer dereference when drmem is unavailable (bsc#1160659). - commit 1775954 - igc: Add PHY power management control (bsc#1160632). - igc: Add support for TSO (bsc#1160634). - igc: Add SKU for i225 device (bsc#1160634). - igc: Remove unused definition (bsc#1160634). - igc: Fix typo in a comment (bsc#1160634). - igc: Use Start of Packet signal from PHY for timestamping (bsc#1160634). - igc: Add support for ethtool GET_TS_INFO command (bsc#1160634). - igc: Add support for TX timestamping (bsc#1160634). - igc: Add support for RX timestamping (bsc#1160634). - igc: Add basic skeleton for PTP (bsc#1160634). - igc: Remove no need declaration of the igc_sw_init (bsc#1160634). - igc: Remove no need declaration of the igc_write_itr (bsc#1160634). - igc: Remove no need declaration of the igc_assign_vector (bsc#1160634). - igc: Remove no need declaration of the igc_free_q_vector (bsc#1160634). - igc: Remove no need declaration of the igc_free_q_vectors (bsc#1160634). - igc: Remove no need declaration of the igc_irq_disable (bsc#1160634). - igc: Remove no need declaration of the igc_irq_enable (bsc#1160634). - igc: Remove no need declaration of the igc_configure_msix (bsc#1160634). - igc: Remove no need declaration of the igc_set_rx_mode (bsc#1160634). - igc: Remove no need declaration of the igc_set_interrupt_capability (bsc#1160634). - igc: Remove no need declaration of the igc_alloc_mapped_page (bsc#1160634). - igc: Remove no need declaration of the igc_configure (bsc#1160634). - igc: Remove no need declaration of the igc_set_default_mac_filter (bsc#1160634). - igc: Remove no need declaration of the igc_power_down_link (bsc#1160634). - igc: Remove no need declaration of the igc_clean_tx_ring (bsc#1160634). - igc: Remove serdes comments from a description of methods (bsc#1160634). - igc: Add legacy power management support (bsc#1160634). - igc: Add 64 bit DMA access support (bsc#1160634). - igc: Fix parameter descriptions for a several functions (bsc#1160634). - igc: Fix the parameter description for igc_alloc_rx_buffers (bsc#1160634). - igc: Remove excess parameter description from igc_is_non_eop (bsc#1160634). - igc: Prefer to use the pci_release_mem_regions method (bsc#1160634). - igc: Improve the DMA mapping flow (bsc#1160634). - igc: Add scatter gather support (bsc#1160634). - cxgb4: reject overlapped queues in TC-MQPRIO offload (jsc#SLE-8389). - cxgb4: fix Tx multi channel port rate limit (jsc#SLE-8389). - net: sched: act_ctinfo: fix memory leak (bsc#1154353). - bnxt_en: Do not treat DSN (Digital Serial Number) read failure as fatal (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix ipv6 RFS filter matching logic (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix NTUPLE firmware command failures (jsc#SLE-8371 bsc#1153274). - net: hns: fix soft lockup when there is not enough memory (bsc#1154353). - net: avoid updating qdisc_xmit_lock_key in netdev_update_lockdep_key() (bsc#1154353). - net/sched: act_ife: initalize ife->metalist earlier (bsc#1154353). - netfilter: nat: fix ICMP header corruption on ICMP errors (bsc#1154353). - netfilter: nf_tables: fix flowtable list del corruption (bsc#1154353). - netfilter: nf_tables: remove WARN and add NLA_STRING upper limits (bsc#1154353). - netfilter: nft_tunnel: ERSPAN_VERSION must not be null (bsc#1154353). - netfilter: nft_tunnel: fix null-attribute check (bsc#1154353). - netfilter: nf_tables: store transaction list locally while requesting module (bsc#1154353). - netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct (bsc#1154353). - netfilter: fix a use-after-free in mtype_destroy() (bsc#1154353). - net: hns3: pad the short frame before sending to the hardware (bsc#1154353). - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() (bsc#1154353). - tcp: fix marked lost packets not being retransmitted (bsc#1154353). - mlxsw: spectrum_qdisc: Include MC TCs in Qdisc counters (bsc#1154488). - mlxsw: spectrum: Wipe xstats.backlog of down ports (bsc#1154488). - mlxsw: switchx2: Do not modify cloned SKBs during xmit (bsc#1154488). - mlxsw: spectrum: Do not modify cloned SKBs during xmit (bsc#1154488). - mlxsw: spectrum: Do not enforce same firmware version for multiple ASICs (bsc#1154488). - devlink: correct misspelling of snapshot (bsc#1154353). - devlink: Wait longer before warning about unset port type (bsc#1154353). - ipv4: Detect rollover in specific fib table dump (bsc#1154353). - net/tls: fix async operation (bsc#1154353). - net/tls: avoid spurious decryption error with HW resync (bsc#1154353). - e1000e: Revert "e1000e: Make watchdog use delayed work" (jsc#SLE-8100). - i40e: Set PHY Access flag on X722 (jsc#SLE-8025). - iavf: remove current MAC address filter on VF reset (jsc#SLE-7940). - igb: Fix SGMII SFP module discovery for 100FX/LX (jsc#SLE-7967 jsc#SLE-8010). - ixgbe: Fix calculation of queue with VFs and flow director on interface flap (jsc#SLE-7979 jsc#SLE-7981). - ixgbevf: Remove limit of 10 entries for unicast filter list (jsc#SLE-7979 jsc#SLE-7981). - i40e: Fix virtchnl_queue_select bitmap validation (jsc#SLE-8025). - xprtrdma: Fix oops in Receive handler after device removal (jsc#SLE-8449). - xprtrdma: Fix completion wait during device removal (jsc#SLE-8449). - xprtrdma: Fix create_qp crash on device unload (jsc#SLE-8449). - commit 42c7e2a - blacklist.conf: added 1a8211c7d8717b19c1e9fa41d19fe6a55409765e - commit 302e64e - KVM: vmx: Introduce handle_unexpected_vmexit and handle WAITPKG vmexit (jsc#SLE-11070). - commit f99f84d - KVM: vmx: Emulate MSR IA32_UMWAIT_CONTROL (jsc#SLE-11070). - Refresh patches.suse/kvm-vmx-implement-msr_ia32_tsx_ctrl-disable-rtm-functionality. - commit e194189 - KVM: x86: Add support for user wait instructions (jsc#SLE-11070). - commit dd3d6b5 - perf/x86/cstate: Add Comet Lake CPU support (jsc#SLE-10621). - commit 344f793 - perf/x86/msr: Add Comet Lake CPU support (jsc#SLE-10621). - commit ed2c0f6 - perf/x86/intel: Add Comet Lake CPU support (jsc#SLE-10621). - commit 03d1cee - PCI: mobiveil: ls_pcie_g4: fix SError when accessing config space (bsc#1161495). - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011451 (bsc#1161495). - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011577 (bsc#1161495). - commit 2049c57 - Revert "rsi: fix potential null dereference in rsi_probe()" (git-fixes). - commit 2ef75f1 ++++ libeconf: - Update to version 0.3.4+git20200121.febebf2: * Release version 0.3.4 * Fix buffer overflow in econf_readDirs * Fix parsing of quoted strings, and values starting with delimiters * tests: add test for quoted strings * tests: tst-configdirs5: fix config dir paths ++++ openssl-1_1: - Don't run FIPS power-up self-tests when the checksum files aren't installed (bsc#1042392) * add openssl-fips-run_selftests_only_when_module_is_complete.patch - Import FIPS patches from Fedora (bsc#1157702, jsc#SLE-9553) * openssl-1.1.1-fips-crng-test.patch * openssl-1.1.1-fips-post-rand.patch * openssl-1.1.1-fips.patch * openssl-1.1.0-issuer-hash.patch * openssl-1.1.1-evp-kdf.patch * openssl-1.1.1-ssh-kdf.patch replaces openssl-jsc-SLE-8789-backport_KDF.patch - keep EVP_KDF functions at version 1.1.1d for backward compatibility * add openssl-keep_EVP_KDF_functions_version.patch ++++ systemd: - Drop scripts-udev-convert-lib-udev-path.sh Nobody should need it these days. ++++ nvme-cli: - Update to version 1.10 (jsc#SLE-7726 jsc#SLE-8339 bsc#1160329): * Release v1.10 * Regen documentation * Use asprintf for long names * WDC plugin update * Fix systemd service script use of CONNECT_ARGS env var * Shannon Plugin update. * Doc/Makefile: Introduce 'quiet' build option * Makefile: use 'quiet' compile * Makefile: Use special variables * micron: don't ignore 'system()' return value * Fix libhugetlbfs flags * Regenerate documentation * Micron plugin updates * README.md: Mention the buildroot package * nvmf-autoconnect: add udev rules to set iopolicy for certain NetApp devices * Fix intel json latency statistics output format * intel: Add function lat-stats to cli * Fix typo (bulit -> built) * Warn on admin-passthru opcode not matching read/write flag * MAINT: Fix format compile warning error on 32 bit system * nvme-cli: Check for sysfs interface before NVMe discovery * Revert "Add Dera plugin extension." * Add Dera plugin extension. * Improve self test log command * nvme-cli: Update err to 0 in get_telemetry_log * fixup up self-test log when no test is in progress * nvme-cli: Update err value to 0 in get_ns_id func. * nvme.c: create-ns arguments are added * [NVMe-CLI] Get DUI for SN-340 failing with Data Area 4 - Buffer Misalignment * Minor intel-nvme print refactor * Use simpler nvme ioctl api for admin * Relocate functions and constants to the files that use them * Move all spec defined structs to single file * Update build rules for .c with no .h * Makefile: fix cleaning subdirectories * remove unused "paths" controller field * reign in line lengths * Add print for directive receive * Unify print routines * regenerate documentation * fix fw-download reference to committing fw * argconfig: Remove unused paramters * fix huawei filter to search all namespaces * nvme-cli: Support for hugetlbfs * Remove all 'struct nvme_command' usage * nvme-cli: Update PMR Capability and PMR Status * nvme-cli: Update Controller Capabilities Register * nvme-cli: Update NVMe Registers * fixup attach-ns documentation * Add files via upload * Regen docs, add host-nqn man page * fix namespace checks for legacy list * Reset wdc_do_cap_dui default parameters to the proper values * README.md: Mention the OpenEmbedded/Yocto recipe * Intel plugin: Adding fields to id-ctrl VU region * udev: convert the discovery event handler to the kernel support * Use a systemd app-specific machine ID for hostnqn * nvme-cli: Add 'transport type' error to the error log * nvme-cli: Update nvme_endurance_group_log structure * Adding fields to id-ctrl VU reigon for Intel DC drives * Check return value of scandir * nvme-cli: Add namespace-id option to self-test-log * Report invalid output format for 'list' command * Provide no-binary output format help text * regen documentation * Documentation: nvme-wdc-vs-fw-activate-history(1,html) generated * nvme-cli/fabrics: Add tos param to connect cmd * nvme.spec.in: fix rpm build error * Correct self-test-log output * nvme: Add 'Endurance Group Critical Warning Summary' to the Smart/Health information Log * make: install-hostparams depends on install-etc * MAINT: compile warning error on 32 bit system * nvme-print: fix to print ctrltype when human-readable * nvme: add Persistent Memory Region(PMR) Write Elasticity Status Registers * [NVMe-CLI] Fix Potential Memory Leak with vs-internal-log command. * regen docs * fix admin-passthru documentation typo * nvme-cli: Fix namespace list output * Fix builds for missing uuid * Revert "remove LIBUUID things from nvme.h" * Revert "nvme-cli: Fix compile on non-libuuid machines" * Revert "fix uuid include typo" * remove LIBUUID things from nvme.h * fix build error due to asprintf() * id-ctrl: show Flush command behavior in VWC * fix uuid include typo * nvme-cli: Fix compile on non-libuuid machines * Regen docs * nvme-cli: Code cleanup * nvme-cli: Macro'ify argument defines * nvme-cli: Code reorg * [NVMe-CLI] Add support to specify file size in get DUI data for SN340. * Regenerate documentation * nvme-cli: Make 'list' more useful * id-ctrl: show Persistent Event Log support in LPA * id-ctrl: show Persistent Event Log Size(PELS) * id-ctrl: show Endurance Group Maximum ID(ENDGIDMAX) * id-ctrl: show FRU Globally Unique Identifier(FGUID) * id-ctrl: show Controller Type(CNTRLTYPE) * id-ctrl: update id-ctrl header for 1.4 * systemd: fix echo call with absolute path * nvmf-autoconnect: fix absolute path for systemctl * make: install udev rules in sysconfdir * Add an example for attach-ns * make: fix discovery.conf override * fabrics: fix loop connect-all * nvme: fix compilation error * nvme-cli: Enhance format FNA detection * nvme-cli: Warn and delay before formatting * nvme-cli: prefill metadata buffers * Fixed bash-nvme-completion.sh typo - Makefile: generate Dracut config according to UDEVDIR * Add 0001-Makefile-generate-Dracut-config-according-to-UDEVDIR.patch - Makefile: use UDEVRULESDIR instead of UDEVDIR * Add 0101-Makefile-use-UDEVRULESDIR-instead-of-UDEVDIR.patch - Dropped patch merged with upstream * Delete 0101-nvme-add-iopolicy-rules-for-netapp.patch ++++ python-six: - update to 1.14.0 * Add `six.assertNotRegex` * `six.moves._dummy_thread` now points to the `_thread` module on Python 3.9+. Python 3.7 and later requires threading and deprecated the `_dummy_thread` module * Remove support for Python 2.6 and Python 3.2 * `six.wraps` now ignores missing attributes ++++ read-only-root-fs: - Update to version 1.0+git20200121.5ed8d15: * Always mount /root during initrd [boo#1161264] ++++ runc: - Change packagewide go version to be greater or equal to 1.10. ------------------------------------------------------------------ ------------------ 2020-1-20 - Jan 20 2020 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - Update to v0.7.5 - do not expose internal xattrs through listxattr and getxattr ++++ kernel-default: - blacklist.conf: Add ppc booke fixes. 3a0990ca1a00 powerpc/booke: Spelling s/date/data/ 71eb40fc5337 powerpc/kasan: Fix boot failure with RELOCATABLE && FSL_BOOKE - commit 8f24d42 - cfg80211: fix page refcount issue in A-MSDU decap (git-fixes). - cfg80211: fix memory leak in cfg80211_cqm_rssi_update (git-fixes). - cfg80211: fix memory leak in nl80211_probe_mesh_link (git-fixes). - cfg80211: fix deadlocks in autodisconnect work (git-fixes). - r8152: add missing endpoint sanity check (git-fixes). - net: usb: lan78xx: limit size of local TSO packets (git-fixes). - i2c: iop3xx: Fix memory leak in probe error path (git-fixes). - i2c: tegra: Properly disable runtime PM on driver's probe error (git-fixes). - i2c: tegra: Fix suspending in active runtime PM state (git-fixes). - mtd: rawnand: gpmi: Restore nfc timing setup after suspend/resume (git-fixes). - mtd: rawnand: gpmi: Fix suspend/resume problem (git-fixes). - drm/i915: Add missing include file (git-fixes). - efi/earlycon: Fix write-combine mapping on x86 (git-fixes). - staging: comedi: ni_routes: allow partial routing information (git-fixes). - staging: comedi: ni_routes: fix null dereference in ni_find_route_source() (git-fixes). - iio: light: vcnl4000: Fix scale for vcnl4040 (git-fixes). - iio: buffer: align the size of scan bytes to size of the largest element (git-fixes). - iio: chemical: pms7003: fix unmet triggered buffer dependency (git-fixes). - iio: imu: st_lsm6dsx: Fix selection of ST_LSM6DS3_ID (git-fixes). - clk: sunxi-ng: r40: Allow setting parent rate for external clock outputs (git-fixes). - clk: qcom: gcc-sdm845: Add missing flag to votable GDSCs (git-fixes). - dmaengine: k3dma: Avoid null pointer traversal (git-fixes). - drm/amdgpu: enable gfxoff for raven1 refresh (git-fixes). - net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive() (git-fixes). - net: gemini: Fix memory leak in gmac_setup_txqs (git-fixes). - rsi: fix potential null dereference in rsi_probe() (git-fixes). - commit 4cb2bed - kernel-binary.spec.in: do not recommend firmware for kvmsmall and azure flavor (boo#1161360). - commit dbe7b27 - torture: Remove exporting of internal functions (bsc#1156395). - commit 3c30cc1 - config/x86_64/kvmsmall: Enable UINPUT (boo#1161305). - commit 61a4f71 - ASoC: msm8916-wcd-digital: Reset RX interpolation path after use (git-fixes). - ASoC: msm8916-wcd-analog: Fix MIC BIAS Internal1 (git-fixes). - ASoC: sti: fix possible sleep-in-atomic (git-fixes). - ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1 (git-fixes). - ASoC: hdac_hda: Fix error in driver removal after failed probe (git-fixes). - ASoC: SOF: Intel: fix HDA codec driver probe with multiple controllers (git-fixes). - ASoC: SOF: Intel: lower print level to dbg if we will reinit DSP (git-fixes). - ASoC: stm32: dfsdm: fix 16 bits record (git-fixes). - ASoC: Intel: bytcht_es8316: Fix Irbis NB41 netbook quirk (git-fixes). - ASoC: rt5640: Fix NULL dereference on module unload (git-fixes). - ALSA: seq: Fix racy access for queue timer in proc read (git-fixes). - ALSA: usb-audio: fix sync-ep altsetting sanity check (git-fixes). - ALSA: dice: fix fallback from protocol extension into limited functionality (git-fixes). - ALSA: firewire-tascam: fix corruption due to spin lock without restoration in SoftIRQ context (git-fixes). - commit 5af0dd5 - NFC: pn533: fix bulk-message timeout (git-fixes). - commit 442eed3 - USB: serial: quatech2: handle unbound ports (git-fixes). - commit d0020c8 - USB: serial: keyspan: handle unbound ports (git-fixes). - commit 32ba490 - USB: serial: io_edgeport: add missing active-port sanity check (git-fixes). - commit 1494e56 - USB: serial: io_edgeport: handle unbound ports on URB completion (git-fixes). - commit 6182181 - USB: serial: ch341: handle unbound port at reset_resume (git-fixes). - commit 2b59c4a - blacklist.conf: it removes an attribute from sysfs - commit 3748cd2 - USB: serial: opticon: fix control-message timeouts (git-fixes). - commit 6bc0895 - mm: memcg/slab: call flush_memcg_workqueue() only if memcg workqueue is valid (git fixes (mm/slab)). - mm: memcg/slab: fix percpu slab vmstats flushing (git fixes (mm/memcg)). - mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment (git fixes (mm/pgtable)). - mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment (git fixes (mm/pgtable)). - mm/memory_hotplug: don't free usage map when removing a re-added early section (git fixes (mm/hotplug)). - commit 1508be3 - bpf: Sockmap/tls, fix pop data with SK_DROP return code (bsc#1155518). - bpf: Sockmap/tls, skmsg can have wrapped skmsg that needs extra chaining (bsc#1155518). - bpf: Sockmap/tls, tls_sw can create a plaintext buf > encrypt buf (bsc#1155518). - bpf: Sockmap/tls, msg_push_data may leave end mark in place (bsc#1155518). - bpf: Sockmap, skmsg helper overestimates push, pull, and pop bounds (bsc#1155518). - bpf: Sockmap/tls, push write_space updates through ulp updates (bsc#1155518). - bpf: Sockmap, ensure sock lock held during tear down (bsc#1155518). - net: bpf: Don't leak time wait and request sockets (bsc#1155518). - bpf/sockmap: Read psock ingress_msg before sk_receive_queue (bsc#1155518). - commit 8d7a4ba - bpf: Sockmap/tls, during free we may call tcp_bpf_unhash() in loop (bsc#1155518). - bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1155518). - bpftool: Fix printing incorrect pointer in btf_dump_ptr (bsc#1155518). - commit 67424a0 ++++ libgcrypt: - ECDSA: Check range of coordinates (bsc#1161216) * add libgcrypt-ECDSA_check_coordinates_range.patch ++++ libzypp: - Selectable: Fix highestAvailableVersionObj if only retracted packages are available. Avoid using retracted items as candidate (jsc#SLE-8770) - version 17.21.0 (20) ++++ python-rpm-macros: - Add python-rpm-generators to express setuptools dependency for generator ++++ raspberrypi-firmware: - Add rpi4-thermal device tree overlay for RPi4 (bsc#1160311) ++++ raspberrypi-firmware-config: - Add rpi4-thermal device tree overlay for RPi4 (bsc#1160311) ++++ suse-module-tools: - Update to version 15.2.10: * ppc64le: fix dependency of papr_scm (bsc#1142152, ltc#176292, FATE#327775). ------------------------------------------------------------------ ------------------ 2020-1-19 - Jan 19 2020 ------------------- ------------------------------------------------------------------ ++++ zchunk: - Update to version 1.1.5 + Handle write errors correctly ------------------------------------------------------------------ ------------------ 2020-1-17 - Jan 17 2020 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - Update to v0.7.4 - fix fallocate for deleted files. - ignore O_DIRECT. It causes issues with libfuse not using an aligned buffer, causing write(2) to fail with EINVAL. - on copyup, do not copy the opaque xattr. - fix a wrong lookup for whiteout files, that could happen on a double unlink. ++++ kernel-default: - s390/qeth: consolidate some duplicated HW cmd code (jsc#SLE-7474). - Refresh patches.suse/s390-qeth-fix-initialization-on-old-hw. - commit 00d9aa3 - s390/qeth: merge qeth_reply struct into qeth_cmd_buffer (jsc#SLE-7542). - Refresh patches.suse/s390-qeth-fix-dangling-io-buffers-after-halt-clear. - commit 9542e64 - s390/qeth: return proper errno on IO error (jsc#SLE-7542). - s390/qeth: fix potential deadlock on workqueue flush (jsc#SLE-7542). - s390/qeth: Fix initialization of vnicc cmd masks during set online (jsc#SLE-7542). - s390/qeth: Fix error handling during VNICC initialization (jsc#SLE-7542). - s390/qdio: clarify size of the QIB parm area (jsc#SLE-7542). - s390/ctcm: Delete unnecessary checks before the macro call "dev_kfree_skb" (jsc#SLE-7542). - s390/lcs: don't use intparm for channel IO (jsc#SLE-7542). - s390/ctcm: don't use intparm for channel IO (jsc#SLE-7542). - s390/qeth: streamline control code for promisc mode (jsc#SLE-7542). - s390/qeth: get vnicc sub-cmd type from reply data (jsc#SLE-7542). - s390/qeth: keep cmd alive after IO completion (jsc#SLE-7542). - s390/qeth: use correct length field in SNMP cmd callback (jsc#SLE-7542). - s390/qeth: propagate length of processed cmd IO data to callback (jsc#SLE-7542). - s390/qeth: use node_descriptor struct (jsc#SLE-7542). - commit 8223e8d - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk (bsc#1065600). - commit 5b346da - Refresh patches.suse/target-add-lio-rbd-to-makefile-Kconfig.patch: (fate#318836). - supported.conf: relist target_core_rbd (fate#318836) - re-enable CONFIG_TCM_RBD=m - Refresh patches.suse/target-add-rbd-backend.patch: (fate#318836). + use upstream RBD bvecs API and split out compare&write and write-same request support - Refresh patches.suse/rbd-add-lio-specific-data-area.patch: (fate#318836). + rebased, with lio_cmd_data moved into union with rq/copyup state - Add patches.suse/rbd-add-img_request-done-callback.patch: (fate#318836). + this is needed for target_core_rbd SCSI cmd completion following 7114edac357b ("rbd: new request completion code") - Refresh patches.suse/rbd-move-structs-used-by-lio-rbd-to-new-header.patch: (fate#318836). + rebase and expose bvecs instead of sgl API for data payload - Refresh patches.suse/rbd-export-some-functions-used-by-lio-rbd-backend.patch: (fate#318836). + export bvecs API for data payload - commit d3df489 - Deletions for target_core_rbd refactoring - Drop upstreamed patches patches.suse/target-configfs-add-device-vendor_id-attribute.patch patches.suse/target-remove-hardcoded-T10-Vendor-ID-in-INQUIRY-res.patch - Merge with target-add-rbd-backend.patch patches.suse/0001-target_core_rbd-use-RCU-in-free_device.patch patches.suse/0002-target_core_rbd-break-up-free_device-callback.patch patches.suse/target-rbd-don-t-put-snap_context-twice.patch patches.suse/target-rbd-handle-zero-length-UNMAP-requests-early.patch patches.suse/target-rbd-use-target_configure_unmap_from_queue-hel.patch - Remove rbd sgl patches following target_core_rbd bvec conversion patches.suse/libceph-add-scatterlist-messenger-data-type.patch patches.suse/libceph-fix-scatterlist-last_piece-calculation.patch patches.suse/rbd-add-support-for-scatterlist-obj_request_type.patch patches.suse/rbd-handle-OBJ_REQUEST_SG-types-for-copyup.patch - Drop compare-and-write support pending bvecs conversion patches.suse/0001-rbd-drop-extra-rbd_img_request_get.patch patches.suse/libceph-add-support-for-CMPEXT-compare-extent-reques.patch patches.suse/rbd-add-num-ops-calculator-helper.patch patches.suse/rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch patches.suse/rbd-copy-compare-and-write-osd-requests-before-resub.patch patches.suse/rbd-don-t-log-miscompare-as-an-error.patch patches.suse/rbd-helper-to-copy-compare-and-write-osd-requests.patch patches.suse/rbd-truncate-objects-on-cmpext-short-reads.patch patches.suse/target-add-COMPARE_AND_WRITE-sg-creation-helper.patch patches.suse/target-add-compare-and-write-callback.patch patches.suse/target-compare-and-write-backend-driver-sense-handli.patch patches.suse/target-rbd-remove-caw_mutex-usage.patch patches.suse/rbd-add-write-test-helper.patch - Drop SCSI Reservation support pending upstream discussion patches.suse/0002-rbd-make-sure-pages-are-freed-by-libceph.patch patches.suse/ceph-osd_client-add-support-for-CEPH_OSD_OP_GETXATTR.patch patches.suse/libceph-fix-pr_fmt-compile-issues.patch patches.suse/rbd-add-cmpsetattr-device-attribute-for-debugging.patch patches.suse/rbd-add-getxattr-device-attribute-for-debugging.patch patches.suse/rbd-add-rbd_dev_cmpsetxattr-helper.patch patches.suse/rbd-add-rbd_dev_getxattr-helper.patch patches.suse/rbd-add-rbd_dev_setxattr-helper.patch patches.suse/rbd-add-setxattr-device-attribute-for-debugging.patch patches.suse/rbd-do-away-with-obj_request-in-cmpsetxattr.patch patches.suse/rbd-do-away-with-obj_request-in-getxattr.patch patches.suse/rbd-do-away-with-obj_request-in-setxattr.patch patches.suse/target-fix-tcm_rbd_gen_it_nexus-for-emulated-XCOPY-s.patch patches.suse/target-pr-add-backend-API-for-reservation-handling.patch patches.suse/target-pr-fix-core_scsi3_pr_seq_non-caller.patch patches.suse/target-pr-split-out-and-export-core_scsi3_pr_seq_non.patch patches.suse/target-rbd-SCSI3-check-conflict-support.patch patches.suse/target-rbd-add-SCSI2-reservation-entry-to-PR-info.patch patches.suse/target-rbd-add-pr_clear-support.patch patches.suse/target-rbd-add-pr_preempt-support.patch patches.suse/target-rbd-add-pr_read_reservation-support.patch patches.suse/target-rbd-add-pr_release-support.patch patches.suse/target-rbd-add-pr_report_capabilities-support.patch patches.suse/target-rbd-add-pr_reserve-support.patch patches.suse/target-rbd-add-stubbed-out-pr_read_full_status.patch patches.suse/target-rbd-add-stubbed-out-pr_register_and_move.patch patches.suse/target-rbd-add-support-for-PR-register-read-keys.patch patches.suse/target-rbd-fix-PR-info-memory-leaks.patch patches.suse/target-rbd-handle-SCSI2-reservation-release-on-reset.patch patches.suse/target-rbd-implement-SCSI2-reservation-handling.patch - Remove write-same support pending bvecs conversion patches.suse/libceph-add-support-for-write-same-requests.patch patches.suse/libceph-use-upstream-write-same-opcode.patch patches.suse/rbd-add-support-for-writesame-requests.patch - commit 1277a52 ++++ gcc10: - Bump to r507de5ee23efdc8a16d6b0b6488e118055c711cd. ++++ libgcrypt: - FIPS: libgcrypt DSA PQG parameter generation: Missing value [bsc#1161219] - FIPS: libgcrypt DSA PQG verification incorrect results [bsc#1161215] - FIPS: libgcrypt RSA siggen/keygen: 4k not supported [bsc#1161220] * Add patch from Fedora libgcrypt-1.8.4-fips-keygen.patch - FIPS: keywrap gives incorrect results [bsc#1161218] * Add libgcrypt-AES-KW-fix-in-place-encryption.patch ++++ python-rpm-macros: - Update to version 20200117.8e39013 bsc#1161770: * Add macros related to the Python dist metadata dependency generator ++++ runc: - Update CVE-2019-19921 patch to match upstream PR. * CVE-2019-19921.patch ------------------------------------------------------------------ ------------------ 2020-1-16 - Jan 16 2020 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-14-12023f2e8aae5b2ac3a895301945566b9f5eb9c3.patch drop dev.cdrom.autoclose = 0 from sysctl config (bsc#1160970) ++++ kernel-default: - Documentation/ABI: Add missed attribute for mlxreg-io sysfs interfaces (git-fixes). - Documentation/ABI: Fix documentation inconsistency for mlxreg-io sysfs interfaces (git-fixes). - commit 4873021 - platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 (git-fixes). - platform/x86: GPD pocket fan: Use default values when wrong modparams are given (git-fixes). - platform/mellanox: fix potential deadlock in the tmfifo driver (git-fixes). - commit 0bb7471 - Delete patches.suse/x86-cpu_entry_area-Map-also-trace_idt_table.patch. The real fixes have been upstream since v4.14. - commit 46e9a10 - i40iw: Remove setting of VMA private data and use rdma_user_mmap_io (jsc#SLE-8449). - IB/hfi1: Adjust flow PSN with the correct resync_psn (jsc#SLE-8449). - IB/hfi1: Don't cancel unused work item (jsc#SLE-8449). - RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (jsc#SLE-8372 bsc#1153275). - RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (jsc#SLE-8372 bsc#1153275). - netfilter: conntrack: dccp, sctp: handle null timeout argument (bsc#1154353). - netfilter: arp_tables: init netns pointer in xt_tgchk_param struct (bsc#1154353). - macvlan: do not assume mac_header is set in macvlan_broadcast() (bsc#1154353). - net: sch_prio: When ungrafting, replace with FIFO (bsc#1154353). - mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO (bsc#1154488). - gtp: fix bad unlock balance in gtp_encap_enable_socket (bsc#1154353). - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM (bsc#1154353). - net/mlx5: DR, Init lists that are used in rule's member (jsc#SLE-8464). - net/mlx5e: Fix hairpin RSS table size (jsc#SLE-8464). - net/mlx5: DR, No need for atomic refcount for internal SW steering resources (jsc#SLE-8464). - Revert "net/mlx5: Support lockless FTE read lookups" (jsc#SLE-8464). - net/mlx5: Move devlink registration before interfaces load (jsc#SLE-8464). - net/mlx5e: Always print health reporter message to dmesg (jsc#SLE-8464). - net/mlx5e: Avoid duplicating rule destinations (jsc#SLE-8464). - sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY (bsc#1154353). - net: Google gve: Remove dma_wmb() before ringing doorbell (bsc#1154353). - sch_cake: avoid possible divide by zero in cake_enqueue() (bsc#1154353). - tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK (bsc#1154353). - commit b1356f9 - Delete patches.suse/btrfs-suspend-qgroups-during-relocation-recovery.patch. This patch is no longer needed for v5.3. Since v5.1 we have proper qgroup + balance optimization to avoid unnecessary rescan. - commit b92eedd - Delete patches.suse/0001-btrfs-qgroup-Make-qgroup-async-transaction-commit-mo.patch. This patch is already upstreamed in v5.1, thus already included. - commit 5b34f2a ++++ snapper: - Fix "Snapper is not creating the post snapshot" (bsc#1160938) - Fix `make clean; make check` failing in zypp-plugin (bsc#1160891) - version 0.8.9 ++++ raspberrypi-firmware-dt: - Add rpi4-thermal.dts overlay, which provides CPU thermal measurements (bsc#1160311). ++++ rpm: - Backport more ndb fixes from upstram modified patch: ndb-backport.diff - Build with zstd support in openSUSE Leap 15 and SLE-15-SP2 [bnc#1162668] ------------------------------------------------------------------ ------------------ 2020-1-15 - Jan 15 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - overlayfs: pseudo dev obviates treating btrfs as different Delete patches.suse/ovl-treat-btrfs-as-different-mount.patch. - commit e1e67d4 - apparmor: Delete apparmor patches not required for v5.3 - Delete patches.suse/0001-apparmor-fix-unnecessary-creation-of-net-compat.patch. - Delete patches.suse/0001-apparmor-patch-to-provide-compatibility-with-v2.x-ne.patch. - Delete patches.suse/0003-apparmor-fix-use-after-free-in-sk_peer_label.patch. - Delete patches.suse/apparmor-compatibility-with-v2.x-net.patch. - commit faddc27 - supported.conf: mark gpio-mlxbf as supported - commit 987e308 - arm: Implement copy_thread_tls (git-fixes). - drm/i915: Hold reference to intel_frontbuffer as we track activity (git-fixes). - drm/i915/tgl: Drop Wa#1178 (git-fixes). - ARM: vexpress: Set-up shared OPP table instead of individual for each CPU (git-fixes). - commit 5a1c660 - blacklist.conf: Add cosmetic entry for drivers/reset/Kconfig - commit 9ca8239 - acpi: disable deprecated warnings (bsc#1160977). - commit 509dee8 - Delete patches.suse/ras-cec-disable-cec.patch. Now we're behaving the same way as upstream. - commit 9e8f6dc - drivers: ipmi: Modify max length of IPMB packet (jsc#SLE-10262). - drivers: ipmi: Support raw i2c packet in IPMB (jsc#SLE-10262). - commit 856cc09 - supported.conf: mark ipmb_dev_int as supported (jsc#SLE-10262) Also mentioned in bsc#1119861 - commit 995fffc - ipmi: fix ipmb_poll()'s return type (jsc#SLE-10262). - commit 96db5f2 - Update patches.suse/USB-Fix-Don-t-skip-endpoint-descriptors-with-maxpack.patch (bsc#1159811 bsc#1152932). Added further bug this fixes - commit 698a1af - Refresh patches.suse/mm-debug_pagealloc-don-t-rely-on-static-keys-too-ear.patch. - Update to final upstream version and move to sorted section. - commit 0b6c359 - keys: Fix request_key() cache (git-fixes). - i2c: fix bus recovery stop mode timing (git-fixes). - usb: musb: Disable pullup at init (git-fixes). - USB-PD tcpm: bad warning+size, PPS adapters (git-fixes). - USB: serial: option: add ZLP support for 0x1bc7/0x9010 (git-fixes). - phy/rockchip: inno-hdmi: round clock rate down to closest 1000 Hz (git-fixes). - phy: mapphone-mdm6600: Fix uninitialized status value regression (git-fixes). - chardev: Avoid potential use-after-free in 'chrdev_open()' (git-fixes). - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 (git-fixes). - staging: vt6656: set usb_set_intfdata on driver fail (git-fixes). - staging: vt6656: remove bool from vnt_radio_power_on ret (git-fixes). - staging: vt6656: limit reg output to block size (git-fixes). - staging: vt6656: correct return of vnt_init_registers (git-fixes). - staging: vt6656: Fix non zero logical return of, usb_control_msg (git-fixes). - tty: always relink the port (git-fixes). - drm/i915: Add Wa_1407352427:icl,ehl (git-fixes). - drm/i915: Add Wa_1408615072 and Wa_1407596294 to icl,ehl (git-fixes). - gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism (git-fixes). - gpiolib: acpi: Turn dmi_system_id table into a generic quirk table (git-fixes). - Input: add safety guards to input_set_keycode() (git-fixes). - HID: hid-input: clear unmapped usages (git-fixes). - HID: Fix slab-out-of-bounds read in hid_field_extract (git-fixes). - tty: link tty and port before configuring it as console (git-fixes). - commit cc6ecc7 ++++ libvirt: - Update to libvirt 6.0.0 - jsc#SLE-6997, jsc#SLE-6998 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html - Dropped patches: 0a65cba4-news-fix.patch 07aaced4-Add-TAA-No.patch, f411b7ef6-Add-TSX-CTRL.patch, 50d7465f-qemu-firmware1.patch, 57f9067c-qemu-firmware2.patch, 7c5264d2-qemu-firmware3.patch, 8e1804f9-qemu-firmware4.patch, 8fcee478-qemu-firmware5.patch ++++ mozilla-nspr: - update to version 4.24 * added macro PR_ASSERT_ARG * removed some declarations * added support for Nios-II, Nds32 and Microblaze architectures ++++ python-libvirt-python: - Update to 6.0.0 - Add all new APIs and constants in libvirt 6.0.0 - Revert commit b22e4f24 to retain python2 support a bit longer on SUSE revert-b22e4f24.patch ++++ suse-module-tools: - Update to version 15.2.9: * 00-system.conf: move br_netfilter softdep to separate file (boo#1158817) ------------------------------------------------------------------ ------------------ 2020-1-14 - Jan 14 2020 ------------------- ------------------------------------------------------------------ ++++ bcache-tools: - Update to tag 1.1 * add blkdiscard for cache dev * add 'label' field * allow users to set label for device ++++ ca-certificates-mozilla: - update to 2.40 state of the Mozilla NSS Certificate store (bsc#1160160) - removed: - Certplus Class 2 Primary CA - Deutsche Telekom Root CA 2 - CN=Swisscom Root CA 2 - UTN-USERFirst-Client Authentication and Email - added: - Entrust Root Certification Authority - G4 ++++ dracut: - Update to version 049+git118.a6090e2f: * Implement support for verifying the boot with fipscheck (bsc#1158530) ++++ hwinfo: - merge gh#openSUSE/hwinfo#84 - the /sbin/udevadm compat symlink is gone - 21.68 ++++ ignition: - Add 0002-allow-multiple-mounts-of-same-device.patch: Allow mounting a device multiple times, e.g. to mount several subvolumes from a Btrfs device or bind mounting the device to multiple places, by also adding the path to the key. [Workaround for gh#coreos/ignition#890] ++++ kernel-default: - drm/i915/gen9: Clear residual context state on context switch (CVE-2019-14615 bsc#1160195). - commit d10cf58 - drivers: ipmi: Support for both IPMB Req and Resp (jsc#SLE-10262). - commit a109ac6 - EDAC, mellanox: Add ECC support for BlueField DDR4 (jsc#SLE-10262). - Update config files. Build EDAC_BLUEFIELD as module - supported.conf: Mark bluefield_edac as supported - commit bda0819 - platform/mellanox: fix the mlx-bootctl sysfs (jsc#SLE-10262). - commit c5d7bab - platform/mellanox: Fix Kconfig indentation (jsc#SLE-10262). - platform/mellanox: Add bootctl driver for Mellanox BlueField Soc (jsc#SLE-10262). - Update config files: build MLXBF_BOOTCTL as module - supported.conf: add mlxbf-bootctl - driver core: add dev_groups to all drivers (jsc#SLE-10262). - commit 619e678 - sched, fair: Allow a small load imbalance between low utilisation SD_NUMA domains (bnc#1160896). - commit fef7d8c - blacklist.conf: Blacklist a11391b6f506 ("scripts: package: mkdebian: add missing rsync dependency") - commit 4a86d94 - thermal: Add BCM2711 thermal driver (bsc#1160311). - Update config files. - supported.conf: Add bcm2711-thermal - commit 8743e23 - scripts/git_sort/git_sort.py: Add thermal tree - commit b511c78 - Refresh patches.suse/pstore-backend-autoaction. - commit 62c0377 ++++ nghttp2: - Update to version 1.40.0 to fix CVE-2019-18802 in envoy-proxy and cilium-proxy (bsc#1166481) * lib: Add nghttp2_check_authority as public API * lib: Fix the bug that stream is closed with wrong error code * lib: Faster huffman encoding and decoding * build: Avoid filename collision of static and dynamic lib * build: Add new flag ENABLE_STATIC_CRT for Windows * build: cmake: Support building nghttpx with systemd * third-party: Update neverbleed to fix memory leak * nghttpx: Fix bug that mruby is incorrectly shared between backends * nghttpx: Reconnect h1 backend if it lost connection before sending headers * nghttpx: Returns 408 if backend timed out before sending headers * nghttpx: Fix request stal ++++ systemd: - Temporarily restore /sbin/{udevd,udevadm) obsolete symlinks They're restored until YaST stop using them (see boo#1160890) - Import commit 8254b8d9646f3e0f5f8057d1ffb5d6c20f079aaa (merge v244.1) 639dc9f4bf network: set ipv6 mtu after link-up or device mtu change cbced49daa man: fix typo in net-naming-scheme man page 7dd04c99b0 network: tc: drop unused element bf4b7d07ba man: fix typos (#14304) 1ba2e7a730 ipv4ll: do not reset conflict counter on restart 49806bb310 macro: avoid subtraction overflow in ALIGN_POWER2() c4c1600689 test-network: add a test case for SendOption= 6f15b45949 network: fix segfault in parsing SendOption= 2e531b830d seccomp: real syscall numbers are >= 0 f7616ed52b network: fix copy and paste mistake e8b53300c4 network: do not drop foreign config if interface is in initialized state 00f05813bf seccomp: mmap test results depend on kernel/libseccomp/glibc 4de1909e61 seccomp: use per arch shmat_syscall d83010521d seccomp: ensure rules are loaded in seccomp_memory_deny_write_execute 2c6568221a seccomp: fix multiplexed system calls bcf0aa02bf Fix typo (duplicate "or") 96d7083c54 network: if /sys is rw, then udev should be around e874419902 nspawn: do not fail if udev is not running 29c9144655 Create parent directories when creating systemd-private subdirs 9cbb8b5254 network: do not return error but return UINT64_MAX if speed meter is disabled c08429ae33 core: swap priority can be negative f25c0be335 networkctl: fix to show BSSID 65fd2fce59 systemctl: enhance message about kexec missing kernel bdd0af5f81 Fixup typo in NEWS ++++ qemu: - Fix xenfv migration from xen host with pre-v4.0 qemu (bsc#1159755) hw-i386-disable-smbus-migration-for-xenf.patch - Create files within bundles.tar.xz with fixed timestamp and uid ++++ runc: - Add backported fix for CVE-2019-19921. bsc#1160452 + CVE-2019-19921.patch ++++ yast2: - Add a text helper to strip HTML tags (related bsc#1157780) - Moves text helpers to String refinements, keeping backward compatibility. - 4.2.55 ------------------------------------------------------------------ ------------------ 2020-1-13 - Jan 13 2020 ------------------- ------------------------------------------------------------------ ++++ cni: - Set correct CNI version for 99-loopback.conf ++++ kernel-default: - powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (bsc#1156395). - commit 252a29d - Update references: patches.suse/x86-fpu-Don-t-cache-access-to-fpu_fpregs_owner_ctx.patch (add bsc#1158887). - commit b4c1446 - powerpc/mm: Mark get_slice_psize() & slice_addr_is_low() as notrace (bsc#1156395). - powerpc: Fix __clear_user() with KUAP enabled (bsc#1156395). - powerpc/fixmap: Use __fix_to_virt() instead of fix_to_virt() (bsc#1156395). - powerpc: Chunk calls to flush_dcache_range in arch_*_memory (bsc#1156395). - commit bb8bcdd - Btrfs: fix infinite loop during nocow writeback due to race (bsc#1160804). - commit ef1dd9a - Btrfs: fix removal logic of the tree mod log that leads to use-after-free issues (bsc#1160803). - commit d3f68f5 - tracing: Change offset type to s32 in preempt/irq tracepoints (bsc#1160794). - commit 3de9401 - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail (bsc#1160787). - commit 11f6e8d - ftrace: Avoid potential division by zero in function profiler (bsc#1160784). - commit 55123bf - blacklist.conf: b8299d362d08 ("tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined") We cannot run into the scenario with our codebase and configs. - commit 1491d6e - Update patches.suse/x86-fpu-Don-t-cache-access-to-fpu_fpregs_owner_ctx.patch (bnc#1151927 5.3.15 CVE-2019-19602). Add CVE number. - commit c2d738c - Move upstreamed qlde patches into sorted section - commit 8ed9cca - patches.suse/0010-netfilter-ipset-avoid-null-deref-when-IPSET_ATTR_LIN.patch: (git-fixes). - patches.suse/0011-netfilter-nft_flow_offload-fix-underflow-in-flowtabl.patch: (git-fixes). - patches.suse/0012-netfilter-bridge-make-sure-to-pull-arp-header-in-br_.patch: (git-fixes). - patches.suse/0009-net-phy-broadcom-Fix-RGMII-delays-configuration-for-.patch: (git-fixes). - patches.suse/0008-net-stmmac-Fix-TSO-descriptor-with-Enhanced-Addressi.patch: (git-fixes). - patches.suse/0007-net-stmmac-selftests-Prevent-false-positives-in-filt.patch: (git-fixes). - patches.suse/0006-net-stmmac-selftests-Fix-L2-Hash-Filter-test.patch: (git-fixes). - patches.suse/0005-net-stmmac-gmac4-Not-all-Unicast-addresses-may-be-av.patch: (git-fixes). - patches.suse/0004-net-stmmac-selftests-Check-if-filtering-is-available.patch: (git-fixes). - patches.suse/0003-net-stmmac-xgmac-Disable-the-Timestamp-interrupt-by-.patch: (git-fixes). - net: stmmac: dwmac-meson8b: Fix signedness bug in probe (git-fixes). - patches.suse/0001-netfilter-nf_tables_offload-avoid-excessive-stack-us.patch: (git-fixes). - commit aa9a965 - Delete patches.suse/cifs-fix-set-info.patch. Applied to v4.12+, not needed anymore. - commit b070525 - blacklist.conf: Append 'drm/amdgpu: hide another #warning' - commit b0c0990 - blacklist.conf: Append 'drm/amdgpu: revert "disable bulk moves for now"' - commit 8d0546c - blacklist.conf: Append 'drm/amdgpu: Fix KFD-related kernel oops on Hawaii' - commit c48f714 - drm/meson: vclk: use the correct G12A frac max value (bsc#1152489) - commit 7b38ed0 - drm/mipi-dbi: fix a loop in debugfs code (bsc#1152489) - commit d510e3b - blacklist.conf: Append 'drm/i915: Fix g4x sprite scaling stride check with GTT remapping' - commit cf03598 - blacklist.conf: Append 'drm/i915/dp: Fix dsc bpp calculations, v5.' - commit 44b95e2 - blacklist.conf: Append 'drm/i915: Mark contents as dirty on a write fault' - commit fa91ba4 - blacklist.conf: Append 'drm/i915: Bump skl+ max plane width to 5k for linear/x-tiled' - commit 9d6eb9a - blacklist.conf: Append 'drm/i915: Don't mix srcu tag and negative error codes' - commit e879648 - powerpc/irq: fix stack overflow verification (bsc#1065729). - commit 3c46adb - Delete patches.suse/firmware-arm_sdei-fix-wrong-of_node_put-in-init-function.patch. Applied to v5.0, not needed anymore. - commit a8b4a26 - powerpc/mm: drop #ifdef CONFIG_MMU in is_ioremap_addr() (bsc#1065729). - powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729). - powerpc/pkeys: remove unused pkey_allows_readwrite (bsc#1065729). - powerpc/64s/radix: Fix build failure with RADIX_MMU=n (bsc#1065729). - commit 710230e - HID: hidraw, uhid: Always report EPOLLOUT (git-fixes). - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (git-fixes). - hidraw: Return EPOLLOUT from hidraw_poll (git-fixes). - commit be1efe9 - Enable SCSI patches after review - Refresh patches.suse/fcoe-reduce-max_sectors. - commit cdd6e89 - Remove disabled NVMe patches after review - Delete patches.suse/nvme-Do-not-remove-namespaces-during-reset.patch. - Delete patches.suse/nvme-flush-scan_work-when-resetting-controller.patch. - Delete patches.suse/nvme-schedule-requeue-whenever-a-LIVE-state-is-enter.patch. - Delete patches.suse/nvme-skip-nvme_update_disk_info-if-the-controller-is.patch. - commit 0f8d58e - vlan: vlan_changelink() should propagate errors (git-fixes). - vlan: fix memory leak in vlan_dev_set_egress_priority (git-fixes). - vxlan: fix tos value before xmit (git-fixes). - commit cb7ad7e - usb: missing parentheses in USE_NEW_SCHEME (git-fixes). - usb: ohci-da8xx: ensure error return on variable error is set (git-fixes). - usb: musb: fix idling for suspend after disconnect interrupt (git-fixes). - USB: serial: option: add Telit ME910G1 0x110a composition (git-fixes). - usb: chipidea: host: Disable port power only if previously enabled (git-fixes). - usb: dwc3: gadget: Fix request complete check (git-fixes). - usb: musb: dma: Correct parameter passed to IRQ handler (git-fixes). - USB: core: fix check for duplicate endpoints (git-fixes). - sbitmap: only queue kyber's wait callback if not already active (git-fixes). - rfkill: Fix incorrect check to avoid NULL pointer dereference (git-fixes). - usb: typec: fusb302: Fix an undefined reference to 'extcon_get_state' (git-fixes). - regulator: fix use after free issue (git-fixes). - spi: spi-ti-qspi: Fix a bug when accessing non default CS (git-fixes). - spi: spi-cavium-thunderx: Add missing pci_release_regions() (git-fixes). - spi: pxa2xx: Add support for Intel Jasper Lake (git-fixes). - reset: Do not register resource data for missing resets (git-fixes). - USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein (git-fixes). - commit fb98c64 - phy: cpcap-usb: Fix flakey host idling and enumerating of devices (git-fixes). - phy: cpcap-usb: Fix error path when no host driver is loaded (git-fixes). - powercap: intel_rapl: add NULL pointer check to rapl_mmio_cpu_online() (git-fixes). - pstore/ram: Regularize prz label allocation lifetime (git-fixes). - pinctrl: meson: Fix wrong shift value when get drive-strength (git-fixes). - pinctrl: lochnagar: select GPIOLIB (git-fixes). - net: ethernet: ti: davinci_cpdma: fix warning "device driver frees DMA memory with different size" (git-fixes). - psi: Fix a division error in psi poll() (git-fixes). - net: ethernet: ti: ale: clean ale tbl on init and intf restart (git-fixes). - net: ethernet: ti: Add dependency for TI_DAVINCI_EMAC (git-fixes). - commit f56a8be - net: usb: lan78xx: fix possible skb leak (git-fixes). - net: phylink: fix failure to register on x86 systems (git-fixes). - commit dfe6464 - i2c: bcm2835: Store pointer to bus clock (git-fixes). - mtd: onenand: omap2: Pass correct flags for prep_dma_memcpy (git-fixes). - mtd: rawnand: stm32_fmc2: avoid to lock the CPU bus (git-fixes). - Input: input_event - fix struct padding on sparc64 (git-fixes). - commit 016c9c2 - gpio: zynq: Fix for bug in zynq_gpio_restore_context API (git-fixes). - HID: hiddev: fix mess in hiddev_open() (git-fixes). - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll (git-fixes). - efi/gop: Fix memory leak in __gop_query32/64() (git-fixes). - efi/gop: Return EFI_SUCCESS if a usable GOP was found (git-fixes). - efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs (git-fixes). - commit 07644ef - Delete patches.suse/s390-sles15-05-01-gmb.patch (unused code). - commit 396bd69 - staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 (git-fixes). - drm/i915/gt: Mark up virtual engine uabi_instance (git-fixes). - drm/fb-helper: Round up bits_per_pixel if possible (git-fixes). - drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model (git-fixes). - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ (git-fixes). - cfg80211: fix double-free after changing network namespace (git-fixes). - drm/exynos: gsc: add missed component_del (git-fixes). - commit 9472262 - can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode (git-fixes). - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting (git-fixes). - can: kvaser_usb: fix interface sanity check (git-fixes). - can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs (git-fixes). - commit d7cc7b3 - Delete patches.suse/s390-sles15-bpf-indirect-call.patch (code removed). - commit 5611b27 - ALSA: hda: enable regmap internal locking (git-fixes). - ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen (git-fixes). - ALSA: hda/realtek - Set EAPD control to default for ALC222 (git-fixes). - ASoC: topology: Prevent use-after-free in snd_soc_get_pcm_runtime() (git-fixes). - ASoC: fsl_audmix: add missed pm_runtime_disable (git-fixes). - ASoC: stm32: spdifrx: fix input pin state management (git-fixes). - ASoC: stm32: spdifrx: fix race condition in irq handler (git-fixes). - ASoC: stm32: spdifrx: fix inconsistent lock state (git-fixes). - ASoC: soc-core: Set dpcm_playback / dpcm_capture (git-fixes). - ASoC: SOF: fix fault at driver unload after failed probe (git-fixes). - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 (git-fixes). - ALSA: hda/realtek - Add new codec supported for ALCS1200A (git-fixes). - commit 2b19b57 - Delete outdated kmsg patches: - patches.suse/s390-sles15sp1-kmsg-update-2019-01-10.patch - patches.suse/s390-sles15sp1-kmsg-update-2019-03-08.patch - patches.suse/s390-sles15-00-04-04-kmsg-add-VNIC-Characteristics-msg-documentation.patch - commit 687aa24 - iommu/vt-d: Unlink device if failed to add to group (bsc#1160752). - iommu: Remove device link to group on failure (bsc#1160750). - iommu/vt-d: Fix adding non-PCI devices to Intel IOMMU (bsc#1160751). - commit 0ea0858 - bpf: Fix passing modified ctx to ld/abs/ind instruction (bsc#1155518). - bpf: cgroup: prevent out-of-order release of cgroup bpf (bsc#1155518). - commit 0a9f272 - megaraid_sas: fixup MSIx interrupt setup during resume (bsc#1160647). - commit c59143f - devpts_pty_kill(): don't bother with d_delete() (jsc#SLE-9943). - commit 7312898 ++++ libbsd: - bsc#1160551 (CVE-2019-20367): Fix out-of-bounds read during a comparison for a symbol name from the string table. - Add libbsd-0.8.7-CVE-2019-20367.patch ++++ Mesa: - Enable LLVM support on riscv64 ++++ libssh: - Update to latest version of patch for CVE-2019-14889; (bsc#1158095) * Update CVE-2019-14889.patch ++++ podman: - Add: 0001-clarify-container-prune-force.patch to fix the --force flag for the "container prune" command. (https://github.com/containers/libpod/issues/4844) ++++ python-Babel: - update to 2.8.0 * CLDR: Upgrade to CLDR 36.0 * Messages: Don't even open files with the "ignore" extraction method * Numbers: Fix formatting very small decimals when quantization is disabled * Messages: Attempt to sort all messages ++++ salt: - Support for Btrfs and XFS in parted and mkfs added - Added: * support-for-btrfs-and-xfs-in-parted-and-mkfs.patch ------------------------------------------------------------------ ------------------ 2020-1-12 - Jan 12 2020 ------------------- ------------------------------------------------------------------ ++++ Mesa: - Update to version 19.3.2 * Intel and AMD drivers make up the bulk of the changes, with a bit of nir and glsl, plus a sprinkling of other stuff in there. ------------------------------------------------------------------ ------------------ 2020-1-11 - Jan 11 2020 ------------------- ------------------------------------------------------------------ ++++ python-gobject: - Drop gnome-common Requires from python-gobject-common-devel sub-package, no longer needed, nor used since 3.29.1, where the BuildRequires was dropped, but the explicit Requires was not removed by mistake. ++++ qemu: - Add a %bcond_without system_membarrier along with related processing to the spec file, to better investigate running QEMU with the --disable-membarrier configure option ------------------------------------------------------------------ ------------------ 2020-1-10 - Jan 10 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update config options that were missing on arm64 in commit 7dd255172f6798f5ec3ab63db55384fbd980125e (bsc#1158776). - commit 597cc24 - Set CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 on arm64 (bsc#1158776). - commit 855731d - Enable CONFIG_VMAP_STACK on arm64 (bsc#1158776). - commit 51f78da - Disable CONFIG_PCCARD on arm64 (bsc#1158776). - commit 04bc6eb - supported.conf: Enable mdio-bcm-unimac (bsc#1160310) Needed in order for Raspberry Pi 4's ethernet port to work. - commit 8c2fc6c - export: avoid code duplication in include/linux/export.h (jsc#SLE-10158). - modpost: remove unneeded local variable in contains_namespace() (jsc#SLE-10158). - scripts/nsdeps: support nsdeps for external module builds (jsc#SLE-10158). Refresh patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch - modpost: dump missing namespaces into a single modules.nsdeps file (jsc#SLE-10158). Refresh patches.suse/supported-flag - modpost: free ns_deps_buf.p after writing ns_deps files (jsc#SLE-10158). - modpost: do not invoke extra modpost for nsdeps (jsc#SLE-10158). Refresh patches.suse/supported-flag patches.suse/supported-flag-external - scripts/nsdeps: make sure to pass all module source files to spatch (jsc#SLE-10158). - scripts/nsdeps: use alternative sed delimiter (jsc#SLE-10158). - symbol namespaces: revert to previous __ksymtab name scheme (jsc#SLE-10158). - modpost: make updating the symbol namespace explicit (jsc#SLE-10158). - modpost: delegate updating namespaces to separate function (jsc#SLE-10158). - doc: move namespaces.rst from kbuild/ to core-api/ (jsc#SLE-10158). - nsdeps: make generated patches independent of locale (jsc#SLE-10158). - nsdeps: fix hashbang of scripts/nsdeps (jsc#SLE-10158). - kbuild: fix build error of 'make nsdeps' in clean tree (jsc#SLE-10158). - module: rename __kstrtab_ns_* to __kstrtabns_* to avoid symbol conflict (jsc#SLE-10158). - modpost: fix broken sym->namespace for external module builds (jsc#SLE-10158). - module: swap the order of symbol.namespace (jsc#SLE-10158). - scripts: add_namespace: Fix coccicheck failed (jsc#SLE-10158). - module: Fix link failure due to invalid relocation on namespace offset (jsc#SLE-10158). - usb-storage: export symbols in USB_STORAGE namespace (jsc#SLE-10158). - usb-storage: remove single-use define for debugging (jsc#SLE-10158). - docs: Add documentation for Symbol Namespaces (jsc#SLE-10158). - scripts: Coccinelle script for namespace dependencies (jsc#SLE-10158). Refresh patches.suse/supported-flag patches.suse/supported-flag-external - modpost: add support for generating namespace dependencies (jsc#SLE-10158). Refresh patches.suse/supported-flag - export: allow definition default namespaces in Makefiles or sources (jsc#SLE-10158). - module: add config option MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS (jsc#SLE-10158). Refresh configs (add MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS=n). - modpost: add support for symbol namespaces (jsc#SLE-10158). Refresh patches.suse/livepatch-modpost-ignore-unresolved-symbols.patch - module: add support for symbol namespaces (jsc#SLE-10158). - export: explicitly align struct kernel_symbol (jsc#SLE-10158). - module: support reading multiple values per modinfo tag (jsc#SLE-10158). - commit 4ff553d - Enable CONFIG_SECURITY_DMESG_RESTRICT on arm64 (bsc#1158776). - commit 08863e8 - supported.conf: fix order of the entries - commit 8e2c146 - scsi: add 'disable_async_probing' module argument (jsc#SLE-11117,bsc#1156954). - drivers/base: implement dev_enable_async_probe() (jsc#SLE-11117,bsc#1156954). - commit cbc6624 - Update config files. (bsc#1160067) Disable CONFIG_KEYS_REQUEST_CACHE. The CONFIG_KEYS_REQUEST_CACHE adds a cache in task_struct for the result of request_key(). But it causes kernel NULL pointer dereference problem when we run the long-run testing by the request_key03 test case in LTP. The issue can be reproduced on v5.3 mainline kernel and later, even on v5.5-rc kernel. The CONFIG_KEYS_REQUEST_CACHE be introduced by 7743c48e54ee9be9c patch since v5.3 kernel: commit 7743c48e54ee9be9c799cbf3b8e3e9f2b8d19e72 Author: David Howells Date: Wed Jun 19 16:10:15 2019 +0100 keys: Cache result of request_key*() temporarily in task_struct Before this issue be fixed on kernel upstream, Let's disable the CONFIG_KEYS_REQUEST_CACHE function on SLE15-SP2 on all architecture. - commit f6f29a6 ++++ kexec-tools: - Fix compiling errors of multiboot2_x86_* functions for i586 * kexec-tools-build-multiboot2-for-i386.patch ++++ rdma-core: - Update to v27.0 (bsc#1160338) - No release notes available - Dropped patches merged upstream: - bnxt_re-lib-Add-remaining-pci-ids-for-gen-P5-devices.patch - bnxt_re-lib-Recognize-additional-5750x-device-ID-s.patch - Add patches to support older HW (nes, cxgb3) that was dropped upstream - Revert-Update-kernel-headers.patch - Revert-libcxgb3-Remove-libcxgb3-from-rdma-core.patch - Revert-libnes-Remove-libnes-from-rdma-core.patch ++++ NetworkManager: - Update to version 1.22.4: + Fix behavior of internal DHCP client when the server sends a NAK. + Support 31-bit prefixes on IPv4 point-to-point links according to RFC 3021. + Fix memory leak parsing RequestScan D-Bus method arguments. ++++ qemu: - Include upstream patches targeted for the next stable release (bug fixes only) arm-arm-powerctl-set-NSACR.-CP11-CP10-bi.patch backup-top-Begin-drain-earlier.patch block-Activate-recursively-even-for-alre.patch display-bochs-display-fix-memory-leak.patch Fix-double-free-issue-in-qemu_set_log_fi.patch hw-arm-smmuv3-Align-stream-table-base-ad.patch hw-arm-smmuv3-Apply-address-mask-to-line.patch hw-arm-smmuv3-Check-stream-IDs-against-a.patch hw-arm-smmuv3-Correct-SMMU_BASE_ADDR_MAS.patch hw-arm-smmuv3-Report-F_STE_FETCH-fault-a.patch hw-arm-smmuv3-Use-correct-bit-positions-.patch i386-Resolve-CPU-models-to-v1-by-default.patch intel_iommu-a-fix-to-vtd_find_as_from_bu.patch iotests-Fix-IMGOPTSSYNTAX-for-nbd.patch iotests-Provide-a-function-for-checking-.patch iotests-Skip-test-060-if-it-is-not-possi.patch iotests-Skip-test-079-if-it-is-not-possi.patch numa-properly-check-if-numa-is-supported.patch qcow2-bitmaps-fix-qcow2_can_store_new_di.patch Revert-qemu-options.hx-Update-for-reboot.patch vhost-user-gpu-Drop-trailing-json-comma.patch virtio-blk-fix-out-of-bounds-access-to-b.patch virtio-mmio-update-queue-size-on-guest-w.patch virtio-net-delete-also-control-queue-whe.patch virtio-update-queue-size-on-guest-write.patch - Include performance improvement virtio-don-t-enable-notifications-during.patch - Repair incorrect packaging references to Jira tracked features ++++ raspberrypi-firmware-dt: - Update rpi4-genet-overlay.dts and create upstream-rpi4-genet-phy.patch to fix phy configuration (bsc#1160310) - Update to 30757c902b (2020-01-09) * based on rpi-5.4.y ++++ u-boot-rpiarm64: - Fix firefly-rk3288 and tinker-rk3288 by using TPL instead of SPL (SPL too big) - Fix mx6qsabrelite build ++++ yast2: - Do not refresh package installation overview if the medium has been changed and the user has switched to the release notes tab. (bsc#1129426, bsc#1159367) - 4.2.54 - Fixed error during upgrade if Btrfs is used and '/var/lib/YaST2' is missing (bsc#1159562) - 4.2.53 - Propagate an error status when a CommandLine module gets an unknown command (related to bsc#1144351). - 4.2.52 ------------------------------------------------------------------ ------------------ 2020-1-9 - Jan 9 2020 ------------------- ------------------------------------------------------------------ ++++ cni-plugins: - Update to version 0.8.4 (bsc#1160460): * add support for mips64le * Add missing cniVersion in README example * bump go-iptables module to v0.4.5 * iptables: add idempotent functions * portmap doesn't fail if chain doesn't exist * fix portmap port forward flakiness * Add Bruce Ma and Piotr Skarmuk as owners ++++ lvm2-device-mapper: - Update lvm.conf file (bsc#1159238) - enable issue_discards by default ++++ dracut: - Update to version 049+git117.d3206e79: * Remove purge-kernels scripts and service (jsc#SLE-10162) ++++ e2fsprogs: - e2fsck-abort-if-there-is-a-corrupted-directory-block.patch: e2fsck: abort if there is a corrupted directory block when rehashing (bsc#1160571 CVE-2019-5188) - e2fsck-don-t-try-to-rehash-a-deleted-directory.patch: 2fsck: don't try to rehash a deleted directory (bsc#1160571 CVE-2019-5188) ++++ fuse-overlayfs: - Update to v0.7.3 - fix build with -fno-common - fix possible segmentation fault in direct_fsync() - use the data store to create missing whiteouts - after a rename, force a directory reload ++++ glibc: - posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834) ++++ kernel-default: - scsi: libsas: stop discovering if oob mode is disconnected (CVE-2019-19965 bsc#1159911). - commit 0bb4d37 - serial: sprd: Add clearing break interrupt operation (git-fixes). - staging/wlan-ng: add CRC32 dependency in Kconfig (git-fixes). - usb: gadget: fix wrong endpoint desc (git-fixes). - selftests: breakpoints: Fix a typo of function name (git-fixes). - commit 1096b35 - samples/seccomp: Zero out members based on seccomp_notif_sizes (git-fixes). - rseq/selftests: Fix: Namespace gettid() for compatibility with glibc 2.30 (git-fixes). - samples/trace_printk: Wait for IRQ work to finish (git-fixes). - samples: pktgen: fix proc_cmd command result check logic (git-fixes). - commit 168e639 - rpmsg: glink: Free pending deferred work on remove (git-fixes). - rpmsg: glink: Don't send pending rx_done during remove (git-fixes). - rpmsg: glink: Fix rpmsg_register_device err handling (git-fixes). - rpmsg: glink: Put an extra reference during cleanup (git-fixes). - rpmsg: glink: Fix use after free in open_ack TIMEOUT case (git-fixes). - rpmsg: glink: Fix reuse intents memory leak issue (git-fixes). - rpmsg: glink: Set tail pointer to 0 at end of FIFO (git-fixes). - commit eefcc8c - ptp: fix the race between the release of ptp_clock and cdev (git-fixes). - phy: renesas: phy-rcar-gen2: Fix the array off by one warning (git-fixes). - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation (git-fixes). - commit 8fdacf8 - s390/qeth: fix initialization on old HW (bsc#1160228 LTC#183076). - commit 4565d24 - media: pulse8-cec: fix lost cec_transmit_attempt_done() call (git-fixes). - media: cec: avoid decrementing transmit_queue_sz if it is 0 (git-fixes). - media: cec: CEC 2.0-only bcast messages were ignored (git-fixes). - net: phy: aquantia: add suspend / resume ops for AQR105 (git-fixes). - gpiolib: fix up emulated open drain outputs (git-fixes). - net: usb: lan78xx: Fix error message format specifier (git-fixes). - net: usb: lan78xx: Fix suspend/resume PHY register access error (git-fixes). - iio: st_accel: Fix unused variable warning (git-fixes). - net: phy: dp83867: enable robust auto-mdix (git-fixes). - commit 9ace80b - s390/qeth: fix dangling IO buffers after halt/clear (bsc#1160227 LTC#183077). - commit 889634e - drm/amdgpu/smu: add metrics table lock for vega20 (v2) (git-fixes). - drm/amdgpu/smu: add metrics table lock for navi (v2) (git-fixes). - drm/amdgpu/smu: add metrics table lock (git-fixes). - commit c292740 - drm/amd/display: Reset steer fifo before unblanking the stream (git-fixes). - drm/amd/display: Change the delay time before enabling FEC (git-fixes). - drm/amd/display: Fixed kernel panic when booting with DP-to-HDMI dongle (git-fixes). - drm/amdgpu: add cache flush workaround to gfx8 emit_fence (git-fixes). - drm/amdgpu: add check before enabling/disabling broadcast mode (git-fixes). - drm/nouveau/kms/nv50-: fix panel scaling (git-fixes). - drm/nouveau: Fix drm-core using atomic code-paths on pre-nv50 hardware (git-fixes). - drm/nouveau: Move the declaration of struct nouveau_conn_atom up a bit (git-fixes). - drm/i915/execlists: Fix annotation for decoupling virtual request (git-fixes). - ath9k_htc: Discard undersized packets (git-fixes). - ath9k_htc: Modify byte order for an error message (git-fixes). - commit bd77fbc - ata: ahci_brcm: Add missing clock management during recovery (git-fixes). - ata: ahci_brcm: BCM7425 AHCI requires AHCI_HFLAG_DELAY_ENGINE (git-fixes). - ata: ahci_brcm: Fix AHCI resources management (git-fixes). - ata: libahci_platform: Export again ahci_platform_able_phys() (git-fixes). - commit 02d31e9 - s390/ftrace: save traced function caller (jsc#SLE-11050). - commit df15586 - s390/unwind: stop gracefully at user mode pt_regs in irq stack (jsc#SLE-11050). - commit cb8ad0f - drivers/base/memory.c: cache blocks in radix tree to accelerate lookup (bsc#1159955 ltc#182993). - commit a6f9349 ++++ kernel-default-base: - Remove iscsi_ibft (bsc#1157460) ++++ lvm2: - Update lvm.conf file (bsc#1159238) - enable issue_discards by default ++++ libvirt: - qemu: Fix firmware auto detection 50d7465f-qemu-firmware1.patch, 57f9067c-qemu-firmware2.patch, 7c5264d2-qemu-firmware3.patch, 8e1804f9-qemu-firmware4.patch, 8fcee478-qemu-firmware5.patch boo#1157378, bsc#1159796 ++++ salt: - Adds list_downloaded for apt Module to enable pre-downloading support - Adds virt.(pool|network)_get_xml functions - Various libvirt updates * Add virt.pool_capabilities function * virt.pool_running improvements * Add virt.pool_deleted state * virt.network_define allow adding IP configuration - Added: * virt.network_define-allow-adding-ip-configuration.patch * list_downloaded-for-apt-module.patch * add-virt.network_get_xml-function.patch ++++ qemu: - Add Cooperlake vcpu model (jsc#SLE-7923) i386-Add-MSR-feature-bit-for-MDS-NO.patch i386-Add-macro-for-stibp.patch i386-Add-new-CPU-model-Cooperlake.patch target-i386-Add-new-bit-definitions-of-M.patch target-i386-Add-missed-features-to-Coope.patch - Add HMAT support (jsc#SLE-8897) (the test case for this series isn't included because we aren't set up to handle binary patches) numa-Extend-CLI-to-provide-initiator-inf.patch numa-Extend-CLI-to-provide-memory-latenc.patch numa-Extend-CLI-to-provide-memory-side-c.patch hmat-acpi-Build-Memory-Proximity-Domain-.patch hmat-acpi-Build-System-Locality-Latency-.patch hmat-acpi-Build-Memory-Side-Cache-Inform.patch tests-numa-Add-case-for-QMP-build-HMAT.patch ++++ raspberrypi-firmware: - Disable overscan by default (bsc#1160473) ++++ raspberrypi-firmware-config: - Disable overscan by default (bsc#1160473) ++++ suse-module-tools: - Update to version 15.2.8: * Add modprobe.conf.s390x (bsc#1132798) ------------------------------------------------------------------ ------------------ 2020-1-8 - Jan 8 2020 ------------------- ------------------------------------------------------------------ ++++ chrony: - bsc#1159840: Add chrony-ntp-era-split.patch from upstream to fix "make check" builds made after 2019-12-20. Existing installations do not need to be updated as the bug only affects the test, but not chrony itself. ++++ ignition: - Add 0001-Throw-error-if-SSH-keys-could-not-be-written.patch: Don't silently ignore if the SSH key could not be written [boo#1159232] ++++ iproute2: - support alternative names as we already support them in SLE15-SP2 kernel (jsc#SLE-7290): lib-ll_map-cache-alternative-names.patch ip-add-support-for-alternative-name-addition-deletio.patch ip-allow-to-use-alternative-names-as-handle.patch ip-fix-oneline-output.patch - follow-up fixes backported from upstream (bsc#1160242): bpf-replace-snprintf-with-asprintf-when-dealing-with.patch bridge-Deduplicate-vlan-show-functions.patch bridge-Fix-BRIDGE_VLAN_TUNNEL-attribute-sizes.patch bridge-Fix-src_vni-argument-in-man-page.patch bridge-Fix-tunnelshow-json-output.patch bridge-Fix-typo-in-error-messages.patch bridge-Fix-vni-printing.patch devlink-Add-a-new-time-stamp-format-for-health-repor.patch devlink-Add-helper-for-left-justification-print.patch devlink-Fix-fmsg-nesting-in-non-JSON-output.patch devlink-Fix-inconsistency-between-command-input-and-.patch devlink-Left-justification-on-FMSG-output.patch devlink-Print-health-reporter-s-dump-time-stamp-in-a.patch devlink-allow-full-range-of-resource-sizes.patch devlink-require-resource-parameters.patch introduce-print_masked_u16-and-print_masked_u32.patch ip-fix-ip-route-show-json-output-for-multipath-nexth.patch ip-xfrm-if_id-ve-value-is-error.patch json_print-Remove-declaration-without-implementation.patch sync-UAPI-header-copies-with-SLE15-SP2.patch tc-fix-segmentation-fault-on-gact-action.patch tc-fix-warning-in-tc-q_pie.c.patch tc-flower-fix-output-for-ip-tos-and-ttl.patch tc-fq_codel-fix-missing-statistic-in-JSON-output.patch tc-pie-add-dq_rate_estimator-option.patch tc_util-add-an-option-to-print-masked-numbers-with-w.patch tc_util-add-functions-for-big-endian-masked-numbers.patch tc_util-introduce-a-function-to-print-JSON-non-JSON-.patch testsuite-Fix-line-count-test.patch ++++ kernel-default: - xfs: fix missed wakeup on l_flush_wait (git-fixes). - commit b398e15 - iomap: iomap that extends beyond EOF should be marked dirty (git-fixes). - commit 1ec5fb2 - xfs: use bitops interface for buf log item AIL flag check (git-fixes). - commit 245f9d1 - xfs: change the seconds fields in xfs_bulkstat to signed (git-fixes). - commit 225e4fb - tpm: Handle negative priv->response_len in tpm_common_read() (git-fixes). - commit f84106a - supported.conf: enable Raspberry Pi cpufreq driver (bsc#1160461). These drivers are required in order to enable CPU frequency scaling on the Raspberry Pi family of boards. - commit 248458d - libertas: Fix two buffer overflows at parsing bss descriptor (CVE-2019-14896 bsc#1157157 CVE-2019-14897 bsc#1157155). - commit 7117d1b - PCI: mobiveil: Add PCIe Gen4 RC driver for NXP Layerscape SoCs (bsc#1161495). - dt-bindings: PCI: Add NXP Layerscape SoCs PCIe Gen4 controller (bsc#1161495). - PCI: mobiveil: Add 8-bit and 16-bit CSR register accessors (bsc#1161495). - PCI: mobiveil: Make mobiveil_host_init() can be used to re-init host (bsc#1161495). - PCI: mobiveil: Add callback function for link up check (bsc#1161495). - PCI: mobiveil: Add callback function for interrupt initialization (bsc#1161495). - PCI: mobiveil: Modularize the Mobiveil PCIe Host Bridge IP driver (bsc#1161495). - PCI: mobiveil: Collect the interrupt related operations into a routine (bsc#1161495). - PCI: mobiveil: Move the host initialization into a routine (bsc#1161495). - PCI: mobiveil: Re-abstract the private structure (bsc#1161495). - commit 3a1031d - PCI: mobiveil: Fix csr_read()/write() build issue (bsc#1161495). - commit 201a79d - arm64: PCI: mobiveil: remove patchset v8 References: bsc#1161495 Prepare to backport patchset v9 - Delete patches.suse/PCI-mobiveil-Add-8-bit-and-16-bit-CSR-register-acces.patch. - Delete patches.suse/PCI-mobiveil-Add-PCIe-Gen4-RC-driver-for-NXP-Layersc.patch. - Delete patches.suse/PCI-mobiveil-Make-mobiveil_host_init-can-be-used-to-.patch. - Delete patches.suse/PCI-mobiveil-Refactor-Mobiveil-PCIe-Host-Bridge-IP-d.patch. - Refresh patches.suse/pci-brcmstb-add-broadcom-stb-pcie-host-controller-driver.patch. - Refresh config/arm64/default - commit 85f695c - iommu: Don't use sme_active() in generic code (bsc#1160320). - commit c7574c0 - Btrfs: fix block group remaining RO forever after error during device replace (bsc#1160442). - commit 3e5a343 - Update patches.suse/iommu-vt-d-fix-dmar-pte-read-access-not-set-error (bsc#1160141, bsc#1159594, bsc#1159592). - commit 0cb2587 - Documentation: Update Documentation for iommu.passthrough (bsc#1160320). - iommu: Disable passthrough mode when SME is active (bsc#1160320). - iommu: Set default domain type at runtime (bsc#1160320). - iommu: Print default domain type on boot (bsc#1160320). - ia64: Get rid of iommu_pass_through (bsc#1160320). - x86/dma: Get rid of iommu_pass_through (bsc#1160320). - iommu/vt-d: Request passthrough mode from IOMMU core (bsc#1160320). - iommu/amd: Request passthrough mode from IOMMU core (bsc#1160320). - iommu: Use Functions to set default domain type in iommu_set_def_domain_type() (bsc#1160320). - iommu: Add helpers to set/get default domain type (bsc#1160320). - iommu: Remember when default domain type was set on kernel command line (bsc#1160320). - commit fbe5ae4 - Disable patches.suse/Documentation-ABI-mark-sys-kernel-fadump_-sysfs-file.patch For some reason, these changes result in "make htmldocs" stuck indefinitely so that kernel-docs fails to build. Whether it's a sphinx bug or some ReST formatting problem (or combination of both), more time will be needed to find a proper solution. As the offending patch touches only documentation, disable it for now so that we do not block Beta2 submission. - commit ab61608 - drm/sun4i: hdmi: Remove duplicate cleanup calls (git-fixes). - drm/i915/gvt: Pin vgpu dma address before using (git-fixes). - drm/i915/gvt: use vgpu lock for active state setting (git-fixes). - drm/i915: Fix pid leak with banned clients (git-fixes). - drm/i915/gem: Keep request alive while attaching fences (git-fixes). - drm/i915: Fix WARN_ON condition for cursor plane ddb allocation (git-fixes). - drm/i915: Set fence_work.ops before dma_fence_init (git-fixes). - drm/i915/fbc: Disable fbc by default on all glk+ (git-fixes). - drm/radeon: fix r1xx/r2xx register checker for POT textures (git-fixes). - drm/amd/display: re-enable wait in pipelock, but add timeout (git-fixes). - drm: limit to INT_MAX in create_blob ioctl (git-fixes). - drm/amdgpu/gfx10: explicitly wait for cp idle after halt/unhalt (git-fixes). - drm/amdgpu: Avoid accidental thread reactivation (git-fixes). - drm/amdgpu: fix potential double drop fence reference (git-fixes). - drm/amdgpu: disallow direct upload save restore list from gfx driver (git-fixes). - drm/amd/display: correctly populate dpp refclk in fpga (git-fixes). - drm/tegra: sor: Use correct SOR index on Tegra210 (git-fixes). - drm/nouveau: Don't grab runtime PM refs for HPD IRQs (git-fixes). - drm/gma500: fix memory disclosures due to uninitialized bytes (git-fixes). - drm/bridge: dw-hdmi: Restore audio when setting a mode (git-fixes). - drm/drm_vblank: Change EINVAL by the correct errno (git-fixes). - drm/amdgpu: fix amdgpu trace event print string format error (git-fixes). - drm/amd/powerplay: avoid disabling ECC if RAS is enabled for VEGA20 (git-fixes). - drm/amd/display: Fix dongle_caps containing stale information (git-fixes). - drm/amd/display: Program DWB watermarks from correct state (git-fixes). - drm/amd/display: wait for set pipe mcp command completion (git-fixes). - drm/amd/display: Properly round nominal frequency for SPD (git-fixes). - drm/amdkfd: Fix MQD size calculation (git-fixes). - drm/amdgpu: fix uninitialized variable pasid_mapping_needed (git-fixes). - drm/amd/powerplay: A workaround to GPU RESET on APU (git-fixes). - drm/amdkfd: fix a potential NULL pointer dereference (v2) (git-fixes). - drm/amd/display: Set number of pipes to 1 if the second pipe was disabled (git-fixes). - drm/amd/display: Handle virtual signal type in disable_link() (git-fixes). - drm/amdgpu: grab the id mgr lock while accessing passid_mapping (git-fixes). - drm/amdgpu/sriov: add ring_stop before ring_create in psp v11 code (git-fixes). - drm/amd/display: verify stream link before link test (git-fixes). - drm/bridge: dw-hdmi: Refuse DDC/CI transfers on the internal I2C controller (git-fixes). - drm/sun4i: dsi: Fix TCON DRQ set bits (git-fixes). - drm/komeda: Workaround for broken FLIP_COMPLETE timestamps (git-fixes). - drm/bridge: analogix-anx78xx: silence -EPROBE_DEFER warnings (git-fixes). - drm: exynos: exynos_hdmi: use cec_notifier_conn_(un)register (git-fixes). - drm/vc4/vc4_hdmi: fill in connector info (git-fixes). - drm/panel: Add missing drm_panel_init() in panel drivers (git-fixes). - commit a4a0b31 - net/sched: add delete_empty() to filters and use it in cls_flower (bsc#1154353). - tcp: Fix highest_sack and highest_sack_seq (bsc#1154353). - cxgb4/cxgb4vf: fix flow control display for auto negotiation (jsc#SLE-8389). - mlxsw: spectrum: Use dedicated policer for VRRP packets (bsc#1154488). - mlxsw: spectrum_router: Skip loopback RIFs during MAC validation (bsc#1154488). - net/sched: act_mirred: Pull mac prior redir to non mac_header_xmit device (bsc#1154353). - net_sched: sch_fq: properly set sk->sk_pacing_status (bsc#1154353). - bnx2x: Fix accounting of vlan resources among the PFs (bsc#1154395). - bnx2x: Use appropriate define for vlan credit (bsc#1154395). - net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1154488). - sctp: fix err handling of stream initialization (bsc#1154353). - udp: fix integer overflow while computing available space in sk_rcvbuf (bsc#1154353). - sfc: Include XDP packet headroom in buffer step size (jsc#SLE-8314). - sfc: fix channel allocation with brute force (jsc#SLE-8314). - net: dst: Force 4-byte alignment of dst_metrics (bsc#1154353). - net: phy: ensure that phy IDs are correctly typed (bsc#1154353). - qede: Disable hardware gro when xdp prog is installed (jsc#SLE-8401). - net: ena: fix issues in setting interrupt moderation params in ethtool (bsc#1154492). - net: ena: fix default tx interrupt moderation interval (bsc#1154492). - net: hisilicon: Fix a BUG trigered by wrong bytes_compl (bsc#1154353). - cxgb4: fix refcount init for TC-MQPRIO offload (jsc#SLE-8389). - net/sched: cls_u32: fix refcount leak in the error path of u32_change() (bsc#1154353). - net, sysctl: Fix compiler warning when only cBPF is present (bsc#1154353). - net/ixgbe: Fix concurrency issues between config flow and XSK (jsc#SLE-7979 jsc#SLE-7981). - net/i40e: Fix concurrency issues between config flow and XSK (jsc#SLE-8025). - net/mlx5e: Fix concurrency issues between config flow and XSK (jsc#SLE-8464). - xsk: Add rcu_read_lock around the XSK wakeup (bsc#1154353). - net-sysfs: Call dev_hold always in rx_queue_add_kobject (bsc#1154353). - nfp: flower: fix stats id allocation (bsc#1154353). - net: fix kernel-doc warning in (bsc#1154353). - net: annotate lockless accesses to sk->sk_pacing_shift (bsc#1154353). - net: qlogic: Fix error paths in ql_alloc_large_buffers() (bsc#1154353). - sctp: fix memleak on err handling of stream initialization (bsc#1154353). - cxgb4: Fix kernel panic while accessing sge_info (jsc#SLE-8389). - net: phylink: fix interface passed to mac_link_up (bsc#1154353). - bnx2x: Fix logic to get total no. of PFs per engine (bsc#1154395). - bnx2x: Do not handle requests from VFs after parity (bsc#1154395). - tcp: refine rule to allow EPOLLOUT generation under mem pressure (bsc#1154353). - tcp: refine tcp_write_queue_empty() implementation (bsc#1154353). - tcp: do not send empty skb from tcp_write_xmit() (bsc#1154353). - tcp/dccp: fix possible race __inet_lookup_established() (bsc#1154353). - ipv6/addrconf: only check invalid header values when NETLINK_F_STRICT_CHK is set (bsc#1154353). - bnxt: apply computed clamp value for coalece parameter (jsc#SLE-8371 bsc#1153274). - qede: Fix multicast mac configuration (jsc#SLE-8401). - net: ena: fix napi handler misbehavior when the napi budget is zero (bsc#1154492). - bnxt_en: Add missing devlink health reporters for VFs (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix the logic that creates the health reporters (jsc#SLE-8371 bsc#1153274). - bnxt_en: Remove unnecessary NULL checks for fw_health (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix bp->fw_health allocation and free logic (jsc#SLE-8371 bsc#1153274). - bnxt_en: Return error if FW returns more data than dump length (jsc#SLE-8371 bsc#1153274). - bnxt_en: Free context memory in the open path if firmware has been reset (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix MSIX request logic for RDMA driver (jsc#SLE-8371 bsc#1153274). - af_packet: set defaule value for tmo (bsc#1154353). - mlxsw: spectrum_router: Remove unlikely user-triggerable warning (bsc#1154488). - bonding: fix bond_neigh_init() (bsc#1154353). - neighbour: remove neigh_cleanup() method (bsc#1154353). - IB/mlx5: Fix device memory flows (jsc#SLE-8446). - IB/core: Introduce rdma_user_mmap_entry_insert_range() API (jsc#SLE-8449). - IB/mlx5: Fix steering rule of drop and count (jsc#SLE-8446). - IB/mlx4: Follow mirror sequence of device add during device removal (jsc#SLE-8461). - RDMA/counter: Prevent auto-binding a QP which are not tracked with res (jsc#SLE-8449). - rxe: correctly calculate iCRC for unaligned payloads (jsc#SLE-8449). - RDMA/cma: add missed unregister_pernet_subsys in init failure (jsc#SLE-8449). - net: make socket read/write_iter() honor IOCB_NOWAIT (bsc#1154353). - commit ad46b33 ++++ kernel-firmware: - Update to version 20200107 (git commit 67d4ff59bf33): * Mellanox: Add new mlxsw_spectrum firmware xx.2000.2714 * radeon: update oland rlc microcode from amdgpu * amdgpu: update vega20 microcode for 19.50 * amdgpu: update vega12 microcode for 19.50 * amdgpu: update vega10 microcode for 19.50 * amdgpu: update picasso microcode for 19.50 * amdgpu: update raven2 microcode for 19.50 * amdgpu: update raven microcode for 19.50 * amdgpu: update navi10 microcode for 19.50 * amdgpu: update navi14 microcode for 19.50 * amdgpu: add TA microcode for Raven asics * qed: Add firmware 8.42.2.0 * Adjust WHENCE entry to check_whence doesn't complain * qcom: Switch SDM845 WLAN firmware * linux-firmware: add NXP firmware licence file * ath10k: WCN3990 hw1.0: add firmware WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1 * ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00070 * ath10k: QCA988X hw2.0: update firmware-5.bin to 10.2.4-1.0-00047 * ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00070 * ath10k: QCA9887 hw1.0: update firmware-5.bin to 10.2.4-1.0-00047 * ath10k: QCA6174 hw3.0: update board-2.bin * linux-firmware: Update AMD cpu microcode (bsc#1160204) * inside-secure: add new "mini" firmware for the EIP197 driver * WHENCE: Add raspberry-pi4 SDIO file * qcom: update venus firmware files for v5.4 * cxgb4: Update firmware to revision 1.24.11.0 * brcm: Add BCM43455 NVRAM for Raspberry Pi 4 B * qcom: Add SDM845 Compute DSP firmware * qcom: Add SDM845 Audio DSP firmware * qcom: Add SDM845 modem firmware ++++ NetworkManager: - Fix 'nfs' dispatcher script It was checking for an enabled unit 'nfs.service' - which does not exist (anymore?). Switched to a check for an enabled unit 'nfs-client.target' ++++ snapper: - Add a "writeble copy" description to the 2nd snapshot of a rollback (Hrotkó Gábor). - Fix the previous version to build on Debian, Ubuntu, and old GCC (bsc#1160306). - version 0.8.8 ++++ podman: - Update podman to v1.7.0 * Features - Added support for setting a static MAC address for containers - Added support for creating macvlan networks with podman network create, allowing Podman containers to be attached directly to networks the host is connected to - The podman image prune and podman container prune commands now support the --filter flag to filter what will be pruned, and now prompts for confirmation when run without --force (#4410 and #4411) - Podman now creates CGroup namespaces by default on systems using CGroups v2 (#4363) - Added the podman system reset command to remove all Podman files and perform a factory reset of the Podman installation - Added the --history flag to podman images to display previous names used by images (#4566) - Added the --ignore flag to podman rm and podman stop to not error when requested containers no longer exist - Added the --cidfile flag to podman rm and podman stop to read the IDs of containers to be removed or stopped from a file - The podman play kube command now honors Seccomp annotations (#3111) - The podman play kube command now honors RunAsUser, RunAsGroup, and selinuxOptions - The output format of the podman version command has been changed to better match docker version when using the - -format flag - Rootless Podman will no longer initialize containers/storage twice, removing a potential deadlock preventing Podman commands from running while an image was being pulled (#4591) - Added tmpcopyup and notmpcopyup options to the --tmpfs and - -mount type=tmpfs flags to podman create and podman run to control whether the content of directories are copied into tmpfs filesystems mounted over them - Added support for disabling detaching from containers by setting empty detach keys via --detach-keys="" - The podman build command now supports the --pull and - -pull-never flags to control when images are pulled during a build - The podman ps -p command now shows the name of the pod as well as its ID (#4703) - The podman inspect command on containers will now display the command used to create the container - The podman info command now displays information on registry mirrors (#4553) * Bugfixes - Fixed a bug where Podman would use an incorrect runtime directory as root, causing state to be deleted after root logged out and making Podman in systemd services not function properly - Fixed a bug where the --change flag to podman import and podman commit was not being parsed properly in many cases - Fixed a bug where detach keys specified in libpod.conf were not used by the podman attach and podman exec commands, which always used the global default ctrl-p,ctrl-q key combination (#4556) - Fixed a bug where rootless Podman was not able to run podman pod stats even on CGroups v2 enabled systems (#4634) - Fixed a bug where rootless Podman would fail on kernels without the renameat2 syscall (#4570) - Fixed a bug where containers with chained network namespace dependencies (IE, container A using --net container=B and container B using --net container=C) would not properly mount /etc/hosts and /etc/resolv.conf into the container (#4626) - Fixed a bug where podman run with the --rm flag and without - d could, when run in the background, throw a 'container does not exist' error when attempting to remove the container after it exited - Fixed a bug where named volume locks were not properly reacquired after a reboot, potentially leading to deadlocks when trying to start containers using the volume (#4605 and [#4621]) - Fixed a bug where Podman could not completely remove containers if sent SIGKILL during removal, leaving the container name unusable without the podman rm --storage command to complete removal (#3906) - Fixed a bug where checkpointing containers started with --rm was allowed when --export was not specified (the container, and checkpoint, would be removed after checkpointing was complete by --rm) (#3774) - Fixed a bug where the podman pod prune command would fail if containers were present in the pods and the --force flag was not passed (#4346) - Fixed a bug where containers could not set a static IP or static MAC address if they joined a non-default CNI network (#4500) - Fixed a bug where podman system renumber would always throw an error if a container was mounted when it was run - Fixed a bug where podman container restore would fail with containers using a user namespace - Fixed a bug where rootless Podman would attempt to use the journald events backend even on systems without systemd installed - Fixed a bug where podman history would sometimes not properly identify the IDs of layers in an image (#3359) - Fixed a bug where containers could not be restarted when Conmon v2.0.3 or later was used - Fixed a bug where Podman did not check image OS and Architecture against the host when starting a container - Fixed a bug where containers in pods did not function properly with the Kata OCI runtime (#4353) - Fixed a bug where `podman info --format '{{ json . }}' would not produce JSON output (#4391) - Fixed a bug where Podman would not verify if files passed to - -authfile existed (#4328) - Fixed a bug where podman images --digest would not always print digests when they were available - Fixed a bug where rootless podman run could hang due to a race with reading and writing events - Fixed a bug where rootless Podman would print warning-level logs despite not be instructed to do so (#4456) - Fixed a bug where podman pull would attempt to fetch from remote registries when pulling an unqualified image using the docker-daemon transport (#4434) - Fixed a bug where podman cp would not work if STDIN was a pipe - Fixed a bug where podman exec could stop accepting input if anything was typed between the command being run and the exec session starting (#4397) - Fixed a bug where podman logs --tail 0 would print all lines of a container's logs, instead of no lines (#4396) - Fixed a bug where the timeout for slirp4netns was incorrectly set, resulting in an extremely long timeout (#4344) - Fixed a bug where the podman stats command would print CPU utilizations figures incorrectly (#4409) - Fixed a bug where the podman inspect --size command would not print the size of the container's read/write layer if the size was 0 (#4744) - Fixed a bug where the podman kill command was not properly validating signals before use (#4746) - Fixed a bug where the --quiet and --format flags to podman ps could not be used at the same time - Fixed a bug where the podman stop command was not stopping exec sessions when a container was created without a PID namespace (--pid=host) - Fixed a bug where the podman pod rm --force command was not removing anonymous volumes for containers that were removed - Fixed a bug where the podman checkpoint command would not export all changes to the root filesystem of the container if performed more than once on the same container (#4606) - Fixed a bug where containers started with --rm would not be automatically removed on being stopped if an exec session was running inside the container (#4666) * Misc - The fixes to runtime directory path as root can cause strange behavior if an upgrade is performed while containers are running - Updated vendored Buildah to v1.12.0 - Updated vendored containers/storage library to v1.15.4 - Updated vendored containers/image library to v5.1.0 - Kata Containers runtimes (kata-runtime, kata-qemu, and kata-fc) are now present in the default libpod.conf, but will not be available unless Kata containers is installed on the system - Podman previously did not allow the creation of containers with a memory limit lower than 4MB. This restriction has been removed, as the crun runtime can create containers with significantly less memory - Remove no longer needed workaround for *.5.md man page sources ++++ yast2: - Fix an exception in the live installation caused by a missing "require" clause (bsc#1160362). - 4.2.51 ------------------------------------------------------------------ ------------------ 2020-1-7 - Jan 7 2020 ------------------- ------------------------------------------------------------------ ++++ conmon: - Add TimedOutMessage to config to share with go code - Fix format string to limit the size of the string to 10 characters ++++ kernel-default: - scsi: qla2xxx: Use get_unaligned_*() instead of open-coding these functions (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Improve readability of the code that handles qla_flt_header (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Update driver version to 10.01.00.22-k (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix mtcp dump collection failure (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix stuck session in GNL (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix RIDA Format-2 (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Consolidate fabric scan (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Correct fcport flags handling (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix stuck login session using prli_pend_timer (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use common routine to free fcport struct (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix update_fcport for current_topology (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Cleanup unused async_logout_done (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix fabric scan hang (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: unregister ports after GPN_FT failure (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit c04a5b0 - Make lzo the default pstore compression method (bsc#1159986). Pstore has compression enabled, pstore is built-in, pstore default compression is deflate, deflate is modular -> pstore initialization fails on boot. Switch default compression to lzo which is built-in and the only built-in method on SLE15. - commit f26faac - watchdog: tqmx86_wdt: Fix build error (git-fixes). - watchdog: Fix the race between the release of watchdog_core_data and cdev (git-fixes). - commit 0917c4e - tty/serial: atmel: fix out of range clock divider handling (git-fixes). - tty: serial: msm_serial: Fix lockup for sysrq and oops (git-fixes). - usb: xhci: Fix build warning seen with CONFIG_PM=n (git-fixes). - usbip: Fix error path of vhci_recv_ret_submit() (git-fixes). - USB: EHCI: Do not return -EPIPE when hub is disconnected (git-fixes). - xhci-pci: Allow host runtime PM as default also for Intel Ice Lake xHCI (git-fixes). - usb: usbfs: Suppress problematic bind and unbind uevents (git-fixes). - usb: renesas_usbhs: add suspend event support in gadget mode (git-fixes). - commit 5e7bf42 - spi: st-ssc4: add missed pm_runtime_disable (git-fixes). - spi: tegra20-slink: add missed clk_unprepare (git-fixes). - spi: pxa2xx: Add missed security checks (git-fixes). - spi: img-spfi: fix potential double release (git-fixes). - spi: sprd: adi: Add missing lock protection when rebooting (git-fixes). - spi: sifive: disable clk when probe fails and remove (git-fixes). - spi: Add call to spi_slave_abort() function when spidev driver is released (git-fixes). - commit d4280ba - soundwire: intel: fix PDI/stream mapping for Bulk (git-fixes). - commit befdf94 - staging: rtl8188eu: fix possible null dereference (git-fixes). - staging: rtl8192u: fix multiple memory leaks on error path (git-fixes). - rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() (git-fixes). - rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot (git-fixes). - commit 70d7407 - regulator: bd70528: Remove .set_ramp_delay for bd70528_ldo_ops (git-fixes). - regulator: axp20x: Fix axp20x_set_ramp_delay (git-fixes). - regulator: axp20x: Fix AXP22x ELDO2 regulator enable bitmask (git-fixes). - rtc: sun6i: Add support for RTC clocks on R40 (git-fixes). - riscv: ftrace: correct the condition logic in function graph tracer (git-fixes). - regulator: max8907: Fix the usage of uninitialized variable in max8907_regulator_probe() (git-fixes). - commit d2746d5 - qtnfmac: fix invalid channel information output (git-fixes). - qtnfmac: fix debugfs support for multiple cards (git-fixes). - qtnfmac: fix using skb after free (git-fixes). - commit 339b79a - pstore/ram: Write new dumps to start of recycled zones (git-fixes). - pstore/ram: Fix error-path memory leak in persistent_ram_new() callers (git-fixes). - commit a2e4095 - platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table (git-fixes). - platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes (git-fixes). - pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() (git-fixes). - pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B (git-fixes). - pinctrl: devicetree: Avoid taking direct reference to device name string (git-fixes). - power: supply: cpcap-battery: Check voltage before orderly_poweroff (git-fixes). - commit d3f5c31 - mod_devicetable: fix PHY module format (git-fixes). - PCI/PM: Always return devices to D0 when thawing (git-fixes). - parport: load lowlevel driver if ports not found (git-fixes). - commit 22bfd6f - mmc: sdhci-of-esdhc: re-implement erratum A-009204 workaround (git-fixes). - mmc: sdhci: Add a quirk for broken command queuing (git-fixes). - mmc: sdhci: Workaround broken command queuing on Intel GLK (git-fixes). - mmc: sdhci-of-esdhc: fix P2020 errata handling (git-fixes). - mmc: sdhci: Update the tuning failed messages to pr_debug level (git-fixes). - mmc: sdhci-of-esdhc: Revert "mmc: sdhci-of-esdhc: add erratum A-009204 support" (git-fixes). - mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode (git-fixes). - mmc: sdhci-msm: Correct the offset and value for DDR_CONFIG register (git-fixes). - misc: fastrpc: fix memory leak from miscdev->name (git-fixes). - mmc: tmio: Add MMC_CAP_ERASE to allow erase/discard/trim requests (git-fixes). - mmc: core: Drop check for mmc_card_is_removable() in mmc_rescan() (git-fixes). - mmc: block: Add CMD13 polling for MMC IOCTLS with R1B response (git-fixes). - mmc: block: Make card_busy_detect() a bit more generic (git-fixes). - commit 028a842 - media: cec: check 'transmit_in_progress', not 'transmitting' (git-fixes). - media: vicodec: media_device_cleanup was called too early (git-fixes). - media: vim2m: media_device_cleanup was called too early (git-fixes). - media: v4l2-ctrl: Lock main_hdl on operations of requests_queued (git-fixes). - media: si470x-i2c: add missed operations in remove (git-fixes). - media: pvrusb2: Fix oops on tear-down when radio support is not present (git-fixes). - media: vivid: media_device_cleanup was called too early (git-fixes). - media: staging/imx: Use a shorter name for driver (git-fixes). - commit 0e40744 - media: v4l2-core: fix touch support in v4l_g_fmt (git-fixes). - media: smiapp: Register sensor after enabling runtime PM on the device (git-fixes). - media: imx7-mipi-csis: Add a check for devm_regulator_get (git-fixes). - media: st-mipid02: add a check for devm_gpiod_get_optional (git-fixes). - media: ad5820: Define entity function (git-fixes). - media: ov5640: Make 2592x1944 mode only available at 15 fps (git-fixes). - media: ov6650: Fix stored frame interval not in sync with hardware (git-fixes). - media: aspeed: clear garbage interrupts (git-fixes). - media: aspeed: set hsync and vsync polarities to normal before starting mode detection (git-fixes). - commit c8cb4cb - media: cedrus: Fix undefined shift with a SHIFT_AND_MASK_BITS macro (git-fixes). - commit 08552bc - media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases (git-fixes). - media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number (git-fixes). - media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage (git-fixes). - media: ti-vpe: vpe: Make sure YUYV is set as default format (git-fixes). - media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format (git-fixes). - media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic (git-fixes). - media: cx88: Fix some error handling path in 'cx8800_initdev()' (git-fixes). - commit b475671 - media: cec-funcs.h: add status_req checks (git-fixes). - media: flexcop-usb: fix NULL-ptr deref in flexcop_usb_transfer_init() (git-fixes). - media: venus: Fix occasionally failures to suspend (git-fixes). - media: venus: core: Fix msm8996 frequency table (git-fixes). - media: i2c: ov2659: Fix missing 720p register config (git-fixes). - media: i2c: ov2659: fix s_stream return value (git-fixes). - media: cedrus: fill in bus_info for media device (git-fixes). - media: am437x-vpfe: Setting STD to current value is not an error (git-fixes). - media: vimc: Fix gpf in rmmod path when stream is active (git-fixes). - commit 3bdee4e - mac80211: fix TID field in monitor mode transmit (git-fixes). - mailbox: imx: Clear the right interrupts at shutdown (git-fixes). - mailbox: imx: Fix Tx doorbell shutdown path (git-fixes). - commit 8428c64 - libata: Fix retrieving of active qcs (git-fixes). - libata: Ensure ata_port probe has completed before detach (git-fixes). - Revert "libata, freezer: avoid block device removal while system is frozen" (git-fixes). - commit aa59034 - leds: an30259a: add a check for devm_regmap_init_i2c (git-fixes). - leds: tlc591xx: update the maximum brightness (git-fixes). - leds: lm3692x: Handle failure to probe the regulator (git-fixes). - iwlwifi: mvm: fix unaligned read of rx_pkt_status (git-fixes). - commit 03687f9 - irqchip: ingenic: Error out if IRQ domain creation failed (git-fixes). - irqchip: Place CONFIG_SIFIVE_PLIC into the menu (git-fixes). - irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary (git-fixes). - commit b53401c - ipmi: Don't allow device module unload when in use (git-fixes). - commit 65e80e2 - intel_th: Fix freeing IRQs (git-fixes). - intel_th: pci: Add Elkhart Lake SOC support (git-fixes). - intel_th: pci: Add Comet Lake PCH-V support (git-fixes). - commit d2e079e - Input: ili210x - handle errors from input_mt_init_slots() (git-fixes). - Input: st1232 - do not reset the chip too early (git-fixes). - Input: atmel_mxt_ts - disable IRQ across suspend (git-fixes). - commit 6ce709b - iio: dac: ad5446: Add support for new AD5600 DAC (git-fixes). - iio: dln2-adc: fix iio_triggered_buffer_postenable() position (git-fixes). - staging: iio: ad9834: add a check for devm_clk_get (git-fixes). - iio: adc: max1027: Reset the device at probe time (git-fixes). - iio: max31856: add missing of_node and parent references to iio_dev (git-fixes). - iio: light: bh1750: Resolve compiler warning and make code more readable (git-fixes). - commit 0b7fbd3 - HID: i2c-hid: Send power-on command after reset (git-fixes). - commit bc0c11b - HID: i2c-hid: Remove runtime power management (git-fixes). - Refresh patches.suse/HID-i2c-hid-Reset-ALPS-touchpads-on-resume.patch. - commit 8f8c13b - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors (git-fixes). - HID: Improve Windows Precision Touchpad detection (git-fixes). - HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device (git-fixes). - HID: i2c-hid: fix no irq after reset on raydium 3118 (git-fixes). - HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse (git-fixes). - commit 6c8d52d - gpu: host1x: Allocate gather copy for host1x (git-fixes). - commit fa0dc6d - gpio: xtensa: fix driver build (git-fixes). - gpio: Fix error message on out-of-range GPIO in lookup table (git-fixes). - gpio: mxc: Only get the second IRQ when there is more than one IRQ (git-fixes). - fsi: core: Fix small accesses and unaligned offsets via sysfs (git-fixes). - commit 40e8be8 - fjes: fix missed check in fjes_acpi_add (git-fixes). - firmware_loader: Fix labels with comma for builtin firmware (git-fixes). - fbtft: Make sure string is NULL terminated (git-fixes). - extcon: sm5502: Reset registers during initialization (git-fixes). - commit c1f6bcd - dpaa_eth: fix DMA mapping leak (git-fixes). - dpaa2-ptp: fix double free of the ptp_qoriq IRQ (git-fixes). - dpaa2-eth: Fix TX FQID values (git-fixes). - commit 7ad103e - dmaengine: virt-dma: Fix access after free in vchan_complete() (git-fixes). - dmaengine: Fix access to uninitialized dma_slave_caps (git-fixes). - dmaengine: xilinx_dma: Clear desc_pendingcount in xilinx_dma_reset (git-fixes). - dma-debug: add a schedule point in debug_dma_dump_mappings() (git-fixes). - dma-mapping: Add vmap checks to dma_map_single() (git-fixes). - commit edbb98f - staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value (git-fixes). - counter: stm32-lptimer-cnt: fix a kernel-doc warning (git-fixes). - counter: stm32-timer-cnt: fix a kernel-doc warning (git-fixes). - commit 5f1dabd - clocksource: riscv: add notrace to riscv_sched_clock (git-fixes). - clk: Move clk_core_reparent_orphans() under CONFIG_OF (git-fixes). - clk: imx: pll14xx: fix clk_pll14xx_wait_lock (git-fixes). - clk: imx: clk-imx7ulp: Add missing sentinel of ulp_div_table (git-fixes). - clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes). - clk: walk orphan list on clock provider registration (git-fixes). - clocksource/drivers/asm9260: Add a check for of_clk_get (git-fixes). - clocksource/drivers/timer-of: Use unique device name instead of timer (git-fixes). - clk: clk-gpio: propagate rate change to parent (git-fixes). - clk: qcom: Allow constant ratio freq tables for rcg (git-fixes). - commit c3af1c4 - can: flexcan: poll MCR_LPM_ACK instead of GPR ACK for stop mode acknowledgment (git-fixes). - can: flexcan: add low power enter/exit acknowledgment helper (git-fixes). - can: flexcan: fix possible deadlock and out-of-order reception after wakeup (git-fixes). - can: xilinx_can: Fix missing Rx can packets on CANFD2.0 (git-fixes). - cdrom: respect device capabilities during opening action (git-fixes). - commit 6b25029 - brcmfmac: remove monitor interface when detaching (git-fixes). - Bluetooth: Fix advertising duplicated flags (git-fixes). - Bluetooth: Workaround directed advertising bug in Broadcom controllers (git-fixes). - Bluetooth: missed cpu_to_le16 conversion in hci_init4_req (git-fixes). - commit b42e335 - ath10k: Revert "ath10k: add cleanup in ath10k_sta_state()" (git-fixes). - ath10k: fix get invalid tx rate for Mesh metric (git-fixes). - ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq (git-fixes). - ath10k: fix backtrace on coredump (git-fixes). - ath10k: add cleanup in ath10k_sta_state() (git-fixes). - commit bb2872b - ASoC: SOF: enable sync_write in hdac_bus (git-fixes). - Refresh patches.suse/Revert-ASoC-SOF-Force-polling-mode-on-CFL-and-CNL.patch. - commit 64ac0e6 - ARM: tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume() (git-fixes). - ASoC: wm5100: add missed pm_runtime_disable (git-fixes). - ASoC: wm2200: add missed operations in remove and probe failure (git-fixes). - ASoC: Intel: kbl_rt5663_rt5514_max98927: Add dmic format constraint (git-fixes). - ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile (git-fixes). - ASoC: Intel: bytcr_rt5640: Update quirk for Acer Switch 10 SW5-012 2-in-1 (git-fixes). - ASoC: wm8904: fix regcache handling (git-fixes). - ASoC: SOF: topology: set trigger order for FE DAI link (git-fixes). - commit 6a5428c - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC (git-fixes). - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code (git-fixes). - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker (git-fixes). - ALSA: hda - Apply sync-write workaround to old Intel platforms, too (git-fixes). - ALSA: hda/hdmi - fix atpx_present when CLASS is not VGA (git-fixes). - ALSA: usb-audio: fix set_format altsetting sanity check (git-fixes). - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 (git-fixes). - ALSA: usb-audio: set the interface format after resume on Dell WD19 (git-fixes). - 6pack,mkiss: fix possible deadlock (git-fixes). - ALSA: bebob: expand sleep just after breaking connections for protocol version 1 (git-fixes). - ACPI: button: Add DMI quirk for Medion Akoya E2215T (git-fixes). - commit e88e392 - ice: Add device ids for E822 devices (bsc#1157177). - commit 0246f5b - net: marvell: mvpp2: phylink requires the link interrupt (bsc#1117016). - Delete patches.suse/net-mvpp2-fix-condition-for-setting-up-link-interrup.patch. - commit 8787cfd - blacklist.conf: 1d8f65798240 ("riscv: ftrace: correct the condition logic in function graph tracer") RISCV architecture is not supported. - commit 2dbbf0b - tracing: Fix endianness bug in histogram trigger (bsc#1160231). - commit d1849ae - tracing: Fix lock inversion in trace_event_enable_tgid_record() (bsc#1160229). - commit 4a84dfe - Move the upstreamed mwifiex fix patches into sorted section Refresh tags: patches.suse/mwifiex-Fix-heap-overflow-in-mmwifiex_process_tdls_a.patch patches.suse/mwifiex-fix-possible-heap-overflow-in-mwifiex_proces.patch - commit 19bf98d - USB: Fix: Don't skip endpoint descriptors with maxpacket=0 (bsc#1159811). - commit 0c3dbbc - tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1159152). - tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1159152). - tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1159152). - commit cd1e368 - tracing: Have the histogram compare functions convert to u64 first (bsc#1160215). - commit db2127f - tracing: Avoid memory leak in process_system_preds() (bsc#1160214). - commit d628f71 - config: refresh armv7hl configs Drop EFI_RCI2_TABLE (no longer available). - commit 056a108 - config: refresh Drop EFI_RCI2_TABLE on arm64 (no longer available). - commit 18cf2ea - fix mainline references Fix Patch-mainline: patches.suse/btrfs-simplify-inode-locking-for-RWF_NOWAIT.patch patches.suse/mm-set-S_SWAPFILE-on-blockdev-swap-devices.patch patches.suse/vfs-dont-allow-writes-to-swap-files.patch - commit a590c11 - ocfs2: fix the crash due to call ocfs2_get_dlm_debug once less (bsc#1158632). - commit 9a7b95a ++++ salt: - virt: adding kernel boot parameters to libvirt xml - Added: * virt-adding-kernel-boot-parameters-to-libvirt-xml-55.patch ++++ transactional-update: - Update to version 2.20.1 - Add missing documentation about --continue option - Avoid error message about missing fstab file on first snapshot creation. [boo#1160213] ++++ u-boot-rpiarm64: - Update to v2020.01: * Now requires python 3.5+ (2.x support dropped) * Add Orange Pi Zero Plus 2 support * Platfrom fixes: atmel, fsl, imx, Marvell, RPi, rockchip, sunxi, TI * EFI fixes * I2C fixes * MMC fixes * SPI fixes * USB fixes - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2020.01 * Patches dropped: 0009-libfdt-fdt_address_cells-and-fdt_si.patch 0010-libfdt-return-correct-value-if-size.patch 0011-libfdt-Allow-size-cells-of-0.patch 0012-dm-Fix-default-address-cells-return.patch 0013-arm-arm11-allow-unaligned-memory-ac.patch 0014-fdt-fix-bcm283x-dm-pre-reloc-defini.patch 0015-arm-dts-bcm283x-Rename-U-Boot-file.patch 0016-drivers-bcm283x-Set-pre-location-fl.patch 0017-pinctrl-bcm283x-Add-compatible-for-.patch 0018-rpi-push-fw_dtb_pointer-in-the-.dat.patch 0019-ARM-bcm283x-Move-BCM283x_BASE-to-a-.patch 0020-ARM-bcm283x-Set-rpi_bcm283x_base-at.patch 0021-ARM-bcm283x-Set-memory-map-at-run-t.patch 0022-ARM-defconfig-add-unified-config-fo.patch 0023-boo-1144161-Remove-nand-mtd-spi-dfu.patch 0024-rpi-fix-dram-bank-initialization.patch 0025-rpi-Enable-DRAM-bank-initialization.patch 0026-ARM-defconfig-Fix-32bit-config-for-.patch * Patches added: 0009-boo-1144161-Remove-nand-mtd-spi-dfu.patch ------------------------------------------------------------------ ------------------ 2020-1-6 - Jan 6 2020 ------------------- ------------------------------------------------------------------ ++++ gstreamer-plugins-base: - Add upstream bugfix patches: + gst-base-playbin-handle-error.patch: playbin: Handle error message with redirection indication. + gst-base-audioencoder-fix-leak.patch: audioencoder: fix segment event leak. + gst-base-fft-update-kiss-version.patch: fft: Update our kiss fft version. ++++ kernel-default: - btrfs: simplify inode locking for RWF_NOWAIT (git-fixes). - commit f4e2cf3 - vfs: don't allow writes to swap files (bsc#1158633). - Refresh patches.suse/vfs-add-super_operations-get_inode_dev. - commit 4523846 - mm: set S_SWAPFILE on blockdev swap devices (bsc#1158633). - commit 84b8de8 - blacklist.conf: Add da3cc91b8db4 iommu/mediatek: Add a new tlb_lock for tlb_flush - commit 615be85 - iommu/vt-d: Remove incorrect PSI capability check (bsc#1160142). - iommu/vt-d: Allocate reserved region for ISA with correct permission (bsc#1160140). - iommu: set group default domain before creating direct mappings (bsc#1160139). - iommu/vt-d: Fix dmar pte read access not set error (bsc#1160141). - iommu/vt-d: Set ISA bridge reserved region as relaxable (bsc#1160143). - iommu/iova: Init the struct iova to fix the possible memleak (bsc#1160137). - iommu/arm-smmu: Remove duplicate error message (bsc#1160135). - iommu/arm-smmu-v3: Don't display an error when IRQ lines are missing (bsc#1160136). - iommu/mediatek: Correct the flush_iotlb_all callback (bsc#1160138). - commit 2cdf724 - powerpc/tools: Don't quote $objdump in scripts (bsc#1065729). - commit 82d4ed4 - powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init() (FATE#326394 git-fixes). - commit 2cd1f04 - powerpc/spinlocks: Include correct header for static key (bsc#1160010 ltc#183046). - commit 3e6e518 - powerpc/fadump: sysfs for fadump memory reservation (bsc#1160018 ltc#182902 jsc#SLE-9099). - Documentation/ABI: mark /sys/kernel/fadump_* sysfs files deprecated (bsc#1160018 ltc#182902 jsc#SLE-9099). - powerpc/powernv: move core and fadump_release_opalcore under new kobject (bsc#1160018 ltc#182902 jsc#SLE-9099). - powerpc/fadump: reorganize /sys/kernel/fadump_* sysfs files (bsc#1160018 ltc#182902 jsc#SLE-9099). - sysfs: wrap __compat_only_sysfs_link_entry_to_kobj function to change the symlink name (bsc#1160018 ltc#182902 jsc#SLE-9099). - Documentation/ABI: add ABI documentation for /sys/kernel/fadump_* (bsc#1160018 ltc#182902 jsc#SLE-9099). - commit 3b5b7c0 - powerpc/shared: Use static key to detect shared processor (bsc#1160010 ltc#183046). - powerpc/vcpu: Assume dedicated processors as non-preempt (bsc#1160010 ltc#183046). - powerpc/spinlocks: Refactor SHARED_PROCESSOR (bsc#1160010 ltc#183046). - commit 9083e73 - tools: Sync if_link.h (bsc#1155518). - commit 2837df4 - Revert patches.suse/samples-bpf-fix-build-by-setting-HAVE_ATTR_TEST-to-z.patch (bsc#1160102) - commit 3b6da48 ++++ python-py: - Update to 1.8.1: - Handle ``FileNotFoundError`` when trying to import pathlib in ``path.common`` on Python 3.4 (#207). - ``py.path.local.samefile`` now works correctly in Python 3 on Windows when dealing with symlinks. ++++ yast2: - Persian is also an RTL language (related to bsc#1156437) - 4.2.50 ------------------------------------------------------------------ ------------------ 2020-1-5 - Jan 5 2020 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.62.3: + Fix leak of base iostream (or base datagram socket), 2.62 regression. + Fix duplicate notifies of peer-certificate and peer-certificate-errors. + Fix obscure corner case where SNI might not work. ++++ kernel-default: - xfs: properly serialise fallocate against AIO+DIO (bsc#1158751). - commit e19caef ++++ Mesa: - n_drirc-disable-rgb10-for-chromium-on-amd.patch * fixes patch (boo#1145188) ++++ xfsprogs: - xfs_repair: don't fail recovery of orphaned shortform directories (bsc#1158504) * Add xfsprogs-xfs-create-structure-verifier-function-for-short-for.patch * Add xfsprogs-xfs-create-structure-verifier-function-for-shortform.patch * Add xfsprogs-xfs-provide-a-centralized-method-for-verifying-inlin.patch * Add xfsprogs-xfs-refactor-short-form-directory-structure-verifier.patch * Add xfsprogs-xfs_repair-don-t-fail-directory-repairs-when-grabbin.patch * Add xfsprogs-xfs_repair-implement-custom-ifork-verifiers.patch * Add xfsprogs-xfs_repair-use-custom-ifork-verifier-in-mv_orphanage.patch - xfs_quota: fix false error reporting of project inheritance flag is not set (bsc#1158758) * Add xfsprogs-xfs_quota-fix-false-error-reporting-of-project-inher.patch ------------------------------------------------------------------ ------------------ 2020-1-4 - Jan 4 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: attach dquots and reserve quota blocks during unwritten conversion (bsc#1158753). - commit c997f56 ------------------------------------------------------------------ ------------------ 2020-1-3 - Jan 3 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update patches.suse/vcs-prevent-write-access-to-vcsu-devices.patch (git-fixes bnc#1151927 5.3.16 bnc#1157813 CVE-2019-19252). - commit 8980d90 - bpf: Fix precision tracking for unbounded scalars (bsc#1155518). - commit ab8945b - config: refresh Only headers update, reorder and diff config cleanup. - commit c9453fd - blacklist.conf: add one - commit d636a45 - nbd: fix shutdown and recv work deadlock v2 (git-fixes). - net/smc: add fallback check to connect() (git-fixes). - selftests: net: tls: remove recv_rcvbuf test (git-fixes). - bonding: fix active-backup transition after link failure (git-fixes). - Revert "mmc: sdhci: Fix incorrect switch to HS mode" (git-fixes). - usbip: Fix receive error in vhci-hcd when using scatter-gather (git-fixes). - io_uring: use current task creds instead of allocating a new one (git-fixes). - arm64: dts: qcom: msm8998-clamshell: Remove retention idle state (git-fixes). - commit 7a4b790 - cpuidle: teo: Avoid using "early hits" incorrectly (git-fixes). - commit bcc408a - Linux 5.3.18 (bnc#1151927 5.3.18). - net: ethernet: ti: cpsw: fix extra rx interrupt (bnc#1151927 5.3.18). - tipc: fix ordering of tipc module init and exit routine (bnc#1151927 5.3.18). - openvswitch: support asymmetric conntrack (bnc#1151927 5.3.18). - commit c9a9590 - Refresh patches.suse/net-thunderx-start-phy-before-starting-autonegoti.patch. Update upstream status. - commit 4ab23ed - Update patches.suse/Fixed-updating-of-ethertype-in-function-skb_mpls_pop.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/gre-refetch-erspan-header-from-skb-data-after-pskb_m.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/hsr-fix-a-NULL-pointer-dereference-in-hsr_dev_xmit.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/inet-protect-against-too-small-mtu-values.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/mqprio-Fix-out-of-bounds-access-in-mqprio_dump.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/net-Fixed-updating-of-ethertype-in-skb_mpls_push.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/net-bridge-deny-dev_set_mac_address-when-unregisteri.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/net-dsa-fix-flow-dissection-on-Tx-path.patch (git-fixes bnc#1151927 5.3.18). - Update patches.suse/net-ipv6-add-net-argument-to-ip6_dst_lookup_flow.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/net-ipv6_stub-use-ip6_dst_lookup_flow-instead-of-ip6.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/net-mlx5e-Fix-TXQ-indices-to-be-sequential.patch (jsc#SLE-8464 bnc#1151927 5.3.18). - Update patches.suse/net-mlx5e-Query-global-pause-state-before-setting-pr.patch (jsc#SLE-8464 bnc#1151927 5.3.18). - Update patches.suse/net-sched-fix-dump-qlen-for-sch_mq-sch_mqprio-with-N.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/net-thunderx-start-phy-before-starting-autonegoti.patch (bsc#1158107 bnc#1151927 5.3.18). - Update patches.suse/net-tls-Fix-return-values-to-avoid-ENOTSUPP.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/page_pool-do-not-release-pool-until-inflight-0.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/tcp-Protect-accesses-to-.ts_recent_stamp-with-READ-W.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/tcp-fix-rejected-syncookies-due-to-stale-timestamps.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/tcp-md5-fix-potential-overestimation-of-TCP-option-s.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/tcp-tighten-acceptance-of-ACKs-not-matching-a-child-.patch (bsc#1154353 bnc#1151927 5.3.18). - Update patches.suse/xdp-obtain-the-mem_id-mutex-before-trying-to-remove-.patch (bsc#1154353 bnc#1151927 5.3.18). - commit c82b543 - Linux 5.3.17 (bnc#1151927 5.3.17). - binder: fix incorrect calculation for num_valid (bnc#1151927 5.3.17). - lib: raid6: fix awk build warnings (bnc#1151927 5.3.17). - staging: gigaset: add endpoint-type sanity check (bnc#1151927 5.3.17). - staging: gigaset: fix illegal free on probe errors (bnc#1151927 5.3.17). - staging: gigaset: fix general protection fault on probe (bnc#1151927 5.3.17). - iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting (bnc#1151927 5.3.17). - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour (bnc#1151927 5.3.17). - usb: dwc3: ep0: Clear started flag on completion (bnc#1151927 5.3.17). - USB: atm: ueagle-atm: add missing endpoint check (bnc#1151927 5.3.17). - usb: core: urb: fix URB structure initialization function (bnc#1151927 5.3.17). - ovl: relax WARN_ON() on rename to self (bnc#1151927 5.3.17). - ovl: fix corner case of non-unique st_dev;st_ino (bnc#1151927 5.3.17). - ovl: fix lookup failure on multi lower squashfs (bnc#1151927 5.3.17). - raid5: need to set STRIPE_HANDLE for batch head (bnc#1151927 5.3.17). - block: fix "check bi_size overflow before merge" (bnc#1151927 5.3.17). - erofs: zero out when listxattr is called with no xattr (bnc#1151927 5.3.17). - ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity (bnc#1151927 5.3.17). - powerpc/perf: Disable trace_imc pmu (bnc#1151927 5.3.17). - powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts (bnc#1151927 5.3.17). - arm64: dts: allwinner: a64: Re-add PMU node (bnc#1151927 5.3.17). - mm: memcg/slab: wait for !root kmem_cache refcnt killing on root kmem_cache destruction (bnc#1151927 5.3.17). - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() (bnc#1151927 5.3.17). - s390/kaslr: store KASLR offset for early dumps (bnc#1151927 5.3.17). - s390/smp,vdso: fix ASCE handling (bnc#1151927 5.3.17). - Revert "scsi: qla2xxx: Fix memory leak when sending I/O fails" (bnc#1151927 5.3.17). - scsi: qla2xxx: Fix memory leak when sending I/O fails (bnc#1151927 5.3.17). - scsi: zfcp: trace channel log even for FCP command responses (bnc#1151927 5.3.17). - firmware: qcom: scm: Ensure 'a0' status code is treated as signed (bnc#1151927 5.3.17). - mm/shmem.c: cast the type of unmap_start to u64 (bnc#1151927 5.3.17). - powerpc: Avoid clang warnings around setjmp and longjmp (bnc#1151927 5.3.17). - powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB (bnc#1151927 5.3.17). - powerpc: Allow flush_icache_range to work across ranges >4GB (bnc#1151927 5.3.17). - ext2: check err when partial != NULL (bnc#1151927 5.3.17). - quota: Check that quota is not dirty before release (bnc#1151927 5.3.17). - quota: fix livelock in dquot_writeback_dquots (bnc#1151927 5.3.17). - ext4: fix a bug in ext4_wait_for_tail_page_commit (bnc#1151927 5.3.17). - iio: imu: st_lsm6dsx: fix ODR check in st_lsm6dsx_write_raw (bnc#1151927 5.3.17). - intel_th: pci: Add Tiger Lake CPU support (bnc#1151927 5.3.17). - intel_th: pci: Add Ice Lake CPU support (bnc#1151927 5.3.17). - USB: documentation: flags on usb-storage versus UAS (bnc#1151927 5.3.17). - USB: uas: heed CAPACITY_HEURISTICS (bnc#1151927 5.3.17). - USB: uas: honor flag to avoid CAPACITY16 (bnc#1151927 5.3.17). - usb: Allow USB device to be warm reset in suspended state (bnc#1151927 5.3.17). - usb: gadget: pch_udc: fix use after free (bnc#1151927 5.3.17). - RDMA/core: Fix ib_dma_max_seg_size() (bnc#1151927 5.3.17). - omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 (bnc#1151927 5.3.17). - omap: pdata-quirks: revert pandora specific gpiod additions (bnc#1151927 5.3.17). - ARM: dts: pandora-common: define wl1251 as child node of mmc3 (bnc#1151927 5.3.17). - media: cec.h: CEC_OP_REC_FLAG_ values were swapped (bnc#1151927 5.3.17). - ASoC: rt5645: Fixed typo for buddy jack support (bnc#1151927 5.3.17). - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report (bnc#1151927 5.3.17). - ASoC: rt5645: Fixed buddy jack support (bnc#1151927 5.3.17). - cpufreq: powernv: fix stack bloat and hard limit on number of CPUs (bnc#1151927 5.3.17). - cpuidle: Do not unset the driver if it is there already (bnc#1151927 5.3.17). - cpuidle: teo: Fix "early hits" handling for disabled idle states (bnc#1151927 5.3.17). - cpuidle: teo: Consider hits and misses metrics of disabled states (bnc#1151927 5.3.17). - cpuidle: teo: Rename local variable in teo_select() (bnc#1151927 5.3.17). - cpuidle: teo: Ignore disabled idle states that are too deep (bnc#1151927 5.3.17). - ar5523: check NULL before memcpy() in ar5523_cmd() (bnc#1151927 5.3.17). - cgroup: pids: use atomic64_t for pids->limit (bnc#1151927 5.3.17). - workqueue: Fix pwq ref leak in rescuer_thread() (bnc#1151927 5.3.17). - workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bnc#1151927 5.3.17). - workqueue: Fix spurious sanity check failures in destroy_workqueue() (bnc#1151927 5.3.17). - s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported (bnc#1151927 5.3.17). - btrfs: record all roots for rename exchange on a subvol (bnc#1151927 5.3.17). - Btrfs: send, skip backreference walking for extents with many references (bnc#1151927 5.3.17). - btrfs: Remove btrfs_bio::flags member (bnc#1151927 5.3.17). - btrfs: check page->mapping when loading free space cache (bnc#1151927 5.3.17). - Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc (bnc#1151927 5.3.17). - Btrfs: fix negative subv_writers counter and data space leak after buffered write (bnc#1151927 5.3.17). - btrfs: Avoid getting stuck during cyclic writebacks (bnc#1151927 5.3.17). - btrfs: use refcount_inc_not_zero in kill_all_nodes (bnc#1151927 5.3.17). - dm zoned: reduce overhead of backing device checks (bnc#1151927 5.3.17). - dm writecache: handle REQ_FUA (bnc#1151927 5.3.17). - md: improve handling of bio with REQ_PREFLUSH in md_flush_request() (bnc#1151927 5.3.17). - blk-mq: make sure that line break can be printed (bnc#1151927 5.3.17). - blk-mq: avoid sysfs buffer overflow with too many CPU cores (bnc#1151927 5.3.17). - iio: imu: st_lsm6dsx: move odr_table in st_lsm6dsx_sensor_settings (bnc#1151927 5.3.17). - commit 23a1f41 - Refresh patches.suse/reiserfs-fix-extended-attributes-on-the-root-directory.patch. Update upstream status. - commit 0480375 ------------------------------------------------------------------ ------------------ 2020-1-2 - Jan 2 2020 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices (CVE-2019-19947 bsc#1159929). - commit 507c332 - Update patches.suse/0001-ppdev-fix-PPGETTIME-PPSETTIME-ioctls.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/0002-video-hdmi-Fix-AVI-bar-unpack.patch (bsc#1152489 bnc#1151927 5.3.17). - Update patches.suse/0029-pinctrl-samsung-Fix-device-node-refcount-leaks-in-S3.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-LPSS-Add-LNXVIDEO-BYT-I2C1-to-lpss_device_links.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-LPSS-Add-LNXVIDEO-BYT-I2C7-to-lpss_device_links.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-LPSS-Add-dmi-quirk-for-skipping-_DEP-check-for-.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-OSL-only-free-map-once-in-osl.c.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-PM-Avoid-attaching-ACPI-PM-domain-to-certain-de.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-hotplug-PCI-Allocate-resources-directly-under-t.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ACPI-utils-Move-acpi_dev_get_first_match_dev-under-C.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ALSA-fireface-fix-return-value-in-error-path-of-isoc.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ALSA-oxfw-fix-return-value-in-error-path-of-isochron.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/ASoC-fsl_audmix-Add-spin-lock-to-protect-tdms.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/PM-devfreq-Lock-devfreq-in-trans_stat_show.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/Revert-nvme-Add-quirk-for-Kingston-NVME-SSD-running-.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/SUNRPC-Fix-another-issue-with-MIC-buffer-space.patch (bsc#1154353 bnc#1151927 5.3.17). - Update patches.suse/USB-adutux-fix-interface-sanity-check.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/USB-idmouse-fix-interface-sanity-checks.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/USB-serial-io_edgeport-fix-epic-endpoint-lookup.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/brcmfmac-disable-PCIe-interrupts-before-bus-reset.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/coresight-Serialize-enabling-disabling-a-link-device.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/edac-altera-use-fast-register-io-for-s10-irqs.patch (bsc#1152489 bnc#1151927 5.3.17). - Update patches.suse/edac-ghes-do-not-warn-when-incrementing-refcount-on-0.patch (bsc#1152489 bnc#1151927 5.3.17). - Update patches.suse/ext4-Fix-credit-estimate-for-final-inode-freeing.patch (bsc#1158380 bnc#1151927 5.3.17). - Update patches.suse/ext4-work-around-deleting-a-file-with-i_nlink-0-safe.patch (bsc#1158819 CVE-2019-19447 bnc#1151927 5.3.17). - Update patches.suse/hwrng-omap-Fix-RNG-wait-loop-timeout.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-ad7949-fix-channels-mixups.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-ad7949-kill-pointless-readback-handling-code.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-adc-ad7124-Enable-internal-reference.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-adc-ad7606-fix-reading-unnecessary-data-from-dev.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-adis16480-Add-debugfs_reg_access-entry.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-adis16480-Fix-scales-factors.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iio-imu-inv_mpu6050-fix-temperature-reporting-using-.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/intel_th-Fix-a-double-put_device-in-error-path.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/interconnect-qcom-sdm845-Walk-the-list-safely-on-nod.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/iwlwifi-pcie-fix-support-for-transmitting-SKBs-with-.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/media-bdisp-fix-memleak-on-release.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/media-hantro-Fix-s_fmt-for-dynamic-resolution-change.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/media-radio-wl1273-fix-interrupt-masking-on-release.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/media-venus-remove-invalid-compat_ioctl32-handler.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/mfd-rk808-Fix-RK818-ID-template.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/mm-memfd-fix-COW-issue-on-MAP_PRIVATE-and-F_SEAL_FUTURE_WRITE-mappings.patch (bnc#1155780 (VM/FS functional and performance backports) bnc#1151927 5.3.17). - Update patches.suse/mmc-host-omap_hsmmc-add-code-for-special-init-of-wl1.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/mtd-rawnand-Change-calculating-of-position-page-cont.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/mtd-spear_smi-Fix-Write-Burst-mode.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/net_sched-validate-TCA_KIND-attribute-in-tc_chain_tm.patch (bsc#1154353 bnc#1151927 5.3.17). - Update patches.suse/phy-renesas-rcar-gen3-usb2-Fix-sysfs-interface-of-ro.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/pinctrl-armada-37xx-Fix-irq-mask-access-in-armada_37.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/pinctrl-rza2-Fix-gpio-name-typos.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/pinctrl-samsung-Add-of_node_put-before-return-in-err.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/pinctrl-samsung-Fix-device-node-refcount-leaks-in-Ex.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/pinctrl-samsung-Fix-device-node-refcount-leaks-in-in.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/powerpc-Fix-vDSO-clock_getres.patch (bsc#1065729 bnc#1151927 5.3.17). - Update patches.suse/powerpc-xive-Prevent-page-fault-issues-in-the-machin.patch (bsc#1156882 ltc#182435 bnc#1151927 5.3.17). - Update patches.suse/reiserfs-fix-extended-attributes-on-the-root-directory.patch (bsc#1151225 bnc#1151927 5.3.17). - Update patches.suse/rtc-disable-uie-before-setting-time-and-enable-after.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/rtlwifi-rtl8192de-Fix-missing-callback-that-tests-fo.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/rtlwifi-rtl8192de-Fix-missing-code-to-retrieve-RX-bu.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/rtlwifi-rtl8192de-Fix-missing-enable-interrupt-flag.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/scsi-lpfc-Fix-bad-ndlp-ptr-in-xri-aborted-handling.patch (bsc#1156632,jsc#SLE-8654 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Always-check-the-qla2x00_wait_for_hba_o.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Change-discovery-state-before-PLOGI.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Check-secondary-image-if-reading-the-pr.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Do-command-completion-on-abort-timeout.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-DMA-unmap-leak.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-NVMe-port-discovery-after-a-short-d.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-SRB-leak-on-switch-command-timeout.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-a-dma_pool_free-call.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-a-race-condition-between-aborting-a.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-abort-timeout-race-condition.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-different-size-DMA-Alloc-Unmap.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-double-scsi_done-for-abort-path.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-driver-reload-for-ISP82xx.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-driver-unload-hang.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-flash-read-for-Qlogic-ISPs.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-hang-in-fcport-delete-path.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-message-indicating-vectors-used-by-.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-premature-timer-expiration.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-qla24xx_process_bidir_cmd.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-session-lookup-in-qlt_abort_work.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-stale-session.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Fix-stuck-login-session.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Introduce-the-function-qla2xxx_init_sp.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Make-qla2x00_abort_srb-again-decrease-t.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Make-sure-that-aborted-commands-are-fre.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-Really-fix-qla2xxx_eh_abort.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/scsi-qla2xxx-qla2x00_alloc_fw_dump-set-ha-eft.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.17). - Update patches.suse/seccomp-avoid-overflow-in-implicit-constant-conversi.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/splice-only-read-in-as-much-information-as-there-is-.patch (bsc#1158456 bnc#1151927 5.3.17). - Update patches.suse/staging-rtl8188eu-fix-interface-sanity-check.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/staging-rtl8712-fix-interface-sanity-check.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/staging-vchiq-call-unregister_chrdev_region-when-dri.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/stm-class-Lose-the-protocol-driver-when-dropping-its.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/tpm-add-check-after-commands-attribs-tab-allocation.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-dwc3-gadget-Clear-started-flag-for-non-IOC.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-dwc3-gadget-Fix-logical-condition.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-dwc3-pci-add-ID-for-the-Intel-Comet-Lake-H-varia.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-gadget-configfs-Fix-missing-spin_lock_init.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-host-xhci-tegra-Correct-phy-enable-sequence.patch (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608 bnc#1151927 5.3.17). - Update patches.suse/usb-mon-Fix-a-deadlock-in-usbmon-between-mmap-and-re.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-roles-fix-a-potential-use-after-free.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-typec-fix-use-after-free-in-typec_register_port.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/usb-xhci-only-set-D3hot-for-pci-device.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/virt_wifi-fix-use-after-free-in-virt_wifi_newlink.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/virtio-balloon-fix-managed-page-counts-when-migratin.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/wil6210-check-len-before-memcpy-calls.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/xhci-Fix-memory-leak-in-xhci_add_in_port.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/xhci-Increase-STS_HALT-timeout-in-xhci_suspend.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/xhci-fix-USB3-device-initiated-resume-race-with-root.patch (git-fixes bnc#1151927 5.3.17). - Update patches.suse/xhci-make-sure-interrupts-are-restored-to-correct-st.patch (git-fixes bnc#1151927 5.3.17). - commit eb92594 - Add patch reference for sched fair fix (CVE-2019-19922 bsc#1159717) - commit 480be0b - efi: Make CONFIG_EFI_RCI2_TABLE selectable on x86 only (jsc#SLE-10289). - commit 8c1a561 - efi: Make unexported efi_rci2_sysfs_init() static (jsc#SLE-10289). - commit 0364d1d - Refresh patches.suse/0011-PM-hibernate-require-hibernate-snapshot-image-to-be-.patch. (fate#316350) - commit d4f6542 - Update config files. Add CONFIG_HIBERNATE_VERIFICATION_FORCE is not set - Refresh patches.suse/0010-PM-hibernate-a-option-to-request-that-snapshot-image.patch. (fate#316350) - commit 7516b3e - Refresh patches.suse/0009-PM-hibernate-prevent-EFI-secret-key-to-be-regenerate.patch. (fate#316350) - commit 3a74fdb - Update config files. Add CONFIG_HIBERNATE_VERIFICATION=y - Refresh patches.suse/0008-PM-hibernate-Generate-and-verify-signature-for-snaps.patch. (fate#316350) - commit 04482de ++++ libxml2: - Security fix: [bsc#1159928, CVE-2019-19956] * Memory leak related to newDoc->oldNs in xmlParseBalancedChunkMemoryRecover:parser.c - Add libxml2-CVE-2019-19956.patch ++++ python-six: - Pull in dbm/gdbm module from python for testing ------------------------------------------------------------------ ------------------ 2019-12-31 - Dec 31 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - r8152: avoid to call napi_disable twice (bsc#1159949). - r8152: Re-order napi_disable in rtl8152_close (bsc#1159949). - commit e318a2d - Refresh patches.suse/0007-PM-hibernate-encrypt-hidden-area.patch. (fate#316350) - commit 2517349 - Refresh patches.suse/0006-efi-allow-user-to-regenerate-secret-key.patch. (fate#316350) - commit 15f6da6 - Update config files. Add: CONFIG_HIDDEN_AREA=y CONFIG_EFI_SECRET_KEY=y - Refresh patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch. (fate#316350) - commit 9f8bf21 - Refresh patches.suse/0003-x86-KASLR-public-the-function-for-getting-random-lon.patch. (fate#316350) - commit 404b8d6 - Refresh patches.suse/0002-hibernate-avoid-the-data-in-hidden-area-to-be-snapsh.patch. (fate#316350) - commit ef04a2a - Update config files. Add: [#] CONFIG_HIDDEN_AREA is not set - Refresh patches.suse/0001-security-create-hidden-area-to-keep-sensitive-data.patch. (fate#316350) - commit 11a6e5f ------------------------------------------------------------------ ------------------ 2019-12-30 - Dec 30 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/mce: Fix possibly incorrect severity calculation on AMD (bsc#1152489). - commit f55f1be - x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks (bsc#1152489). - commit a0ed031 - bpf: Clear skb->tstamp in bpf_redirect when necessary (bsc#1155518). - vfs: Convert bpf to use the new mount API (bsc#1155518). - commit 7d014d2 - Refresh patches.suse/bpf-Fix-race-in-btf_resolve_helper_id.patch. Refresh patches.suse/bpf-Compare-BTF-types-of-functions-arguments-with-ac.patch. - commit 5dec29f - samples: bpf: fix syscall_tp due to unused syscall (bsc#1155518). - samples: bpf: Replace symbol compare of trace_event (bsc#1155518). - bpftool: Don't crash on missing jited insns or ksyms (bsc#1155518). - bpf, riscv: Limit to 33 tail calls (bsc#1155518). - libbpf: Make global data internal arrays mmap()-able, if possible (bsc#1155518). - commit 479ef0d ------------------------------------------------------------------ ------------------ 2019-12-29 - Dec 29 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: refresh Clean up options which are no longer available. - commit 64a3f68 - supported.conf: Mark i10nm_edac as supported See bsc#1159522. - commit 442c0cf ++++ Mesa: - Update to version 19.3.1 * Bugfixes for i965/iris, anv and radv ------------------------------------------------------------------ ------------------ 2019-12-27 - Dec 27 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fs/epoll: remove unnecessary wakeups of nested epoll (bsc#1159867). - epoll: simplify ep_poll_safewake() for CONFIG_DEBUG_LOCK_ALLOC (bsc#1159867). - commit 42eb012 - x86/mm/pat: Fix off-by-one bugs in interval tree search (bsc#1159864). - locking/refcount: Remove unused 'refcount_error_report()' function (bsc#1149032). - locking/refcount: Consolidate implementations of refcount_t (bsc#1149032). - locking/refcount: Consolidate REFCOUNT_{MAX,SATURATED} definitions (bsc#1149032). - locking/refcount: Move saturation warnings out of line (bsc#1149032). - locking/refcount: Improve performance of generic REFCOUNT_FULL code (bsc#1149032). - locking/refcount: Move the bulk of the REFCOUNT_FULL implementation into the header (bsc#1149032). - locking/refcount: Remove unused refcount_*_checked() variants (bsc#1149032). - locking/refcount: Ensure integer operands are treated as signed (bsc#1149032). - locking/refcount: Define constants for saturation and max refcount values (bsc#1149032). - lib/smp_processor_id: Don't use cpumask_equal() (bsc#1149032). - x86/mm/pat: Rename pat_rbtree.c to pat_interval.c (bsc#1159864). - x86/mm/pat: Drop the rbt_ prefix from external memtype calls (bsc#1159864). - x86/mm/pat: Do not pass 'rb_root' down the memtype tree helper functions (bsc#1159864). - x86/mm/pat: Convert the PAT tree to a generic interval tree (bsc#1159864). - augmented rbtree: rework the RB_DECLARE_CALLBACKS macro definition (bsc#1159864). - augmented rbtree: add new RB_DECLARE_CALLBACKS_MAX macro (bsc#1159864). - augmented rbtree: add comments for RB_DECLARE_CALLBACKS macro (bsc#1159864). - rbtree: avoid generating code twice for the cached versions (tools copy) (bsc#1159864). - commit 27d4ced ------------------------------------------------------------------ ------------------ 2019-12-26 - Dec 26 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - series.conf: refresh - update upstream reference and resort: patches.suse/net-ibmvnic-Fix-typo-in-retry-check.patch - commit cdfb8b3 - selftests/bpf: Add static to enable_all_controllers() (bsc#1155518). - commit e1a5909 - libbpf: Add support for field size relocations (bsc#1155518). - libbpf: Add support for relocatable bitfields (bsc#1155518). - selftests/bpf: Remove too strict field offset relo test cases (bsc#1155518). - commit 50d1087 - libbpf: Fix usage of u32 in userspace code (bsc#1155518). - libbpf: Fix bpf_object name determination for bpf_object__open_file() (bsc#1155518). - libbpf: Unpin auto-pinned maps if loading fails (bsc#1155518). - selftests/bpf: Move test_section_names into test_progs and fix it (bsc#1155518). - Refresh patches.suse/selftests-bpf-xdping-is-not-meant-to-be-run-standalo.patch. - selftests/bpf: Fix dependency ordering for attach_probe test (bsc#1155518). - commit d4cc79c - bpf: Fix record_func_key to perform backtracking on r3 (bsc#1155518). - bpf: Fix cgroup local storage prog tracking (bsc#1155518). - bpf: Fix missing prog untrack in release_maps (bsc#1155518). - bpf: Fix build in minimal configurations, again (bsc#1155518). - samples/bpf: Fix broken xdp_rxq_info due to map order assumptions (bsc#1155518). - libbpf: Fix up generation of bpf_helper_defs.h (bsc#1155518). - libbpf: Fix global variable relocation (bsc#1155518). - bpf: Introduce BPF_TRACE_x helper for the tracing tests (bsc#1155518). - selftests/bpf: Add BPF trampoline performance test (bsc#1155518). - selftests/bpf: Ensure core_reloc_kernel is reading test_progs's data only (bsc#1155518). - libbpf: Support initialized global variables (bsc#1155518). - libbpf: Fix various errors and warning reported by checkpatch.pl (bsc#1155518). - libbpf: Refactor relocation handling (bsc#1155518). - Refresh patches.suse/libbpf-fix-sym-st_value-print-on-32-bit-arches.patch. - selftests/bpf: Integrate verbose verifier log into test_progs (bsc#1155518). - selftests, bpftool: Skip the build test if not in tree (bsc#1155518). - selftests, bpftool: Set EXIT trap after usage function (bsc#1155518). - selftests/bpf: Add BPF_TYPE_MAP_ARRAY mmap() tests (bsc#1155518). - selftests/bpf: Add a test for attaching BPF prog to another BPF prog and subprog (bsc#1155518). - selftests/bpf: Extend test_pkt_access test (bsc#1155518). - libbpf: Add support for attaching BPF programs to other BPF programs (bsc#1155518). - selftests/bpf: Add stress test for maximum number of progs (bsc#1155518). - selftests/bpf: Add combined fentry/fexit test (bsc#1155518). - selftests/bpf: Add fexit tests for BPF trampoline (bsc#1155518). - selftests/bpf: Add test for BPF trampoline (bsc#1155518). - selftest/bpf: Simple test for fentry/fexit (bsc#1155518). - libbpf: Add support to attach to fentry/fexit tracing progs (bsc#1155518). - libbpf: Introduce btf__find_by_name_kind() (bsc#1155518). - libbpf: Add getter for program size (bsc#1155518). - bpf: Add cb access in kfree_skb test (bsc#1155518). - selftests/bps: Clean up removed ints relocations negative tests (bsc#1155518). - selftests/bpf: Add field size relocation tests (bsc#1155518). - selftest/bpf: Add relocatable bitfield reading tests (bsc#1155518). - selftests: Add tests for automatic map pinning (bsc#1155518). - libbpf: Add auto-pinning of maps when loading BPF objects (bsc#1155518). - libbpf: Move directory creation into _pin() functions (bsc#1155518). - libbpf: Store map pin path and status in struct bpf_map (bsc#1155518). - libbpf: Fix error handling in bpf_map__reuse_fd() (bsc#1155518). - libbpf: Add support for prog_tracing (bsc#1155518). - libbpf: Make DECLARE_LIBBPF_OPTS macro strictly a variable declaration (bsc#1155518). - selftest/bpf: Get rid of a bunch of explicit BPF program type setting (bsc#1155518). - selftests/bpf: Make reference_tracking test use subtests (bsc#1155518). - selftests/bpf: Make a copy of subtest name (bsc#1155518). - libbpf: Teach bpf_object__open to guess program types (bsc#1155518). - libbpf: Add uprobe/uretprobe and tp/raw_tp section suffixes (bsc#1155518). - libbpf: Add bpf_program__get_{type, expected_attach_type) APIs (bsc#1155518). - bpf, libbpf: Add kernel version section parsing back (bsc#1155518). - selftests/bpf: Make CO-RE reloc test impartial to test_progs flavor (bsc#1155518). - selftests/bpf: Add field existence CO-RE relocs tests (bsc#1155518). - libbpf: Add BPF-side definitions of supported field relocation kinds (bsc#1155518). - libbpf: Add support for field existance CO-RE relocation (bsc#1155518). - libbpf: Refactor bpf_object__open APIs to use common opts (bsc#1155518). - libbpf: Update BTF reloc support to latest Clang format (bsc#1155518). - selftests/bpf: Enforce libbpf build before BPF programs are built (bsc#1155518). - libbpf: Generate more efficient BPF_CORE_READ code (bsc#1155518). - selftests/bpf: Add read-only map values propagation tests (bsc#1155518). - scripts/bpf: Fix xdp_md forward declaration typo (bsc#1155518). - selftests/bpf: Add BPF_CORE_READ and BPF_CORE_READ_STR_INTO macro tests (bsc#1155518). - libbpf: Add BPF_CORE_READ/BPF_CORE_READ_INTO helpers (bsc#1155518). - libbpf: Move bpf_{helpers, helper_defs, endian, tracing}.h into libbpf (bsc#1155518). - selftests/bpf: Split off tracing-only helpers into bpf_tracing.h (bsc#1155518). - selftests/bpf: Adjust CO-RE reloc tests for new bpf_core_read() macro (bsc#1155518). - selftests/bpf: samples/bpf: Split off legacy stuff from bpf_helpers.h (bsc#1155518). - selftests/bpf: Undo GCC-specific bpf_helpers.h changes (bsc#1155518). - bpftool: Fix bpftool build by switching to bpf_object__open_file() (bsc#1155518). - libbpf: auto-generate list of BPF helper definitions (bsc#1155518). - scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions (bsc#1155518). - uapi/bpf: fix helper docs (bsc#1155518). - libbpf: Add cscope and tags targets to Makefile (bsc#1155518). - selftests/bpf: switch tests to new bpf_object__open_{file, mem}() APIs (bsc#1155518). - libbpf: fix bpf_object__name() to actually return object name (bsc#1155518). - libbpf: add bpf_object__open_{file, mem} w/ extensible opts (bsc#1155518). - libbpf: stop enforcing kern_version, populate it for users (bsc#1155518). - libbpf: Fix BTF-defined map's __type macro handling of arrays (bsc#1155518). - libbpf: Bump current version to v0.0.6 (bsc#1155518). - selftests/bpf: add bpf-gcc support (bsc#1155518). - bpf: sync bpf.h to tools/ (bsc#1155518). - bpf: clarify when bpf_trace_printk discards lines (bsc#1155518). - bpf: fix 'struct pt_reg' typo in documentation (bsc#1155518). - libbpf: relicense bpf_helpers.h and bpf_endian.h (bsc#1155518). - tools/bpf: fix core_reloc.c compilation error (bsc#1155518). - selftests/bpf: add CO-RE relocs misc tests (bsc#1155518). - selftests/bpf: add CO-RE relocs ints tests (bsc#1155518). - selftests/bpf: add CO-RE relocs ptr-as-array tests (bsc#1155518). - selftests/bpf: add CO-RE relocs modifiers/typedef tests (bsc#1155518). - selftests/bpf: add CO-RE relocs enum/ptr/func_proto tests (bsc#1155518). - selftests/bpf: add CO-RE relocs array tests (bsc#1155518). - selftests/bpf: add CO-RE relocs nesting tests (bsc#1155518). - selftests/bpf: add CO-RE relocs struct flavors tests (bsc#1155518). - selftests/bpf: add CO-RE relocs testing setup (bsc#1155518). - selftests/bpf: add BPF_CORE_READ relocatable read macro (bsc#1155518). - selftests/bpf: bpf_tcp_gen_syncookie->bpf_helpers (bsc#1155518). - samples/bpf: switch trace_output sample to perf_buffer API (bsc#1155518). - samples/bpf: convert xdp_sample_pkts_user to perf_buffer API (bsc#1155518). - commit d828ab7 ------------------------------------------------------------------ ------------------ 2019-12-24 - Dec 24 2019 ------------------- ------------------------------------------------------------------ ++++ NetworkManager: - Update to version 1.22.2: + Fix multiple issues in the internal DHCP client, including wrong parsing of search domains and classless routes options, and failures in obtaining and renewing the lease with certain server configurations. + Export NM_CAPABILITY_OVS capability on D-Bus and in libnm to indicate that the OVS plugin is loaded. + Fix libnm annotations for nm_sriov_vf_get_vlan_ids() to allow the usage of the function through GObject introspection. ------------------------------------------------------------------ ------------------ 2019-12-23 - Dec 23 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - LVM Metadata Error: Error writing device at 4096 length 512 (bsc#1150021) + bug-1150021_01-scanning-open-devs-rw-when-rescanning-for-write.patch + bug-1150021_02-bcache-add-bcache_abort.patch + bug-1150021_03-label-Use-bcache_abort_fd-to-ensure-blocks-are-no-lo.patch + bug-1150021_04-bcache-add-unit-test.patch + bug-1150021_05-bcache-bcache_invalidate_fd-only-remove-prefixes-on.patch + bug-1150021_06-fix-dev_unset_last_byte-after-write-error.patch - Update patch, according to bug-1150021_01-scanning-xxx.patch + bug-1158861_06-fix-segfault-for-invalid-characters-in-vg-name.patch ++++ ignition: - Update to version 2.1.1: * stages/files: don't relabel /home and /root symlinks * tests/filesystems: fix error handling * blackbox tests: don't swallow errors * log: use os.ProcessState.ExitCode instead of unix * travis: bump min go to 1.12 * news: add notes for 2.1.1 * readme: fix links, add validation container docs * Dockerfile: add dockerfile for ignition-validate * news: add news for v2.1.0 * README.md: add details about dracut and branches here * doc/operator-notes: simplify SELinux section * mount: also relabel mount points * util: factor out FindFirstMissingDirForFile function * files: perform relabeling from initrd * doc/examples: Make example file path valid * Rework fetch/resource to automatically append required headers ++++ kernel-default: - ext4: check for directory entries too close to block end (bsc#1157717 CVE-2019-19037). - commit 6bf11c6 - ext4: fix ext4_empty_dir() for directories with holes. - commit 54aad4a ++++ lvm2: - LVM Metadata Error: Error writing device at 4096 length 512 (bsc#1150021) + bug-1150021_01-scanning-open-devs-rw-when-rescanning-for-write.patch + bug-1150021_02-bcache-add-bcache_abort.patch + bug-1150021_03-label-Use-bcache_abort_fd-to-ensure-blocks-are-no-lo.patch + bug-1150021_04-bcache-add-unit-test.patch + bug-1150021_05-bcache-bcache_invalidate_fd-only-remove-prefixes-on.patch + bug-1150021_06-fix-dev_unset_last_byte-after-write-error.patch - Update patch, according to bug-1150021_01-scanning-xxx.patch + bug-1158861_06-fix-segfault-for-invalid-characters-in-vg-name.patch ++++ p11-kit: - Also build documentation (boo#1013125) ------------------------------------------------------------------ ------------------ 2019-12-22 - Dec 22 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - futex: Prevent exit livelock (bsc#1149032). - futex: Provide distinct return value when owner is exiting (bsc#1149032). - futex: Add mutex around futex exit (bsc#1149032). - futex: Provide state handling for exec() as well (bsc#1149032). - futex: Sanitize exit state handling (bsc#1149032). - futex: Mark the begin of futex exit explicitly (bsc#1149032). - futex: Set task::futex_state to DEAD right after handling futex exit (bsc#1149032). - futex: Split futex_mm_release() for exit/exec (bsc#1149032). - exit/exec: Seperate mm_release() (bsc#1149032). - futex: Replace PF_EXITPIDONE with a state (bsc#1149032). - futex: Move futex exit handling into futex code (bsc#1149032). - commit 069097a ------------------------------------------------------------------ ------------------ 2019-12-20 - Dec 20 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mm, debug_pagealloc: don't rely on static keys too early (VM debuging functionality, bsc#1159455). - commit 690a965 - ext4: work around deleting a file with i_nlink == 0 safely (bsc#1158819 CVE-2019-19447). - commit 126e601 - drm/i915/gt: Save irqstate around virtual_context_destroy (git-fixes). - commit 0119c98 - Mark already cherry-picked commit ids in i915 patches Refresh: patches.suse/drm-i915-Don-t-oops-in-dumb_create-ioctl-if-we-have-.patch patches.suse/drm-i915-userptr-Try-to-acquire-the-page-lock-around.patch - commit 051ff5d - drm/i915: Protect context while grabbing its name for the request (git-fixes). - drm/i915: Initialise breadcrumb lists on the virtual engine (git-fixes). - commit 248edd0 - net: dsa: fix flow dissection on Tx path (git-fixes). - net: dsa: LAN9303: select REGMAP when LAN9303 enable (git-fixes). - commit a8aec65 - KEYS: asymmetric: return ENOMEM if akcipher_request_alloc() fails (git-fixes). - commit 6067783 - mmc: dw_mmc: Fix debugfs on 64-bit platforms (git-fixes). - mmc: atmel-mci: Fix debugfs on 64-bit platforms (git-fixes). - debugfs: Add debugfs_create_xul() for hexadecimal unsigned long (git-fixes). - commit 3a9e8a9 - tpm: fix invalid locking in NONBLOCKING mode (git-fixes). - tpm_tis: reserve chip for duration of tpm_tis_core_init (git-fixes). - nvmem: core: fix nvmem_cell_write inline function (git-fixes). - tools/power/cpupower: Fix initializer override in hsw_ext_cstates (git-fixes). - commit 1d5439f - tools/testing/nvdimm: Fix fallthrough warning (bsc#1159523). - commit c26d308 - net: wireless: intel: iwlwifi: fix GRO_NORMAL packet stalling (bsc#1159555). - commit f735353 ++++ openssl-1_1: - Support for CPACF enhancements - part 1 (crypto) [bsc#1152695, jsc#SLE-7861] - Add patches: * openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch * openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch * openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch * openssl-s390x-assembly-pack-update-OPENSSL_s390xcap-3.patch * openssl-s390xcpuid.pl-fix-comment.patch * openssl-assembly-pack-accelerate-scalar-multiplication.patch * openssl-Enable-curve-spefific-ECDSA-implementations-via-EC_M.patch * openssl-s390x-assembly-pack-accelerate-ECDSA.patch * openssl-OPENSSL_s390xcap.pod-list-msa9-facility-bit-155.patch * openssl-s390x-assembly-pack-cleanse-only-sensitive-fields.patch * openssl-s390x-assembly-pack-fix-OPENSSL_s390xcap-z15-cpu-mas.patch * openssl-s390x-assembly-pack-fix-msa3-stfle-bit-detection.patch * openssl-Fix-9bf682f-which-broke-nistp224_method.patch ++++ virglrenderer: - Add 4 security fixes * Check resource creation more thoroughly (CVE-2019-18388 bsc#1159479) 0002-5d03711-vrend-Keep-the-max-texture-sizes-in-the-vrend_state.patch 0003-0d9a2c8-vrend-Check-resource-creation-more-thoroughly.patch * check info formats in blits (CVE-2019-18390 bsc#1159478) 0004-24f67de-vrend-check-info-formats-in-blits.patch * check transfer bounds for negative values too (CVE-2019-18389 bsc#1159482) 0005-cbc8d8b-vrend-check-transfer-bounds-for-negative-values-too-.patch * check transfer iov holds enough data for the data upload (CVE-2019-18391 bsc#1159486) 0006-2abeb18-vrend-check-that-the-transfer-iov-holds-enough-data-.patch ++++ python-six: - update to 0.13.0: - Issue #298, pull request #299: Add `six.moves.dbm_ndbm`. - Issue #155: Add `six.moves.collections_abc`, which aliases the `collections` module on Python 2-3.2 and the `collections.abc` on Python 3.3 and greater. - Pull request #304: Re-add distutils fallback in `setup.py`. - Pull request #305: On Python 3.7, `with_metaclass` supports classes using PEP ++++ u-boot-rpiarm64: - Add Leap 15.2 (x86, arm and ppc) to the list of projects using _multibuild ------------------------------------------------------------------ ------------------ 2019-12-19 - Dec 19 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version: 9.19.7 → 9.19.8 - Update libyui-ncurses-pkg10 to libyui-ncurses-pkg11 In Tumbleweed there is no longer the libyui-ncurses-pkg10 its been superseded by libyui-ncurses-pkg11. This fixes the test-image-qcow-openstack integration test - Reference commit for SUSE maintenance This commit adds a reference to Issue #1301 and the report in bugzilla bsc#1159538. The issue was fixed in commit 7d96d19c ++++ glib2: - Update to version 2.62.4: + Apply recursion depth limits to variants in D-Bus messages. + Bugs fixed: glgo#GNOME/GLib#1938, glgo#GNOME/GLib!1240, glgo#GNOME/GLib!1257, glgo#GNOME/GLib!1266, glgo#GNOME/GLib!1276, glgo#GNOME/GLib!1290. ++++ grep: - Update testsuite expectations, no functional changes (bsc#1155271) ++++ kernel-default: - rpm/kernel-subpackage-spec: fix kernel-default-base build There were some issues with recent changes to subpackage dependencies handling: - a typo in %kernel_base_conflicts macro name - copy/pasted "Recommends:" instead of "Provides:", "Obsoletes:" and "Conflicts: - missing escaping of backslashes in macro expansions Fixes: f3b74b0ae86b ("rpm/kernel-subpackage-spec: Unify dependency handling.") Fixes: 3fd22e219f77 ("rpm/kernel-subpackage-spec: Fix empty Recommends tag (bsc#1143959)") - commit 762fd66 - Btrfs: send, allow clone operations within the same file (bsc#1158746). - commit 65efe90 - Btrfs: fix hole extent items with a zero size after range cloning (bsc#1156782). - commit c0cfb85 - Btrfs: fix cloning range with a hole when using the NO_HOLES feature (bsc#1156782). - commit 990a52a - supported.conf: Mark intel_rapl-* modules as supported (bsc#1159519) Those were marked as unsupported incorrectly. - commit a95f5c6 - dpaa_eth: register a device link for the qman portal used (bsc#1159537). - soc: fsl: qbman: allow registering a device link for the portal user (bsc#1159537). - dpaa_eth: extend delays in ndo_stop (bsc#1159537). - dpaa_eth: remove netdev_err() for user errors (bsc#1159537). - dpaa_eth: add dropped frames to percpu ethtool stats (bsc#1159537). - dpaa_eth: use a page to store the SGT (bsc#1159537). - dpaa_eth: cleanup skb_to_contig_fd() (bsc#1159537). - dpaa_eth: use fd information in dpaa_cleanup_tx_fd() (bsc#1159537). - dpaa_eth: simplify variables used in dpaa_cleanup_tx_fd() (bsc#1159537). - dpaa_eth: avoid timestamp read on error paths (bsc#1159537). - dpaa_eth: perform DMA unmapping before read (bsc#1159537). - dpaa_eth: use page backed rx buffers (bsc#1159537). - dpaa_eth: use only one buffer pool per interface (bsc#1159537). - dpaa_eth: add newline in dev_err() msg (bsc#1159537). - fsl/fman: remove unused struct member (bsc#1159537). - dpaa_eth: change DMA device (bsc#1159537). - fsl/fman: add API to get the device behind a fman port (bsc#1159537). - dpaa_eth: remove redundant code (bsc#1159537). - dpaa_eth: defer probing after qbman (bsc#1159537). - fsl/fman: don't touch liodn base regs reserved on non-PAMU SoCs (bsc#1159537). - dpaa_eth: Use refcount_t for refcount (bsc#1159537). - soc/fsl/qbman: Update device tree with reserved memory (bsc#1159535). - soc/fsl/qbman: Fixup qman_shutdown_fq() (bsc#1159535). - soc/fsl/qbman: Disable interrupts during portal recovery (bsc#1159535). - soc/fsl/qbman: Fix drain_mr_fqni() (bsc#1159535). - soc/fsl/qbman: Cleanup QMan queues if device was already initialized (bsc#1159535). - soc/fsl/qbman: Cleanup buffer pools if BMan was initialized prior to bootup (bsc#1159535). - soc/fsl/qbman: Rework QBMan private memory setup (bsc#1159535). - commit 622fccb - KVM: arm/arm64: vgic: Allow more than 256 vcpus for KVM_IRQ_LINE (jsc#SLE-9228). - Refresh patches.suse/KVM-Hyper-V-Add-new-KVM-capability-KVM_CAP_HYPERV_DI.patch. - commit 4054d0e ++++ mozjs60: - SLE 15 SP2 will ship with ICU 65, apply patches accordingly (jsc#SLE-11118). ++++ python3-core: - Update to 3.6.10 (still in line with jsc#SLE-9426, jsc#SLE-9427, bsc#1159035): - Security: - bpo-38945: Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process. - bpo-37228: Due to significant security concerns, the reuse_address parameter of asyncio.loop.create_datagram_endpoint() is no longer supported. This is because of the behavior of SO_REUSEADDR in UDP. For more details, see the documentation for loop.create_datagram_endpoint(). (Contributed by Kyle Stanley, Antoine Pitrou, and Yury Selivanov in bpo-37228.) - bpo-38804: Fixes a ReDoS vulnerability in http.cookiejar. Patch by Ben Caller. - bpo-38243: Escape the server title of xmlrpc.server.DocXMLRPCServer when rendering the document page as HTML. (Contributed by Dong-hee Na in bpo-38243.) - bpo-38174: Update vendorized expat library version to 2.2.8, which resolves CVE-2019-15903. - bpo-37461: Fix an infinite loop when parsing specially crafted email headers. Patch by Abhilash Raj. - bpo-34155: Fix parsing of invalid email addresses with more than one @ (e.g. a@b@c.com.) to not return the part before 2nd @ as valid email address. Patch by maxking & jpic. - Library: - bpo-38216: Allow the rare code that wants to send invalid http requests from the http.client library a way to do so. The fixes for bpo-30458 led to breakage for some projects that were relying on this ability to test their own behavior in the face of bad requests. - bpo-36564: Fix infinite loop in email header folding logic that would be triggered when an email policy’s max_line_length is not long enough to include the required markup and any values in the message. Patch by Paul Ganssle - Remove patches included in the upstream tarball: - CVE-2019-16935-xmlrpc-doc-server_title.patch (and also bpo37614-race_test_docxmlrpc_srv_setup.patch, which was resolving bsc#1174701). - CVE-2019-16056-email-parse-addr.patch - Move idle subpackage build from python3-base to python3 (bsc#1159622). appstream-glib required for packaging introduces considerable extra dependencies and a build loop via rust/librsvg. - Correct installation of idle IDE icons: + idle.png is not the target directory + non-GNOME-specific icons belong into icons/hicolor - Add required Name key to idle3 desktop file ++++ libsolv: - fix solv_zchunk decoding error if large chunks are used [bnc#1159314] ++++ libvirt: - CVE-2019-11135: Add TSX_CTRL and TAA_NO bits for IA32_ARCH_CAPABILITIES MSR 07aaced4-Add-TAA-No.patch, f411b7ef6-Add-TSX-CTRL.patch bsc#1152505 ++++ libzypp: - BuildRequires: libsolv-devel >= 0.7.10. - RpmDb: Become rpmdb backend independent (jsc#SLE-7272) - RpmDb: Close API offering a custom rpmdb path It's actually not needed and for this to work also libsolv needs to support it. You can sill use a librpmDb::db_const_iterator to access a database at a custom location (ro). - Remove legacy rpmV3database conversion code. - version 17.20.0 (20) ++++ python3: - Update to 3.6.10 (still in line with jsc#SLE-9426, jsc#SLE-9427, bsc#1159035): - Security: - bpo-38945: Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process. - bpo-37228: Due to significant security concerns, the reuse_address parameter of asyncio.loop.create_datagram_endpoint() is no longer supported. This is because of the behavior of SO_REUSEADDR in UDP. For more details, see the documentation for loop.create_datagram_endpoint(). (Contributed by Kyle Stanley, Antoine Pitrou, and Yury Selivanov in bpo-37228.) - bpo-38804: Fixes a ReDoS vulnerability in http.cookiejar. Patch by Ben Caller. - bpo-38243: Escape the server title of xmlrpc.server.DocXMLRPCServer when rendering the document page as HTML. (Contributed by Dong-hee Na in bpo-38243.) - bpo-38174: Update vendorized expat library version to 2.2.8, which resolves CVE-2019-15903. - bpo-37461: Fix an infinite loop when parsing specially crafted email headers. Patch by Abhilash Raj. - bpo-34155: Fix parsing of invalid email addresses with more than one @ (e.g. a@b@c.com.) to not return the part before 2nd @ as valid email address. Patch by maxking & jpic. - Library: - bpo-38216: Allow the rare code that wants to send invalid http requests from the http.client library a way to do so. The fixes for bpo-30458 led to breakage for some projects that were relying on this ability to test their own behavior in the face of bad requests. - bpo-36564: Fix infinite loop in email header folding logic that would be triggered when an email policy’s max_line_length is not long enough to include the required markup and any values in the message. Patch by Paul Ganssle - Remove patches included in the upstream tarball: - CVE-2019-16935-xmlrpc-doc-server_title.patch (and also bpo37614-race_test_docxmlrpc_srv_setup.patch, which was resolving bsc#1174701). - CVE-2019-16056-email-parse-addr.patch - Move idle subpackage build from python3-base to python3 (bsc#1159622). appstream-glib required for packaging introduces considerable extra dependencies and a build loop via rust/librsvg. - Correct installation of idle IDE icons: + idle.png is not the target directory + non-GNOME-specific icons belong into icons/hicolor - Add required Name key to idle3 desktop file ++++ raspberrypi-firmware: - Update to 0c01dbefba (2019-12-11): * firmware: platform: Allow fixed voltage with avs_disable=1 * firmware: EMMC: Use PLLD for EMMC for 250MHz host-clock See: #1289 * firmware: platform: Round down effective frequencies when they exceed max See: #1290 * firmware: arm_loader: Pass video mode via kernel command for composite See: #1285 * firmware: Fix lens shading table generation buglet See: https://www.raspberrypi.org/forums/viewtopic.php?f=43&t=190586&start=75#p1534672 * firmware: hdmi: Use RB2 timing for 2560x1440@60 if pixel clock is 241.5 MHz * firmware: arm_dt: Look for ethernet0 before ethernet * firmware: arm_dt: Set PCIe dma-ranges from memory size * firmware: hdmi: HDMI SM clock must not run slower than audio MAI clock … See: #1295 * firmware: arm_loader: Pass video mode via kernel command for composite (master) See: #1285 * firmware: power: Use Pi4 PMIC values on Pi3+ * firmware: Fix filtered handling of array variables See: #1296 * firmware: Update libfdt to v1.5.1+ See: raspberrypi/userland#582 * firmware: dtoverlay: Extend DT parameter syntax * firmware: memorymap: Include FW revision in start.elf ++++ raspberrypi-firmware-config: - Update to 0c01dbefba (2019-12-11): * firmware: platform: Allow fixed voltage with avs_disable=1 * firmware: EMMC: Use PLLD for EMMC for 250MHz host-clock See: #1289 * firmware: platform: Round down effective frequencies when they exceed max See: #1290 * firmware: arm_loader: Pass video mode via kernel command for composite See: #1285 * firmware: Fix lens shading table generation buglet See: https://www.raspberrypi.org/forums/viewtopic.php?f=43&t=190586&start=75#p1534672 * firmware: hdmi: Use RB2 timing for 2560x1440@60 if pixel clock is 241.5 MHz * firmware: arm_dt: Look for ethernet0 before ethernet * firmware: arm_dt: Set PCIe dma-ranges from memory size * firmware: hdmi: HDMI SM clock must not run slower than audio MAI clock … See: #1295 * firmware: arm_loader: Pass video mode via kernel command for composite (master) See: #1285 * firmware: power: Use Pi4 PMIC values on Pi3+ * firmware: Fix filtered handling of array variables See: #1296 * firmware: Update libfdt to v1.5.1+ See: raspberrypi/userland#582 * firmware: dtoverlay: Extend DT parameter syntax * firmware: memorymap: Include FW revision in start.elf ++++ yast2: - Yast2::ServiceWidget: By default, propose to reload or restart the service when it is active (bsc#1158946) - 4.2.49 - Added helper to create UI sort-key term (bsc#1140018) - 4.2.48 ------------------------------------------------------------------ ------------------ 2019-12-18 - Dec 18 2019 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - make sure p11-kit with patches is installed on SLE (boo#1154871) ++++ dmidecode: Partial support for SMBIOS 3.3.0: - dmidecode-add-enumerated-values-from-smbios-3.3.0.patch: Add enumerated values from SMBIOS 3.3.0 (bsc#1153533 bsc#1158833 jsc#SLE-10875). 3 recommended fixes from upstream: - dmidecode-only-scan-dev-mem-for-entry-point-on-x86.patch: Only scan /dev/mem for entry point on x86 (fixes reboot on ARM64). - dmidecode-fix-formatting-of-tpm-table-output.patch: Fix formatting of TPM table output (missing newlines). - dmidecode-fix-system-slot-information-for-pcie-ssd.patch: Fix System Slot Information for PCIe SSD. ++++ python-kiwi: - Fix grub2 configuration for shim fallback setup If shim fallback setup is enabled the grub.cfg is copied to the EFI partition. This commit makes sure that the grub.cfg is copied to the EFI partition according to the efi mount point. Fixes bsc#1159235 ++++ kernel-default: - ASoC: wm8962: fix lambda value (git-fixes). - ASoC: SOF: Intel: split cht and byt debug window sizes (git-fixes). - ASoC: SOF: loader: fix snd_sof_fw_parse_ext_data (git-fixes). - ASoC: SOF: loader: snd_sof_fw_parse_ext_data log warning on unknown header (git-fixes). - ASoC: simple-card: Don't create separate link when platform is present (git-fixes). - ASoC: topology: Check return value for soc_tplg_pcm_create() (git-fixes). - ASoC: topology: Check return value for snd_soc_add_dai_link() (git-fixes). - ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 (git-fixes). - ASoC: Intel: sst: Add missing include (git-fixes). - ASoC: max98090: fix possible race conditions (git-fixes). - ASoC: max98090: exit workaround earlier if PLL is locked (git-fixes). - ASoC: max98090: remove msleep in PLL unlocked workaround (git-fixes). - ASoC: AMD: Enable clk in startup intead of hw_params (git-fixes). - ASoC: rt5682: fix i2c arbitration lost issue (git-fixes). - ALSA: hda - Downgrade error message for single-cmd fallback (git-fixes). - ALSA: hda: Fix regression by strip mask fix (git-fixes). - ALSA: hda/ca0132 - Fix work handling in delayed HP detection (git-fixes). - ALSA: hda/ca0132 - Avoid endless loop (git-fixes). - ALSA: hda/ca0132 - Keep power on during processing DSP response (git-fixes). - ALSA: pcm: Avoid possible info leaks from PCM stream buffers (git-fixes). - commit 5704af7 - powerpc/archrandom: fix arch_get_random_seed_int() (bsc#1065729). - powerpc: Fix vDSO clock_getres() (bsc#1065729). - powerpc/powernv: Disable native PCIe port management (bsc#1065729). - commit 1064493 - ibmveth: Detect unsupported packets before sending to the hypervisor (bsc#1159484 ltc#182983). - commit 258fd08 - scsi: lpfc: size cpu map by last cpu id set (bsc#1157160). - scsi: lpfc: use hdwq assigned cpu for allocation (bsc#1157160). - commit b9fd3db - efi: Don't attempt to map RCI2 config table if it doesn't exist (git-fixes). - efi/earlycon: Remap entire framebuffer after page initialization (git-fixes). - libtraceevent: Fix memory leakage in copy_filter_type (git-fixes). - commit 360da09 - mailbox: tegra: Fix superfluous IRQ error message (git-fixes). - Revert "pinctrl: sh-pfc: r8a77990: Fix MOD_SEL1 bit31 when using SIM0_D" (git-fixes). - Revert "pinctrl: sh-pfc: r8a77990: Fix MOD_SEL1 bit30 when using SSI_SCK2 and SSI_WS2" (git-fixes). - commit aaa30e6 - regulator: rn5t618: fix module aliases (git-fixes). - regulator: core: fix regulator_register() error paths to properly release rdev (git-fixes). - spi: nxp-fspi: Ensure width is respected in spi-mem operations (git-fixes). - spi: sprd: Fix the incorrect SPI register (git-fixes). - spi: dw: Correct handling of native chipselect (git-fixes). - spi: cadence: Correct handling of native chipselect (git-fixes). - reset: Fix {of,devm}_reset_control_array_get kerneldoc return types (git-fixes). - reset: brcmstb: Remove resource checks (git-fixes). - commit 76e8bc6 - Update patch references for io_uring fixes (CVE-2019-19241 bsc#1159441) - commit a94274a - bpf: Force .BTF section start to zero when dumping from vmlinux (bsc#1154353). - libbpf: Fix Makefile' libbpf symbol mismatch diagnostic (bsc#1154353). - commit d383cb0 - bpf: Support pre-2.25-binutils objcopy for vmlinux BTF (bsc#1154353). - libbpf: handle symbol versioning properly for libbpf.a (bsc#1154353). - commit 04f1f8c - usb: dwc3: pci: add ID for the Intel Comet Lake -H variant (git-fixes). - xhci: fix USB3 device initiated resume race with roothub autosuspend (git-fixes). - usb: dwc3: gadget: Clear started flag for non-IOC (git-fixes). - USB: dummy-hcd: increase max number of devices to 32 (git-fixes). - commit b4a9fe8 - wil6210: check len before memcpy() calls (git-fixes). - commit b8cef66 - iio: ad7949: fix channels mixups (git-fixes). - iio: ad7949: kill pointless "readback"-handling code (git-fixes). - commit 172e59a - drm/i915/guc: Skip suspend/resume GuC action on platforms w/o GuC submission (git-fixes). - coresight: Serialize enabling/disabling a link device (git-fixes). - coresight: tmc-etr: Fix perf_data check (git-fixes). - commit ecf0694 - bus: ti-sysc: Fix missing reset delay handling (git-fixes). - blacklist.conf: - ASoC: SOF: topology: free kcontrol memory on error (git-fixes). - commit 4b0268c - rpm/kernel-subpackage-spec: Unify dependency handling. - commit f3b74b0 - Update patch references for reported CVEs (CVE-2019-18811 bsc#1159374 CVE-2019-19044 bsc#1159370 CVE-2019-19043 bsc#1159375) - commit 1b9a5c8 - ASoC: fsl_sai: add IRQF_SHARED (jsc#SLE-9316). - dmaengine: fsl-qdma: Handle invalid qdma-queue0 IRQ (jsc#SLE-9316). - ASoC: fsl_sai: Fix noise when using EDMA (jsc#SLE-9316). - dmaengine: fsl-edma: implement .device_synchronize callback (jsc#SLE-9316). - ASoC: fsl_sai: Implement set_bclk_ratio (jsc#SLE-9316). - ASoC: fsl_sai: Add support for imx8qm (jsc#SLE-9316). - ASoC: fsl_sai: Add support for imx7ulp/imx8mq (jsc#SLE-9316). - ASoC: fsl_sai: Add support for SAI new version (jsc#SLE-9316). - ASoC: fsl_sai: Update Tx/Rx channel enable mask (jsc#SLE-9316). - ASoC: fsl_sai: Add registers definition for multiple datalines (jsc#SLE-9316). - ASoC: sgtl5000: add ADC mute control (jsc#SLE-9316). - ASoC: sgtl5000: Fix definition of VAG Ramp Control (jsc#SLE-9316). - ASoC: fsl_sai: mark regmap as fast_io (jsc#SLE-9316). - ASoC: fsl_sai: derive TX FIFO watermark from FIFO depth (jsc#SLE-9316). - ASoC: fsl_sai: add of_match data (jsc#SLE-9316). - commit c78e5c0 - blacklist.conf: Yet another i915 entries that are already applied - commit 1d49d40 - fix mainline reference - fix Patch-mainline: patches.suse/efi-memreserve-Register-reservations-as-reserved-in-.patch - commit cc91804 - efi/memreserve: Register reservations as 'reserved' in /proc/iomem (jsc#SLE-9943). - commit b90e4d7 ++++ openssl-1_1: - Obsolete libopenssl-1_0_0-devel and libopenssl-1_0_0-hmac in order to avoid conflict upon upgrade from SLE-12 (bsc#1158499) ++++ zchunk: - Update to version 1.1.4: * Simplify regex for detecting part header info * Fix coverity warnings * Open files with permissions 0666 and let umask(2) do its job. * Multipart boundary field can be quoted. ++++ patterns-base: - Support multiversion(kernel) with purge-kernels.service separated from dracut (jsc#SLE-10162). ++++ slirp4netns: - Update to 0.4.3 * api: raise an error if the socket path is too long * libslirp: update to v4.1.0: Including the fix for libslirp sends RST to app in response to arriving FIN when containerized socket is shutdown() with SHUT_WR * Fix create_sandbox error ------------------------------------------------------------------ ------------------ 2019-12-17 - Dec 17 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Ensure no swap volume is added on btrfs When the selected filesystem is btrfs the volume manager is not LVM. In that case the swap partition is not volume, it is a completely independent partition. So that we cannot add and additional volume for swap when swap is specified in the description file. This patch fixes #1301 and fulfills #1297 ++++ fuse-overlayfs: - Update to v0.7.2 - introduce inodes cache - correctly read inode for unix sockets - avoid hash map lookup when possible - use st_dev for the ino key - check whether writeback is supported - set_attrs: don't require write to S_IFREG - ioctl: do not reuse fi->fh for directories - fix skip whiteout deletion optimization - store the new mode after chmod ++++ kdump: - kdump-calibrate-Update-values.patch: calibrate: Update values (bsc#1130529). - kdump-prefer-by-path-and-device-mapper.patch: Prefer by-path and device-mapper aliases over kernel device names (bsc#1101149, LTC#168532). ++++ kernel-default: - drm/hdcp: update content protection property with uevent (jsc#SLE-7953). - drm: uevent for connector status change (jsc#SLE-7953). - commit 8809d69 - blacklist.conf: Yet another couple of i915 entries - commit 1237ce0 - drm/i915/gvt: Fix cmd length check for MI_ATOMIC (jsc#SLE-7953). - commit da0f534 - drm/i915: Reduce nested prepare_remote_context() to a trylock (jsc#SLE-7953). - commit 0f19c08 - blacklist.conf: Add a few more i915 entries - commit b08d57a - blacklist.conf: Add a few more bogus fixes for i915 - commit 63135e3 - blacklist.conf: Remove entries that are marked already as No-Fix - commit f8b19cf - drm/i915/query: Align flavour of engine data lookup (jsc#SLE-7953). - commit 066f30e - drm: Fix kerneldoc warns in connector-related docs (jsc#SLE-7953). - blacklist.conf: - commit 78bad1b - drm/i915: Fix some NULL vs IS_ERR() conditions (jsc#SLE-7953). - commit af137f7 - drm/i915: Pull obj->userfault tracking under the ggtt->mutex (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Mark-contents-as-dirty-on-a-write-fault.patch. - commit 4e3c83d - drm/i915: Generalise the clflush dma-worker (jsc#SLE-7953). - commit 6efd408 - drm/i915: Allow sharing the idle-barrier from other kernel requests (jsc#SLE-7953). - drm/i915: Lift timeline into intel_context (jsc#SLE-7953). - blacklist.conf: - Refresh patches.suse/drm-i915-Defer-final-intel_wakeref_put-to-process-co.patch. - commit f2b1359 - drm/i915: extract i915_suspend.h from i915_drv.h (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Remove-Master-tables-from-cmdparser.patch. - Refresh patches.suse/drm-i915-cmdparser-Add-support-for-backward-jumps.patch. - commit c0ae53a - drm/i915: extract i915_perf.h from i915_drv.h (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Remove-Master-tables-from-cmdparser.patch. - Refresh patches.suse/drm-i915-cmdparser-Add-support-for-backward-jumps.patch. - commit 9d4c2ab - drm/i915: Defer final intel_wakeref_put to process context (jsc#SLE-7953). - Refresh patches.suse/drm-i915-gen8-Add-RC6-CTX-corruption-WA.patch. - commit dd53316 - drm/i915: split out intel_pch.[ch] from i915_drv.[ch] (jsc#SLE-7953). - Refresh patches.suse/drm-i915-cml-Add-second-PCH-ID-for-CMP.patch. - commit 2861115 - drm/i915: Isolate i915_getparam_ioctl() (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Disable-Secure-Batches-for-gen6.patch. - commit 49cdd5f - drm/i915: rename intel_drv.h to display/intel_display_types.h (jsc#SLE-7953). - Refresh patches.suse/0001-drm-i915-Preload-LUTs-if-the-hw-isn-t-currently-usin.patch. - Refresh patches.suse/drm-i915-avoid-including-intel_drv.h-via-i915_drv.h-.patch. - commit d61e385 - drm/i915/gt: Move the [class][inst] lookup for engines onto the GT (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Add-support-for-mandatory-cmdparsing.patch. - commit a00ddad - drm/i915/gem: Make caps.scheduler static (jsc#SLE-7953). - commit 9158743 - drm/i915: Replace struct_mutex for batch pool serialisation (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Remove-Master-tables-from-cmdparser.patch. - Refresh patches.suse/drm-i915-Support-ro-ppgtt-mapped-cmdparser-shadow-bu.patch. - Refresh patches.suse/drm-i915-cmdparser-Add-support-for-backward-jumps.patch. - commit 54224b5 - drm/i915/tgl: Add and use new DC5 and DC6 residency counter registers (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Lower-RM-timeout-to-avoid-DSI-hard-hangs.patch. - commit f24e88e - drm/i915/oa: add content to Makefile (jsc#SLE-7953). - commit 14f0c49 - drm/i915/tgl: Update north display hotplug detection to TGL connections (jsc#SLE-7953). - drm/i915/tgl: Add hpd interrupt handling (jsc#SLE-7953). - commit d733dc7 - drm/hdcp: reference for srm file format (jsc#SLE-7953). - drm/i915: update the hdcp state with uevent (jsc#SLE-7953). - commit 5409f55 - drm/i915: Attach content type property (jsc#SLE-7953). - drm: Add Content protection type property (jsc#SLE-7953). - commit 8c5e79f - drm/i915/uc: Update drawing for firmware layout (jsc#SLE-7953). - commit bf9ef45 - drm/i915: Remove set but not used variable 'src_y' (jsc#SLE-7953). - Refresh patches.suse/0004-drm-i915-Fix-g4x-sprite-scaling-stride-check-with-GT.patch. - commit a67f62a - drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV (jsc#SLE-7953). - commit 2113501 - drm/i915/uc: move GuC and HuC files under gt/uc/ (jsc#SLE-7953). - commit 75e5ecf - drm/i915/gt: Use intel_gt as the primary object for handling resets (jsc#SLE-7953). - Refresh patches.suse/0001-drm-i915-Don-t-mix-srcu-tag-and-negative-error-codes.patch. - Refresh patches.suse/0001-drm-i915-Fix-and-improve-MCR-selection-logic.patch. - Refresh patches.suse/drm-i915-gen8-Add-RC6-CTX-corruption-WA.patch. - commit fc382c7 - drm/i915: Drop extern qualifiers from header function prototypes (jsc#SLE-7953). - Refresh patches.suse/0001-drm-i915-Fix-and-improve-MCR-selection-logic.patch. - Refresh patches.suse/drm-i915-Remove-Master-tables-from-cmdparser.patch. - Refresh patches.suse/drm-i915-cmdparser-Add-support-for-backward-jumps.patch. - commit c8d7893 - drm/i915/gtt: Compute the radix for gen8 page table levels (jsc#SLE-7953). - Refresh patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. - commit 55aec54 - drm/i915/gtt: Reorder gen8 ppgtt free/clear/alloc (jsc#SLE-7953). - Refresh patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. - commit a16779b - drm/i915/gtt: Wrap page_table with page_directory (jsc#SLE-7953). - Refresh patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. - commit 71fa45e - drm/i915: Add engine name to workaround debug print (jsc#SLE-7953). - drm/i915: Add test for invalid flag bits in whitelist entries (jsc#SLE-7953). - drm/i915: Implement read-only support in whitelist selftest (jsc#SLE-7953). - drm/i915/gtt: Use shallow dma pages for scratch (jsc#SLE-7953). - Refresh patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. - commit ec55c4b - drm/i915/userptr: Don't mark readonly objects as dirty (jsc#SLE-7953). - Refresh patches.suse/drm-i915-userptr-Try-to-acquire-the-page-lock-around.patch. - commit 848bfd7 - drm/i915/gtt: pde entry encoding is identical (jsc#SLE-7953). - Refresh patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. - commit 5787f30 - drm/i915: Markup potential lock for i915_active (jsc#SLE-7953). - commit bd27d8c - drm/i915/gem: Free pages before rcu-freeing the object (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Support-ro-ppgtt-mapped-cmdparser-shadow-bu.patch. - commit b98ab90 - drm/i915: whitelist PS_(DEPTH|INVOCATION)_COUNT (jsc#SLE-7953). - commit d4fc9d3 - drm/i915/execlists: Refactor CSB state machine (jsc#SLE-7953). - Refresh patches.suse/0003-drm-i915-execlists-Process-interrupted-context-on-re.patch. - commit c69c050 - drm/i915: Sanitize the TypeC FIA lane configuration decoding (jsc#SLE-7953). - commit 7967d8b - drm/i915: Factor out common parts from TypeC port handling functions (jsc#SLE-7953). - commit 5386d47 - drm/i915: Move the TypeC port handling code to a separate file (jsc#SLE-7953). - commit 5357220 - drm/i915: Convert most of atomic commit to take more intel state (jsc#SLE-7953). - Refresh patches.suse/0001-drm-i915-Preload-LUTs-if-the-hw-isn-t-currently-usin.patch. - commit 4494372 - drm/i915: Pass intel_crtc_state to needs_modeset() (jsc#SLE-7953). - Refresh patches.suse/0001-drm-i915-Preload-LUTs-if-the-hw-isn-t-currently-usin.patch. - commit 7360b01 - drm/i915: make intel_uc_fw.h self-contained (jsc#SLE-7953). - drm/i915: make intel_gvt.h self-contained (jsc#SLE-7953). - drm/i915: make intel_guc_reg.h self-contained (jsc#SLE-7953). - drm/i915: make intel_guc_fwif.h self-contained (jsc#SLE-7953). - drm/i915: make intel_guc_ct.h self-contained (jsc#SLE-7953). - drm/i915: make i915_vgpu.h self-contained (jsc#SLE-7953). - drm/i915: make i915_pvinfo.h self-contained (jsc#SLE-7953). - drm/i915: make i915_globals.h self-contained (jsc#SLE-7953). - drm/i915: make i915_fixed.h self-contained (jsc#SLE-7953). - drm/i915: add header search path to subdir Makefiles (jsc#SLE-7953). - drm/i915: prefix header search path with $(srctree)/ (jsc#SLE-7953). - drm/i915: Move OA files to separate folder (jsc#SLE-7953). - commit f862e29 - drm/i915/icl: Add new supported CD clocks (jsc#SLE-7953). - commit cc4a25c - drm/i915/selftests: Fixup atomic reset checking (jsc#SLE-7953). - commit 0758444 - drm/i915: Rename intel_wakeref_[is]_active (jsc#SLE-7953). - commit d288f43 - drm/i915/gt: Pass intel_gt to pm routines (jsc#SLE-7953). - Refresh patches.suse/drm-i915-Perform-GGTT-restore-much-earlier-during-re.patch. - Refresh patches.suse/drm-i915-gen8-Add-RC6-CTX-corruption-WA.patch. - commit a064bcc - arm64: ls1028a: enable audio support References: jsc#SLE-9316 - commit a7cdc29 - drm/i915: Prevent dereference of engine before NULL check in error capture (jsc#SLE-7953). - commit e9d652e - drm/i915: Rename i915_timeline to intel_timeline and move under gt (jsc#SLE-7953). - Refresh patches.suse/drm-i915-cmdparser-Add-support-for-backward-jumps.patch. - commit be168f4 - drm/i915: Save trip via top-level i915 in a few more places (jsc#SLE-7953). - commit 0ade10c - drm/i915: Move i915_gem_chipset_flush to intel_gt (jsc#SLE-7953). - commit cdfa7d6 - drm/i915: Stop using I915_READ/WRITE in intel_wopcm_init_hw (jsc#SLE-7953). - commit 6bfe1a1 - drm/i915: Convert i915_gem_init_hw to intel_gt (jsc#SLE-7953). - commit 01ae127 - drm/i915: Convert intel_mocs_init_l3cc_table to intel_gt (jsc#SLE-7953). - commit bc875ea - drm/i915: Move intel_gt_pm_init under intel_gt_init_early (jsc#SLE-7953). - commit cd30738 - drm/i915/execlists: Preempt-to-busy (jsc#SLE-7953). - Refresh patches.suse/0001-drm-i915-execlists-Always-clear-pending-inflight-req.patch. - Refresh patches.suse/0003-drm-i915-execlists-Process-interrupted-context-on-re.patch. - commit 4d9e5f4 - drm/i915/gvt: decouple check_vgpu() from uncore_init() (jsc#SLE-7953). - Refresh patches.suse/drm-i915-to-make-vgpu-ppgtt-notificaiton-as-atomic-o.patch. - commit 97898e8 - drm/i915/fbdev: Restore physical addresses for fb_mmap() (jsc#SLE-7953). - drm/i915: make pool objects read-only (jsc#SLE-7953). - drm/i915: Protect request peeking with RCU (jsc#SLE-7953). - drm/i915/tgl: MOCS table update (jsc#SLE-7953). - drm/i915/dp: Do not switch aux to TBT mode for non-TC ports (jsc#SLE-7953). - drm/i915/tgl: Fix doc not corresponding to code (jsc#SLE-7953). - drm/i915: Fixup preempt-to-busy vs resubmission of a virtual request (jsc#SLE-7953). - drm/i915/execlists: Refactor -EIO markup of hung requests (jsc#SLE-7953). - drm/i915/gt: execlists->active is serialised by the tasklet (jsc#SLE-7953). - drm/i915/execlists: Protect peeking at execlists->active (jsc#SLE-7953). - drm/i915: Fixup preempt-to-busy vs reset of a virtual request (jsc#SLE-7953). - drm/i915: Only enqueue already completed requests (jsc#SLE-7953). - drm/i915/execlists: Drop redundant list_del_init(&rq->sched.link) (jsc#SLE-7953). - drm/i915: Prevent bonded requests from overtaking each other on preemption (jsc#SLE-7953). - drm/i915: Verify the engine after acquiring the active.lock (jsc#SLE-7953). - drm/i915/execlists: Remove incorrect BUG_ON for schedule-out (jsc#SLE-7953). - Revert "drm/i915: Fix DP-MST crtc_mask" (jsc#SLE-7953). - drm/i915: Use NOEVICT for first pass on attemping to pin a GGTT mmap (jsc#SLE-7953). - drm/i915: Flush the existing fence before GGTT read/write (jsc#SLE-7953). - drm/i915: Hold irq-off for the entire fake lock period (jsc#SLE-7953). - drm/i915/gvt: update RING_START reg of vGPU when the context is submitted to i915 (jsc#SLE-7953). - drm/i915: Select DMABUF_SELFTESTS for the default i915.ko debug build (jsc#SLE-7953). - drm/i915: Update DRIVER_DATE to 20190822 (jsc#SLE-7953). - drm/i915: Replace i915_vma_put_fence() (jsc#SLE-7953). - drm/i915: Track ggtt fence reservations under its own mutex (jsc#SLE-7953). - drm/i915/selftests: Fixup a couple of missing serialisation with vma (jsc#SLE-7953). - drm/i915/gtt: Add some range asserts (jsc#SLE-7953). - drm/i915/execlists: Set priority hint prior to submission (jsc#SLE-7953). - drm/i915: Replace PIN_NONFAULT with calls to PIN_NOEVICT (jsc#SLE-7953). - drm/i915/gtt: Include asm/smp.h (jsc#SLE-7953). - drm/i915/hdmi: make hdcp2_msg_data const (jsc#SLE-7953). - drm/i915/hdmi: stylistic cleanup around hdcp2_msg_data (jsc#SLE-7953). - drm/i915/dp: make hdcp2_dp_msg_data const (jsc#SLE-7953). - drm/i915/dp: avoid shadowing variables (jsc#SLE-7953). - drm/i915/dp: stylistic cleanup around hdcp2_msg_data (jsc#SLE-7953). - drm/i915/gtt: Relax assertion for pt_used (jsc#SLE-7953). - drm/i915: Fix DP-MST crtc_mask (jsc#SLE-7953). - drm/i915/tgl: update DMC firmware to 2.04 (jsc#SLE-7953). - drm/i915/tgl: Move transcoders to pipes' powerwells (jsc#SLE-7953). - drm/i915/tgl: add support for reading the timestamp frequency (jsc#SLE-7953). - drm/i915/tgl: disable DDIC (jsc#SLE-7953). - drm/i915: Update DRIVER_DATE to 20190820 (jsc#SLE-7953). - drm/i915/gtt: Relax pd_used assertion (jsc#SLE-7953). - drm/i915: Dynamically allocate s0ix struct for VLV (jsc#SLE-7953). - drm/i915/tgl: Gen12 render context size (jsc#SLE-7953). - drm/i915/tgl: Updated Private PAT programming (jsc#SLE-7953). - drm/i915/tgl: Introduce initial Tiger Lake workarounds (jsc#SLE-7953). - drm/i915/tgl: Gen12 csb support (jsc#SLE-7953). - drm/i915/tgl: add GEN12_MAX_CONTEXT_HW_ID (jsc#SLE-7953). - drm/i915/tgl: add Gen12 default indirect ctx offset (jsc#SLE-7953). - drm/i915/tgl: Report valid VDBoxes with SFC capability (jsc#SLE-7953). - drm/i915: Be defensive when starting vma activity (jsc#SLE-7953). - drm/i915: Serialize insertion into the file->mm.request_list (jsc#SLE-7953). - drm/i915: Sanitize PHY state during display core uninit (jsc#SLE-7953). - drm/i915: Assume exclusive access to objects inside resume (jsc#SLE-7953). - drm/i915: Use 0 for the unordered context (jsc#SLE-7953). - drm/i915: i915_active.retire() is optional (jsc#SLE-7953). - drm/i915/gen11: Allow usage of all GPIO pins (jsc#SLE-7953). - drm/i915: Serialize against vma moves (jsc#SLE-7953). - drm/i915: Only emit the 'send bug report' once for a GPU hang (jsc#SLE-7953). - drm/i915/gt: Mark up the nested engine-pm timeline lock as irqsafe (jsc#SLE-7953). - drm/i915: Always wrap the ring offset before resetting (jsc#SLE-7953). - drm/i915: Propagate fence errors (jsc#SLE-7953). - drm/i915/uc: Never fail on HuC firmware errors (jsc#SLE-7953). - drm/i915/uc: Don't always fail on unavailable GuC firmware (jsc#SLE-7953). - drm/i915/guc: Don't open log relay if GuC is not running (jsc#SLE-7953). - drm/i915/uc: Never fail on uC preparation step (jsc#SLE-7953). - drm/i915/uc: Cleanup fw fetch on every GuC/HuC init failure (jsc#SLE-7953). - drm/i915/uc: Cleanup fw fetch only if it was successful (jsc#SLE-7953). - drm/i915/selftests: Check the context size (jsc#SLE-7953). - drm/i915/gtt: Fold gen8 insertions into one (jsc#SLE-7953). - drm/i915/uc: Add explicit DISABLED state for firmware (jsc#SLE-7953). - drm/i915: Wrappers for display register waits (jsc#SLE-7953). - drm/i915: Move gmbus definitions out of i915_reg.h (jsc#SLE-7953). - drm/i915: Move engine IDs out of i915_reg.h (jsc#SLE-7953). - drm/i915: Move i915_power_well_id out of i915_reg.h (jsc#SLE-7953). - drm/i915/execlists: Lift process_csb() out of the irq-off spinlock (jsc#SLE-7953). - drm/i915: Markup expected timeline locks for i915_active (jsc#SLE-7953). - drm/i915/gt: Mark context->active_count as protected by timeline->mutex (jsc#SLE-7953). - drm/i915/wopcm: Fix SPDX tag location (jsc#SLE-7953). - drm/i915/wopcm: Update error messages (jsc#SLE-7953). - drm/i915/wopcm: Try to use already locked WOPCM layout (jsc#SLE-7953). - drm/i915/wopcm: Check WOPCM layout separately from calculations (jsc#SLE-7953). - drm/i915/uc: Move FW size sanity check back to fetch (jsc#SLE-7953). - drm/i915/buddy: use kmemleak_update_trace (jsc#SLE-7953). - drm/i915/buddy: tidy up i915_buddy_fini (jsc#SLE-7953). - drm/i915: Use the associated uncore for the vm (jsc#SLE-7953). - drm/i915: Extract intel_frontbuffer active tracking (jsc#SLE-7953). - drm/i915: Protect request retirement with timeline->mutex (jsc#SLE-7953). - drm/i915/gt: Guard timeline pinning without relying on struct_mutex (jsc#SLE-7953). - drm/i915/gt: Convert timeline tracking to spinlock (jsc#SLE-7953). - drm/i915/gt: Track timeline activeness in enter/exit (jsc#SLE-7953). - drm/i915: Move tasklet kicking to __i915_request_queue caller (jsc#SLE-7953). - drm/i915/icl: Add gen11 specific render breadcrumbs (jsc#SLE-7953). - drm/i915/icl: Add command cache invalidate (jsc#SLE-7953). - drm/i915/icl: Implement gen11 flush including tile cache (jsc#SLE-7953). - drm/i915/selftest/buddy: fixup igt_buddy_alloc_range (jsc#SLE-7953). - drm/i915: Convert a few more bland dmesg info to be device specific (jsc#SLE-7953). - drm/i915: Serialise read/write of the barrier's engine (jsc#SLE-7953). - drm/i915: Print CCID for all renderCS (jsc#SLE-7953). - drm/i915: Disregard drm_mode_config.fb_base (jsc#SLE-7953). - drm/i915: Include engine->mmio_base in the debug dump (jsc#SLE-7953). - drm/i915/guc: Remove client->submissions (jsc#SLE-7953). - drm/i915: Update DRIVER_DATE to 20190813 (jsc#SLE-7953). - drm/i915: Add _TRANS2() (jsc#SLE-7953). - drm/i915/bdw+: Move misc display IRQ handling to it own function (jsc#SLE-7953). - drm/i915/gvt: Double check batch buffer size after copy (jsc#SLE-7953). - drm/i915/gvt: Add valid length check for MI variable commands (jsc#SLE-7953). - drm/i915/gvt: Add MI command valid length check (jsc#SLE-7953). - drm/i915/gvt: Utility for valid command length check (jsc#SLE-7953). - drm/i915/gvt: factor out tlb and mocs register offset table (jsc#SLE-7953). - drm/i915/gvt: no need to check return value of debugfs_create functions (jsc#SLE-7953). - drm/i915/gvt: Fix typo of VBLANK_TIMER_PERIOD (jsc#SLE-7953). - drm/i915/kvmgt: Use struct_size() helper (jsc#SLE-7953). - drm/i915/gt: Save/restore interrupts around breadcrumb disable (jsc#SLE-7953). - drm/i915: Push the wakeref->count deferral to the backend (jsc#SLE-7953). - drm/i915/tgl: Fix missing parentheses on TGL_TRANS_DDI_FUNC_CTL_VAL_TO_PORT (jsc#SLE-7953). - drm/i915/uc: Log fw status changes only under debug config (jsc#SLE-7953). - drm/i915/guc: Use a local cancel_port_requests (jsc#SLE-7953). - drm/i915: drop engine_pin/unpin_breadcrumbs_irq (jsc#SLE-7953). - drm/i915/guc: keep breadcrumb irq always enabled (jsc#SLE-7953). - drm/i915/overlay: Switch to using i915_active tracking (jsc#SLE-7953). - drm/i915: Forgo last_fence active request tracking (jsc#SLE-7953). - drm/i915: Extract general GT interrupt handlers (jsc#SLE-7953). - drm/i915: Extract GT powermanagement interrupt handling (jsc#SLE-7953). - drm/i915/gt: Use the local engine wakeref when checking RING registers (jsc#SLE-7953). - drm/i915/selftests: Prevent the timeslice expiring during suppression tests (jsc#SLE-7953). - drm/i915/execlists: Avoid sync calls during park (jsc#SLE-7953). - drm/i915/uc: Update copyright and license (jsc#SLE-7953). - drm/i915/tgl: Fixing up list of PG3 power domains (jsc#SLE-7953). - drm/i915/icl: Remove DDI IO power domain from PG3 power domains (jsc#SLE-7953). - drm/i915/uc: Use -EIO code for GuC initialization failures (jsc#SLE-7953). - drm/i915/uc: Update messages from fw upload step (jsc#SLE-7953). - drm/i915/uc: Include HuC firmware version in summary (jsc#SLE-7953). - drm/i915/uc: Fail early if there is no GuC fw available (jsc#SLE-7953). - drm/i915: Remove unused debugfs/i915_emon_status (jsc#SLE-7953). - drm/i915: buddy allocator (jsc#SLE-7953). - drm/i915/blt: support copying objects (jsc#SLE-7953). - drm/i915/gtt: disable 2M pages for pre-gen11 (jsc#SLE-7953). - drm/i915/gtt: enable GTT cache by default (jsc#SLE-7953). - drm/i915/selftests: move gpu-write-dw into utils (jsc#SLE-7953). - drm/i915/blt: bump the size restriction (jsc#SLE-7953). - drm/i915/blt: don't assume pinned intel_context (jsc#SLE-7953). - drm/i915: split out uncore_mmio_debug (jsc#SLE-7953). - drm/i915: Stop reconfiguring our shmemfs mountpoint (jsc#SLE-7953). - drm/i915: Push the ring creation flags to the backend (jsc#SLE-7953). - drm/i915/gt: Make deferred context allocation explicit (jsc#SLE-7953). - drm/i915: Remove i915_gem_context_create_gvt() (jsc#SLE-7953). - drm/i915: Drop the fudge warning on ring restart for ctg/elk (jsc#SLE-7953). - drm/i915: Generalise BSD default selection (jsc#SLE-7953). - drm/i915: Replace global bsd_dispatch_index with random seed (jsc#SLE-7953). - drm/i915: Check for a second VCS engine more carefully (jsc#SLE-7953). - drm/i915/execlists: Backtrack along timeline (jsc#SLE-7953). - drm/i915: Free the imported shmemfs file for phys objects (jsc#SLE-7953). - drm/i915: extract i915_gem_shrinker.h from i915_drv.h (jsc#SLE-7953). - drm/i915: extract gem/i915_gem_stolen.h from i915_drv.h (jsc#SLE-7953). - drm/i915: extract i915_memcpy.h from i915_drv.h (jsc#SLE-7953). - drm/i915: extract i915_sysfs.h from i915_drv.h (jsc#SLE-7953). - drm/i915: move printing and load error inject to i915_utils.[ch] (jsc#SLE-7953). - drm/i915: move I915_STATE_WARN() and _ON() to intel_display.h (jsc#SLE-7953). - drm/i915: move add_taint_for_CI() to i915_utils.h (jsc#SLE-7953). - drm/i915: remove unused dev_priv->no_aux_handshake (jsc#SLE-7953). - drm/i915: Make debugfs/per_file_stats scale better (jsc#SLE-7953). - drm/i915: Only include active engines in the capture state (jsc#SLE-7953). - drm/i915/selftests: Fixup a missing legacy_idx (jsc#SLE-7953). - drm/i915/tgl: Fix the read of the DDI that transcoder is attached to (jsc#SLE-7953). - drm/i915: Get transcoder power domain before reading its register (jsc#SLE-7953). - drm/i915: Fix up the inverse mapping for default ctx->engines[] (jsc#SLE-7953). - drm/i915: Allocate kernel_contexts directly (jsc#SLE-7953). - drm/i915/selftests: Pass intel_context to mock_request (jsc#SLE-7953). - drm/i915/tgl/dsi: Enable blanking packets during BLLP for video mode (jsc#SLE-7953). - drm/i915/tgl: Add mipi dsi support for TGL (jsc#SLE-7953). - drm/i915/tgl/dsi: Gate the ddi clocks after pll mapping (jsc#SLE-7953). - drm/i915/tgl/dsi: Do not override TA_SURE (jsc#SLE-7953). - drm/i915/tgl/dsi: Set latency PCS_DW1 for tgl (jsc#SLE-7953). - drm/i915/tgl/dsi: Program TRANS_VBLANK register (jsc#SLE-7953). - drm/i915/uc: Hardening firmware fetch (jsc#SLE-7953). - drm/i915/uc: WOPCM programming errors are not always real (jsc#SLE-7953). - drm/i915: Make wopcm_to_i915() private (jsc#SLE-7953). - drm/i915: Don't try to partition WOPCM without GuC firmware (jsc#SLE-7953). - drm/i915/uc: Don't fetch HuC fw if GuC fw fetch already failed (jsc#SLE-7953). - drm/i915/uc: HuC firmware can't be supported without GuC (jsc#SLE-7953). - drm/i915/uc: Prefer dev_info for reporting options (jsc#SLE-7953). - drm/i915/perf: Refactor oa object to better manage resources (jsc#SLE-7953). - drm/i915: Include the DRIVER_DATE in the error state (jsc#SLE-7953). - drm/i915: Use intel_engine_lookup_user for probing HAS_BSD etc (jsc#SLE-7953). - drm/i915: Rename engines to match their user interface (jsc#SLE-7953). - drm/i915: Drop expectations of VM_IO from our GGTT mmappings (jsc#SLE-7953). - drm/i915: abstract display suspend/resume operations (jsc#SLE-7953). - drm/i915: move property enums to intel_display_types.h (jsc#SLE-7953). - drm/i915: remove unnecessary includes of intel_display_types.h header (jsc#SLE-7953). - drm/i915: avoid including intel_drv.h via i915_drv.h->i915_trace.h (jsc#SLE-7953). - drm/i915/tc: un-inline intel_tc_port_ref_held() (jsc#SLE-7953). - drm/i915/mst: un-inline intel_dp_mst_encoder_active_links() (jsc#SLE-7953). - drm/i915/bw: make intel_atomic_get_bw_state() static (jsc#SLE-7953). - drm/i915/irq: un-inline functions to avoid i915_drv.h include (jsc#SLE-7953). - drm/i915/sprite: un-inline icl_is_hdr_plane() (jsc#SLE-7953). - drm/i915: move intel_display.c function declarations (jsc#SLE-7953). - drm/i915/dmc: Load DMC on TGL (jsc#SLE-7953). - drm/i915: Use drm_i915_private directly from drv_get_drvdata() (jsc#SLE-7953). - drm/i915/gt: Remove stale kerneldoc for internal MOCS functions (jsc#SLE-7953). - drm/i915/uc: Don't fail on HuC early init errors (jsc#SLE-7953). - drm/i915/uc: Remove redundant GuC support checks (jsc#SLE-7953). - drm/i915/huc: Prefer intel_huc_is_supported (jsc#SLE-7953). - drm/i915/guc: Prefer intel_guc_is_submission_supported (jsc#SLE-7953). - drm/i915: Teach execbuffer to take the engine wakeref not GT (jsc#SLE-7953). - drm/i915: Flush the freed object list on file close (jsc#SLE-7953). - drm/i915: Hide unshrinkable context objects from the shrinker (jsc#SLE-7953). - drm/i915/wopcm: Don't fail on WOPCM partitioning failure (jsc#SLE-7953). - drm/i915/uc: Inject probe errors into intel_uc_init_hw (jsc#SLE-7953). - drm/i915/uc: Move GuC error log to uc and release it on fini (jsc#SLE-7953). - drm/i915/uc: Reorder firmware status codes (jsc#SLE-7953). - drm/i915/uc: Do full sanitize instead of pure reset (jsc#SLE-7953). - drm/i915: Add i915 to i915_inject_probe_failure (jsc#SLE-7953). - drm/i915: Report resv_obj allocation failure (jsc#SLE-7953). - drm/i915: Fix documentation for __intel_wait_for_register_fw* (jsc#SLE-7953). - drm/i915/oa: update the generated files (jsc#SLE-7953). - drm/i915: Flush extra hard after writing relocations through the GTT (jsc#SLE-7953). - drm/i915/pmu: Atomically acquire the gt_pm wakeref (jsc#SLE-7953). - drm/i915/pmu: Make get_rc6 take intel_gt (jsc#SLE-7953). - drm/i915/pmu: Convert sampling to gt (jsc#SLE-7953). - drm/i915/pmu: Convert engine sampling to uncore mmio (jsc#SLE-7953). - drm/i915/pmu: Make more struct i915_pmu centric (jsc#SLE-7953). - drm/i915/tgl: allow the reg_read ioctl to read the RCS TIMESTAMP register (jsc#SLE-7953). - drm/i915/uc: Stop sanitizing enable_guc modparam (jsc#SLE-7953). - drm/i915/guc: Use dedicated flag to track submission mode (jsc#SLE-7953). - drm/i915/uc: Consider enable_guc modparam during fw selection (jsc#SLE-7953). - drm/i915/uc: Rename intel_uc_is_using* into intel_uc_supports* (jsc#SLE-7953). - drm/i915/gt: Introduce intel_gt_runtime_suspend/resume (jsc#SLE-7953). - drm/i915/uc: Move uC early functions inside the GT ones (jsc#SLE-7953). - drm/i915/gt: Move gt_cleanup_early out of gem_cleanup_early (jsc#SLE-7953). - drm/i915: Remove lrc default desc from GEM context (jsc#SLE-7953). - drm/i915/ehl: Don't forget to handle port C's hotplug interrupts (jsc#SLE-7953). - drm/i915/ehl: Ungate DDIC and DDID (jsc#SLE-7953). - drm/i915: Move MOCS setup to intel_mocs.c (jsc#SLE-7953). - drm/i915/tgl: Tigerlake only has global MOCS registers (jsc#SLE-7953). - drm/i915/tgl: Define MOCS entries for Tigerlake (jsc#SLE-7953). - drm/i915/tgl: stop using ERROR_GEN6 and DONE_REG (jsc#SLE-7953). - drm/i915/tgl: Move fault registers to their new offset (jsc#SLE-7953). - drm/i915: remove dangling forward declaration (jsc#SLE-7953). - drm/i915/uc: Move uC WOPCM setup in uc_init_hw (jsc#SLE-7953). - drm/i915/uc: Don't enable communication twice on resume (jsc#SLE-7953). - drm/i915/selftests: Pass intel_context to igt_spinner (jsc#SLE-7953). - drm/i915: Avoid ce->gem_context->i915 (jsc#SLE-7953). - drm/i915: make i915_selftest.h self-contained (jsc#SLE-7953). - drm/i915/tgl: handle DP aux interrupts (jsc#SLE-7953). - drm/i915: stop using seqcount for fence pruning (jsc#SLE-7953). - drm/i915: remove irrelevant DRM_UNLOCKED flag (jsc#SLE-7953). - drm/i915: Update DRIVER_DATE to 20190730 (jsc#SLE-7953). - drm/i915/gt: Provide a local intel_context.vm (jsc#SLE-7953). - drm/i915: Move aliasing_ppgtt underneath its i915_ggtt (jsc#SLE-7953). - drm/i915: Inline engine->init_context into its caller (jsc#SLE-7953). - drm/i915: use upstream version of header tests (jsc#SLE-7953). - drm/i915/uc: Don't fail on HuC firmware failure (jsc#SLE-7953). - drm/i915: Flush the i915_vm_release before ggtt shutdown (jsc#SLE-7953). - drm/i915/selftests: Careful not to flush hang_fini on error setups (jsc#SLE-7953). - drm/i915/uc: Fixup kerneldoc after params were flipped and renamed (jsc#SLE-7953). - drm/i915/tgl: update ddi/tc clock_off bits (jsc#SLE-7953). - drm/i915/tgl: select correct bit for port select (jsc#SLE-7953). - drm/i915/tgl: skip setting PORT_CL_DW12_* on initialization (jsc#SLE-7953). - drm/i915/uc: Remove redundant RSA offset definition (jsc#SLE-7953). - drm/i915/uc: Remove redundant ucode offset definition (jsc#SLE-7953). - drm/i915/uc: Remove redundant header_offset/size definitions (jsc#SLE-7953). - drm/i915/gt: Add to timeline requires the timeline mutex (jsc#SLE-7953). - drm/i915/uc: Don't sanitize guc_log_level modparam (jsc#SLE-7953). - drm/i915: Do not rely on for loop caching the mask (jsc#SLE-7953). - drm/i915/perf: Initialise err to 0 before looping over ce->engines (jsc#SLE-7953). - drm/i915/guc: init submission structures as part of guc_init (jsc#SLE-7953). - drm/i915/uc: Reorder params in intel_uc_fw_fetch (jsc#SLE-7953). - drm/i915: Capture vma contents outside of spinlock (jsc#SLE-7953). - drm/i915/uc: Move uc firmware layout definitions to dedicated file (jsc#SLE-7953). - drm/i915/uc: Unify uC firmware upload (jsc#SLE-7953). - drm/i915/uc: Plumb the gt through fw_upload (jsc#SLE-7953). - drm/i915/huc: Copy huc rsa only once (jsc#SLE-7953). - drm/i915/uc: Move xfer rsa logic to common function (jsc#SLE-7953). - drm/i915/uc: Unify uc_fw status tracking (jsc#SLE-7953). - drm/i915/uc: Unify uC FW selection (jsc#SLE-7953). - drm/i915: Fix handling of non-supported uC (jsc#SLE-7953). - drm/i915/uc: Unify uC platform check (jsc#SLE-7953). - drm/i915/guc: Set GuC init params only once (jsc#SLE-7953). - drm/i915: Use dev_get_drvdata (jsc#SLE-7953). - drm/i915/huc: fix status check (jsc#SLE-7953). - drm/i915: Squelch nop wait-for-idle trace (jsc#SLE-7953). - drm/i915/selftests: Let igt_vma_partial et al breathe (jsc#SLE-7953). - drm/i915/uc: Sanitize uC when GT is sanitized (jsc#SLE-7953). - drm/i915/uc: Gt-fy uc reset (jsc#SLE-7953). - drm/i915: Add HDCP capability info to i915_display_info (jsc#SLE-7953). - drm/i915: Rely on spinlock protection for GPU error capture (jsc#SLE-7953). - drm/i915/gt: Hook up intel_context_fini() (jsc#SLE-7953). - drm/i915: Remove obsolete engine cleanup (jsc#SLE-7953). - drm/i915/gtt: Fix rounding for 36b (jsc#SLE-7953). - drm/i915/dsi: remove set but not used variable 'hfront_porch' (jsc#SLE-7953). - drm/i915/gtt: Don't try to clear failed empty pd allocation (jsc#SLE-7953). - drm/i915/gtt: Correct unshifted 'from' for gen8_ppgtt_alloc errors (jsc#SLE-7953). - Revert "drm/i915: Update description of i915.enable_guc modparam" (jsc#SLE-7953). - Revert "drm/i915/guc: Turn on GuC/HuC auto mode" (jsc#SLE-7953). - drm/i915/icl: Add Wa_1409178092 (jsc#SLE-7953). - drm/i915/icl: Verify engine workarounds in GEN8_L3SQCREG4 (jsc#SLE-7953). - drm/i915: Skip CS verification of L3 bank registers (jsc#SLE-7953). - drm/i915/execlists: Cancel breadcrumb on preempting the virtual engine (jsc#SLE-7953). - drm/i915: Use maximum write flush for pwrite_gtt (jsc#SLE-7953). - drm/i915: Drop wmb() inside pread_gtt (jsc#SLE-7953). - drm/i915/ehl: Use an id of 4 while accessing DPLL4's CR0 and CR1 (jsc#SLE-7953). - drm/i915: Add gen8_de_pipe_fault_mask() (jsc#SLE-7953). - drm/i915/gt: Push engine stopping into reset-prepare (jsc#SLE-7953). - drm/i915: Update description of i915.enable_guc modparam (jsc#SLE-7953). - drm/i915/oa: Reconfigure contexts on the fly (jsc#SLE-7953). - drm/i915/gtt: Tidy up ppgtt insertion for gen8 (jsc#SLE-7953). - drm/i915/gtt: Recursive ppgtt alloc for gen8 (jsc#SLE-7953). - drm/i915/execlists: Disable preemption under GVT (jsc#SLE-7953). - drm/i915: Enable hotplug retry (jsc#SLE-7953). - drm/i915: Add support for retrying hotplug (jsc#SLE-7953). - drm/i915/ehl: Map MCC pins based on PHY, not port (jsc#SLE-7953). - drm/i915/selftests: Ignore self-preemption suppression under gvt (jsc#SLE-7953). - drm/i915/uc: kill uc_to_i915 (jsc#SLE-7953). - drm/i915/guc: prefer intel_gt in guc interrupt functions (jsc#SLE-7953). - drm/i915/uc: prefer intel_gt over i915 in GuC/HuC paths (jsc#SLE-7953). - drm/i915/uc: Move intel functions to intel_uc (jsc#SLE-7953). - drm/i915/uc: move GuC/HuC inside intel_gt under a new intel_uc (jsc#SLE-7953). - drm/i915/guc: unify guc irq handling (jsc#SLE-7953). - drm/i915/guc: move guc irq functions to intel_guc parameter (jsc#SLE-7953). - drm/i915/uc: introduce intel_uc_fw_supported (jsc#SLE-7953). - drm/i915/uc: replace uc init/fini misc (jsc#SLE-7953). - drm/i915/guc: Use system workqueue for log capture (jsc#SLE-7953). - drm/i915/tgl: add modular FIA to device info (jsc#SLE-7953). - drm/i915: Add modular FIA (jsc#SLE-7953). - drm/i915/gtt: Recursive ppgtt clear for gen8 (jsc#SLE-7953). - drm/i915/gtt: Recursive cleanup for gen8 (jsc#SLE-7953). - drm/i915/display: Drop kerneldoc for 'intel_atomic_commit' (jsc#SLE-7953). - drm/i915: Skip SINK_COUNT read on CH7511 (jsc#SLE-7953). - drm/i915/guc: Turn on GuC/HuC auto mode (jsc#SLE-7953). - drm/i915/guc: Don't enable GuC/HuC in auto mode on pre-Gen11 (jsc#SLE-7953). - drm/i915: Propagate "_probe" function name suffix down (jsc#SLE-7953). - drm/i915: Propagate "_remove" function name suffix down (jsc#SLE-7953). - drm/i915: Propagate "_release" function name suffix down (jsc#SLE-7953). - drm/i915: Replace "_load" with "_probe" consequently (jsc#SLE-7953). - drm/i915: Rename "_load"/"_unload" to match PCI entry points (jsc#SLE-7953). - drm/i915/gtt: Use NULL to encode scratch shadow entries (jsc#SLE-7953). - drm/i915/gtt: Convert vm->scratch into an array (jsc#SLE-7953). - drm/i915/gtt: Markup i915_ppgtt height (jsc#SLE-7953). - drm/i915/tgl: Update DPLL clock reference register (jsc#SLE-7953). - drm/i915/tgl: Add DPLL registers (jsc#SLE-7953). - drm/i915/tgl: Add vbt value mapping for DDC Bus pin (jsc#SLE-7953). - drm/i915/tgl: port to ddc pin mapping (jsc#SLE-7953). - drm/i915/tgl: Add gmbus gpio pin to port mapping (jsc#SLE-7953). - drm/i915/gen12: MBUS B credit change (jsc#SLE-7953). - drm/i915/tgl: apply Display WA #1178 to fix type C dongles (jsc#SLE-7953). - drm/i915/tgl: init ddi port A-C for Tiger Lake (jsc#SLE-7953). - drm/i915/tgl: Add additional PHYs for Tiger Lake (jsc#SLE-7953). - drm/i915/tgl: Add additional ports for Tiger Lake (jsc#SLE-7953). - drm/i915/tgl: Add pll manager (jsc#SLE-7953). - drm/i915/tgl: Add new pll ids (jsc#SLE-7953). - drm/i915/tgl: Add power well to support 4th pipe (jsc#SLE-7953). - drm/i915/tgl: Add power well support (jsc#SLE-7953). - drm/i915/tgl: rename TRANSCODER_EDP_VDSC to use on transcoder A (jsc#SLE-7953). - drm/i915/tgl: Check if pipe D is fused (jsc#SLE-7953). - drm/i915/tgl: Add TGL PCI IDs (jsc#SLE-7953). - drm/i915/tgl: Add TGL PCH detection in virtualized environment (jsc#SLE-7953). - drm/i915/tgl: Introduce Tiger Lake PCH (jsc#SLE-7953). - drm/i915/tgl: add initial Tiger Lake definitions (jsc#SLE-7953). - drm/i915: Add 4th pipe and transcoder (jsc#SLE-7953). - drm/i915: Don't overestimate 4:2:0 link symbol clock (jsc#SLE-7953). - drm/i915: Copy name string into ring buffer for intel_update/disable_plane tracepoints (jsc#SLE-7953). - drm/i915/guc: Drop redundant ctx param from kerneldoc (jsc#SLE-7953). - drm/i915: Don't pass stack garbage to pcode in the second data register (jsc#SLE-7953). - drm/i915: Use intel_ types in intel_atomic_commit() (jsc#SLE-7953). - drm/i915: Use intel_ types in intel_{lock,modeset}_all_pipes() (jsc#SLE-7953). - drm/i915: Polish intel_atomic_track_fbs() (jsc#SLE-7953). - drm/i915: Polish intel_shared_dpll_swap_state() (jsc#SLE-7953). - drm/i915: Simplify modeset_get_crtc_power_domains() arguments (jsc#SLE-7953). - drm/i915: Check crtc_state->wm.need_postvbl_update before grabbing wm.mutex (jsc#SLE-7953). - drm/i915: Use the "display core" power domain in vlv/chv set_cdclk() (jsc#SLE-7953). - drm/i915/selftests: Hold the vma manager lock while modifying mmap_offset (jsc#SLE-7953). - drm/i915/sdvo: Fix handling if zero hbuf size (jsc#SLE-7953). - drm/i915/guc: Simplify guc client (jsc#SLE-7953). - drm/i915/guc: Remove preemption support for current fw (jsc#SLE-7953). - drm/i915/selftests: Ensure we don't clamp a random offset to 32b (jsc#SLE-7953). - drm/i915/gt: Drop the duplicate icl workaround (jsc#SLE-7953). - drm/i915/ehl: Enable DDI-D (jsc#SLE-7953). - drm/i915: Transition port type checks to phy checks (jsc#SLE-7953). - drm/i915/gen11: Convert combo PHY logic to use new 'enum phy' namespace (jsc#SLE-7953). - drm/i915/gen11: Program ICL_DPCLKA_CFGCR0 according to PHY (jsc#SLE-7953). - drm/i915/gen11: Start distinguishing 'phy' from 'port' (jsc#SLE-7953). - drm/i915: move intel_ddi_set_fia_lane_count to intel_tc.c (jsc#SLE-7953). - drm/i915: fix include order in intel_tc.* (jsc#SLE-7953). - drm/i915: make new intel_tc.c use uncore accessors (jsc#SLE-7953). - drm/i915/icl: Fixed Input CSC Co-efficients for BT601/709 (jsc#SLE-7953). - drm/i915/icl: Fix Y pre-offset for Full Range YCbCr (jsc#SLE-7953). - drm/i915/icl: Handle YCbCr to RGB conversion for BT2020 case (jsc#SLE-7953). - drm/i915/execlists: Record preemption for selftests (jsc#SLE-7953). - drm/i915: Remove unused i915_gem_context_lookup_engine (jsc#SLE-7953). - drm/i915: add infrastructure to hold off preemption on a request (jsc#SLE-7953). - drm/i915: enumerate scratch fields (jsc#SLE-7953). - drm/i915/icl: Clear the shared port PLLs from the new crtc state (jsc#SLE-7953). - drm/i915: Clear the shared PLL from the put_dplls() hook (jsc#SLE-7953). - drm/i915/sdvo: Add helpers to get the cmd/status string (jsc#SLE-7953). - drm/i915/sdvo: Shrink sdvo_cmd_names[] strings (jsc#SLE-7953). - drm/i915/sdvo: Remove duplicate SET_INPUT_TIMINGS_PART1 cmd name string (jsc#SLE-7953). - drm/i915/sdvo: Use named initializers for the SDVO command names (jsc#SLE-7953). - drm/i915: Add icl mipi dsi properties (jsc#SLE-7953). - drm/i915/hdcp: debug logs for sink related failures (jsc#SLE-7953). - drm/i915/gt: Remove presumption of RCS0 (jsc#SLE-7953). - drm/i915/gt: Apply RCS workarounds to the render class (jsc#SLE-7953). - drm/i915/selftests: Fill in a little more of the dummy fence (jsc#SLE-7953). - drm/i915/selftests: Set igt_spinner.gt for early exit (jsc#SLE-7953). - drm/i915: Update DRIVER_DATE to 20190708 (jsc#SLE-7953). - drm/i915/selftests: Reorder error cleanup for whitelist checking (jsc#SLE-7953). - drm/i915: Explicitly track active fw_domain timers (jsc#SLE-7953). - drm/i915: Pull assert_forcewake_active() underneath the lock (jsc#SLE-7953). - drm/i915/gtt: Introduce release_pd_entry (jsc#SLE-7953). - drm/i915/gtt: Setup phys pages for 3lvl pdps (jsc#SLE-7953). - drm/i915/gtt: Tear down setup and cleanup macros for page dma (jsc#SLE-7953). - drm/i915: Remove set but not used variable 'intel_dig_port' (jsc#SLE-7953). - drm/i915: Remove set but not used variable 'encoder' (jsc#SLE-7953). - drm/i915: Order assert forcewake test (jsc#SLE-7953). - drm/i915/ehl: Add support for DPLL4 (v10) (jsc#SLE-7953). - drm/i915: Clean up skl vs. icl plane formats (jsc#SLE-7953). - drm/i915: Cosmetic fix for skl+ plane switch statement (jsc#SLE-7953). - drm/i915: Deal with cpp==8 for g4x watermarks (jsc#SLE-7953). - drm/i915: Program plane gamma ramps (jsc#SLE-7953). - drm/i915: Disable sprite gamma on ivb-bdw (jsc#SLE-7953). - drm/i915: Add windowing for primary planes on gen2/3 and chv (jsc#SLE-7953). - drm/i915: Move dev_priv->pm_i{m, e}r into intel_gt (jsc#SLE-7953). - drm/i915: Remove some legacy mmio accessors from interrupt handling (jsc#SLE-7953). - drm/i915: Rework some interrupt handling functions to take intel_gt (jsc#SLE-7953). - drm/i915: Show instdone for each engine in debugfs (jsc#SLE-7953). - drm/i915/selftests: Be engine agnostic (jsc#SLE-7953). - drm/i915/overlay: Stash the kernel context on initialisation (jsc#SLE-7953). - drm/i915/hangcheck: Look at instdone for all engines (jsc#SLE-7953). - drm/i915/selftests: Drain the freedlists between exec passes (jsc#SLE-7953). - drm/i915/gt: Pull engine w/a initialisation into common (jsc#SLE-7953). - drm/i915: Dump w/a lists on all engines (jsc#SLE-7953). - drm/i915/guc: Upgrade to GuC 33.0.0 (jsc#SLE-7953). - drm/i915/gtt: Handle double alloc failures (jsc#SLE-7953). - drm/i915: Show support for accurate sw PMU busyness tracking (jsc#SLE-7953). - drm/i915/gem: Defer obj->base.resv fini until RCU callback (jsc#SLE-7953). - drm/i915/gt: Ignore forcewake acquisition for posting_reads (jsc#SLE-7953). - drm/i915/gt: Assume we hold forcewake for execlists resume (jsc#SLE-7953). - drm/i915/gt: Use caller provided forcewake for intel_mocs_init_engine (jsc#SLE-7953). - drm/i915: Check caller held wakerefs in assert_forcewakes_active (jsc#SLE-7953). - drm/i915: Flush the workqueue before draining (jsc#SLE-7953). - drm/i915: Move the renderstate setup under gt/ (jsc#SLE-7953). - drm/i915: Add N & CTS values for 10/12 bit deep color (jsc#SLE-7953). - drm/i915: Use port clock to set correct N value (jsc#SLE-7953). - drm/i915: Mark up vma->active as safe for use inside shrinkers (jsc#SLE-7953). - drm/i915/execlists: Hesitate before slicing (jsc#SLE-7953). - drm/i915/selftests: Lock the drm_mm while modifying (jsc#SLE-7953). - drm/i915/selftests: Common live setup/teardown (jsc#SLE-7953). - drm/i915/display: Handle lost primary_port across suspend (jsc#SLE-7953). - drm/i915: synchronize_irq() against the actual irq (jsc#SLE-7953). - drm/i915/gtt: Don't check PPGTT presence on PPGTT-only platforms (jsc#SLE-7953). - Revert "drm/i915: Introduce private PAT management" (jsc#SLE-7953). - drm/i915: Report if i915_active is still busy upon waiting (jsc#SLE-7953). - drm/i915/ehl: Don't program PHY_MISC on EHL PHY C (jsc#SLE-7953). - drm/i915/ehl: Add third combo PHY offset (jsc#SLE-7953). - drm/i915/icl: Drop port parameter to icl_get_combo_buf_trans() (jsc#SLE-7953). - drm/i915/guc: Avoid reclaim locks during reset (jsc#SLE-7953). - drm/i915: WARN about invalid lane reversal in TBT-alt/DP-alt modes (jsc#SLE-7953). - drm/i915: Remove unneeded disconnect in TypeC legacy port mode (jsc#SLE-7953). - drm/i915: Add state verification for the TypeC port mode (jsc#SLE-7953). - drm/i915: Keep the TypeC port mode fixed when the port is active (jsc#SLE-7953). - drm/i915/icl: Reserve all required PLLs for TypeC ports (jsc#SLE-7953). - drm/i915/icl: Split getting the DPLLs to port type specific functions (jsc#SLE-7953). - drm/i915: Sanitize the shared DPLL find/reference interface (jsc#SLE-7953). - drm/i915: Sanitize the shared DPLL reserve/release interface (jsc#SLE-7953). - drm/i915: Keep the TypeC port mode fixed for detect/AUX transfers (jsc#SLE-7953). - drm/i915: Fix the TypeC port mode sanitization during loading/resume (jsc#SLE-7953). - drm/i915: Sanitize the TypeC connect/detect sequences (jsc#SLE-7953). - drm/i915: Handle the TCCOLD power-down event (jsc#SLE-7953). - drm/i915: Wait for TypeC PHY complete flag to clear in safe mode (jsc#SLE-7953). - drm/i915: Unify the TypeC port notation in debug/error messages (jsc#SLE-7953). - drm/i915: Use the correct AUX power domain in TypeC TBT-alt mode (jsc#SLE-7953). - drm/i915: Don't enable the DDI-IO power in the TypeC TBT-alt mode (jsc#SLE-7953). - drm/i915: Sanitize the terminology used for TypeC port modes (jsc#SLE-7953). - drm/i915: Tune down WARNs about TBT AUX power well enabling (jsc#SLE-7953). - drm/i915/icl: Add support to read out the TBT PLL HW state (jsc#SLE-7953). - drm/i915: Use intel state as much as possible in wm code (jsc#SLE-7953). - drm/i915: Pass intel state to plane functions as well (jsc#SLE-7953). - drm/i915: Use intel_crtc_state in sanitize_watermarks() too (jsc#SLE-7953). - drm/i915: Convert hw state verifier to take more intel state, v2 (jsc#SLE-7953). - drm/i915: rework reading pipe disable fuses (jsc#SLE-7953). - drm/i915: Make i945gm_vblank_work_func static (jsc#SLE-7953). - drm/i915/ehl: Add voltage level requirement table (jsc#SLE-7953). - drm/i915/ehl: Remove unsupported cd clocks (jsc#SLE-7953). - drm/i915: Initialize drm_driver vblank funcs at compile time (jsc#SLE-7953). - drm/i915: Nuke drm_driver irq vfuncs (jsc#SLE-7953). - drm/i915: Switch to per-crtc vblank vfuncs (jsc#SLE-7953). - drm/i915/selftests: Drop manual request wakerefs around hangcheck (jsc#SLE-7953). - drm/i915/selftests: Serialise nop reset with retirement (jsc#SLE-7953). - drm/i915: Check backlight type while doing eDP backlight initializaiton (jsc#SLE-7953). - drm/i915/icl: Add missing device ID (jsc#SLE-7953). - drm/i915/gt: Add some debug tracing for context pinning (jsc#SLE-7953). - drm/i915/gt: Always call kref_init for the timeline (jsc#SLE-7953). - drm/i915/gt: Drop stale commentary for timeline density (jsc#SLE-7953). - drm/i915/selftests: Hold ref on request across waits (jsc#SLE-7953). - drm/i915/guc: Add debug capture of GuC exception (jsc#SLE-7953). - drm/i915/execlists: Convert recursive defer_request() into iterative (jsc#SLE-7953). - drm/i915/ehl: Add missing VECS engine (jsc#SLE-7953). - drm/i915/ehl: Add one additional PCH ID to MCC (jsc#SLE-7953). Refresh patches.suse/drm-i915-cml-Add-second-PCH-ID-for-CMP.patch - drm/i915/gem: Clear read/write domains for GPU clear (jsc#SLE-7953). - drm/i915/execlists: Always clear ring_pause if we do not submit (jsc#SLE-7953). - drm/i915/blt: Remove recursive vma->lock (jsc#SLE-7953). - drm/i915: Local debug BUG_ON for intel_wakeref (jsc#SLE-7953). - drm/i915: Provide an i915_active.acquire callback (jsc#SLE-7953). - drm/i915: Throw away the active object retirement complexity (jsc#SLE-7953). - drm/i915: Track i915_active using debugobjects (jsc#SLE-7953). - drm/i915: Remove waiting & retiring from shrinker paths (jsc#SLE-7953). - drm/i915/guc: handle GuC messages received with CTB disabled (jsc#SLE-7953). - drm/i915/guc: reorder enable/disable communication steps (jsc#SLE-7953). - drm/i915/gt: Fixup kerneldoc parameters (jsc#SLE-7953). - drm/i915/gt: Rename i915_gt_timelines (jsc#SLE-7953). - drm/i915: Eliminate dual personality of i915_scratch_offset (jsc#SLE-7953). - drm/i915: Make timelines gt centric (jsc#SLE-7953). - drm/i915: Compartmentalize ring buffer creation (jsc#SLE-7953). - drm/i915: Store ggtt pointer in intel_gt (jsc#SLE-7953). - drm/i915: Compartmentalize i915_gem_init_ggtt (jsc#SLE-7953). - drm/i915: Compartmentalize i915_ggtt_cleanup_hw (jsc#SLE-7953). - drm/i915: Compartmentalize timeline_init/park/fini (jsc#SLE-7953). - drm/i915: Convert i915_gem_flush_ggtt_writes to intel_gt (jsc#SLE-7953). - drm/i915: Compartmentalize i915_gem_suspend/restore_gtt_mappings (jsc#SLE-7953). - drm/i915: Store intel_gt backpointer in vm (jsc#SLE-7953). - drm/i915: Make ggtt invalidation work on ggtt (jsc#SLE-7953). - drm/i915: Compartmentalize i915_ggtt_init_hw (jsc#SLE-7953). - drm/i915: Compartmentalize i915_ggtt_probe_hw (jsc#SLE-7953). - drm/i915: Consolidate some open coded mmio rmw (jsc#SLE-7953). - drm/i915: Convert i915_ppgtt_init_hw to intel_gt (jsc#SLE-7953). - drm/i915: Store backpointer to intel_gt in the engine (jsc#SLE-7953). - drm/i915: Convert gt workarounds to intel_gt (jsc#SLE-7953). - drm/i915: Convert init_unused_rings to intel_gt (jsc#SLE-7953). - drm/i915: Use intel_uncore_rmw in intel_gt_init_swizzling (jsc#SLE-7953). - drm/i915: Convert i915_gem_init_swizzling to intel_gt (jsc#SLE-7953). - drm/i915: Make i915_check_and_clear_faults take intel_gt (jsc#SLE-7953). - drm/i915: Store some backpointers in struct intel_gt (jsc#SLE-7953). - drm/i915: Move intel_gt initialization to a separate file (jsc#SLE-7953). - drm/i915: Introduce struct intel_gt as replacement for anonymous i915->gt (jsc#SLE-7953). - drm/i915: Convert intel_vgt_(de)balloon to uncore (jsc#SLE-7953). - drm/i915/execlists: Keep virtual context alive until after we kick (jsc#SLE-7953). - drm/i915/gtt: Defer address space cleanup to an RCU worker (jsc#SLE-7953). - drm/i915/ehl/dsi: Enable AFE over PPI strap (jsc#SLE-7953). - drm/i915/ehl/dsi: Set lane latency optimization for DW1 (jsc#SLE-7953). - drm/i915/selftests: Use request managed wakerefs (jsc#SLE-7953). - drm/i915: Rings are always flushed (jsc#SLE-7953). - drm/i915/execlists: Minimalistic timeslicing (jsc#SLE-7953). - drm/i915: dynamically allocate forcewake domains (jsc#SLE-7953). - drm/i915: skip forcewake actions on forcewake-less uncore (jsc#SLE-7953). - drm/i915: kill uncore_to_i915 (jsc#SLE-7953). - drm/i915: kill uncore_sanitize (jsc#SLE-7953). - drm/i915: use vfuncs for reg_read/write_fw_domains (jsc#SLE-7953). - drm/i915/ehl: Allow combo PHY A to drive a third external display (jsc#SLE-7953). - drm/i915: Flush the execution-callbacks on retiring (jsc#SLE-7953). - drm/i915: Signal fence completion from i915_request_wait (jsc#SLE-7953). - commit 04e08b4 - PM / wakeup: Unexport wakeup_source_sysfs_{add,remove}() (jsc#SLE-9316). - PM / wakeup: Register wakeup class kobj after device is added (jsc#SLE-9316). - PM / wakeup: Fix sysfs registration error path (jsc#SLE-9316). - commit 0972359 - thermal: qoriq: Add hwmon support (jsc#SLE-9316). - thermal_hwmon: Add devres wrapper for thermal_add_hwmon_sysfs() (jsc#SLE-9316). - thermal: qoriq: Do not report invalid temperature reading (jsc#SLE-9316). - thermal: qoriq: Enable all sensors before registering them (jsc#SLE-9316). - thermal: qoriq: Convert driver to use regmap API (jsc#SLE-9316). - thermal: qoriq: Drop unnecessary drvdata cleanup (jsc#SLE-9316). - thermal: qoriq: Pass data to qoriq_tmu_calibration() directly (jsc#SLE-9316). - thermal: qoriq: Pass data to qoriq_tmu_register_tmu_zone() directly (jsc#SLE-9316). - thermal: qoriq: Embed per-sensor data into struct qoriq_tmu_data (jsc#SLE-9316). - thermal: qoriq: Add local struct qoriq_sensor pointer (jsc#SLE-9316). - thermal: qoriq: Don't store struct thermal_zone_device reference (jsc#SLE-9316). - thermal: qoriq: Add local struct device pointer (jsc#SLE-9316). - thermal: qoriq: add thermal monitor unit version 2 support (jsc#SLE-9316). - thermal: qoriq: Use __maybe_unused instead of #if CONFIG_PM_SLEEP (jsc#SLE-9316). - thermal: qoriq: Use devm_platform_ioremap_resource() instead of of_iomap() (jsc#SLE-9316). - thermal: qoriq: Fix error path of calling qoriq_tmu_register_tmu_zone fail (jsc#SLE-9316). - thermal: qoriq: Add clock operations (jsc#SLE-9316). - commit 14652c6 - Delete patches.suse/cpufreq-intel_pstate-use-setpoint-of-10-on-servers.patch. Before v4.14 the intel_pstate powersave frequency governor used a P.I.D. controller based algorithm to select frequencies, and this patch was necessary to tune the "setpoint" parameter to a more aggressive value than in mainline kernel. From v4.14 onwards said algorithm is replaced by another where the frequency is proportional to non-idle time observed in the recent past, and this patch tuning pid_params.setpoint is thus obsolete. - commit 80607d5 - cpufreq: intel_pstate: Temporarily boost P-state when exiting from idle (bnc#1066110, bnc#1066845). - commit 0ab1412 - cpufreq, intel_pstate: Ramp up frequency faster when utilisation reaches setpoint (bsc#1068680). - commit 741462c - cpufreq: intel_pstate: Revert upstream changes to iowait boosting (bsc#1131437). - commit 08e273b - PM / wakeup: Show wakeup sources stats in sysfs (jsc#SLE-9316). - PM / wakeup: Use wakeup_source_register() in wakelock.c (jsc#SLE-9316). - PM / wakeup: Drop wakeup_source_init(), wakeup_source_prepare() (jsc#SLE-9316). - commit 4d80f94 - rtc: fsl-ftm-alarm: remove select FSL_RCPM and default y from Kconfig (jsc#SLE-9316). - mmc: sdhci: fix up CMD12 sending (jsc#SLE-9316). - soc: fsl: add RCPM driver (jsc#SLE-9316). - PM: wakeup: Add routine to help fetch wakeup source object (jsc#SLE-9316). - mmc: sdhci-of-esdhc: poll ESDHC_FLUSH_ASYNC_FIFO bit until completion (jsc#SLE-9316). - spi: spi-fsl-qspi: Introduce variable to fix different invalid master Id (jsc#SLE-9316). - rtc: fsl-ftm-alarm: add FTM alarm driver (jsc#SLE-9316). - mtd: spi-nor: Add support for mt35xu02g (jsc#SLE-9316). - mmc: sdhci-of-esdhc: add erratum A011334 support in ls1028a 1.0 SoC (jsc#SLE-9316). - soc: fsl: guts: Add definition for LS1028A (jsc#SLE-9316). - spi: fsl-qspi: Enhance binding to extend example for flash entry (jsc#SLE-9316). - commit bfef95e - Refresh and enable patches.suse/0004-MODSIGN-checking-the-blacklisted-hash-before-loading.patch. (fate#316531) - commit d8c86dc - Refresh and enable patches.suse/0003-MODSIGN-load-blacklist-from-MOKx.patch. (fate#316531) - commit 9e30e45 - enetc: remove variable 'tc_max_sized_frame' set but not used (jsc#SLE-9316). - enetc: add software timestamping (jsc#SLE-9316). - enetc: disable EEE autoneg by default (jsc#SLE-9316). - enetc: add support Credit Based Shaper(CBS) for hardware offload (jsc#SLE-9316). - enetc: make enetc_setup_tc_mqprio static (jsc#SLE-9316). - enetc: update TSN Qbv PSPEED set according to adjust link speed (jsc#SLE-9316). - enetc: Configure the Time-Aware Scheduler via tc-taprio offload (jsc#SLE-9316). - enetc: fix return value for enetc_ioctl() (jsc#SLE-9316). - enetc: ethtool: add wake-on-lan callbacks (jsc#SLE-9316). - enetc: add ioctl() support for PHY-related ops (jsc#SLE-9316). - commit c54330b ++++ NetworkManager: - Update to version 1.22.0: + Drop support for BlueZ 4. BlueZ 5 was released in 2012 and should nowadays be available everywhere. + DHCP: switch "internal" DHCPv4 plugin from code based on systemd to use nettools' n-dhcp4 library. + Add support for "scope" attribute for IPv4 routes. + Add support for specifying IAID and FQDN flags for DHCP request. + Add a '802-1x.optional' property to consider the wired 802.1X authentication as optional. + Use the Network Cost Wi-Fi information element to determine metered device state. + Support main.auth-polkit=root-only setting to disable PolicyKit use and restrict authorization to root user. + core: declare "startup complete" when device reaches "connected" state, even if IP addressing methods did not yet fully complete. This changes behavior for unblocking "NetworkManager-wait-online.service", and "network-online.target" earlier. If this causes issues in your setup, you may need to configure "ipv4.may-fail=no" or "ipv6.may-fail=no", which delays reaching "connected" state for the address family accordingly. + libnm: hide NMObject and NMClient typedefs from header files. This prevents the user from subclassing these types and is an ABI change (in the unlikely case that a user was subclassing the types, which is no longer supported). + libnm: retire deprecated WiMAX API NMDeviceWimax and NMWimaxNsp. WiMAX support was removed from NetworkManager in version 1.2 (2016) and no such type instances would have been created by NMClient for a while now. + Deprecate synchronous API for D-Bus calls in libnm. We don't remove libnm API so you are free to continue using it. But tells you that using it might be a bad idea. + libnm: heavily internal rework NMClient. This slims down libnm and makes the implementation more efficient. NMClient should work now well with a separate GMainContext. + Add `nmcli general reload` subcommand to reload NetworkManager configuration and DNS settings. + nm-cloud-setup: add new tool for automatically configuring NetworkManager in cloud. This is still experimental and currently only EC2 and IPv4 is supported. + Add new NetworkManager logo to "contrib/art/logo". + Various bug fixes and improvements. - Disable networkmanager-checks-po.patch: Needs rebase. - Add new nm-cloud-setup.service to pre/post/preun/postun calls. ++++ policycoreutils: - Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262) ------------------------------------------------------------------ ------------------ 2019-12-16 - Dec 16 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Persist oom files on cgroup v2 - Revert the check for the OOM counter on cgroups v1 before writing OOM file ++++ health-checker: - Update to version 1.3 * Support /var on non-root device for reading health data * Avoid GRUB error message if env_block is not set [boo#1151072] * Don't show message on manual emergency shell invocation * Fix handling when booting a non-default snapshot ++++ kernel-default: - Update tags in patches.suse/ext4-add-more-paranoia-checking-in-ext4_expand_extra.patch (bnc#1151927 bsc#1159297 CVE-2019-19767 5.3.15). - commit a5d00e3 - xen/blkback: Avoid unmapping unmapped grant pages (bsc#1065600). - commit d227d91 - staging: vchiq: call unregister_chrdev_region() when driver registration fails (git-fixes). - xhci: make sure interrupts are restored to correct state (git-fixes). - xhci: Increase STS_HALT timeout in xhci_suspend() (git-fixes). - usb: xhci: only set D3hot for pci device (git-fixes). - xhci: Fix memory leak in xhci_add_in_port() (git-fixes). - usb: dwc3: gadget: Fix logical condition (git-fixes). - USB: adutux: fix interface sanity check (git-fixes). - USB: idmouse: fix interface sanity checks (git-fixes). - USB: serial: io_edgeport: fix epic endpoint lookup (git-fixes). - usb: mon: Fix a deadlock in usbmon between mmap and read (git-fixes). - usb: typec: fix use after free in typec_register_port() (git-fixes). - usb: roles: fix a potential use after free (git-fixes). - virtio-balloon: fix managed page counts when migrating pages between zones (git-fixes). - vfio/pci: call irq_bypass_unregister_producer() before freeing irq (git-fixes). - tools: PCI: Fix fd leakage (git-fixes). - stm class: Lose the protocol driver when dropping its reference (git-fixes). - spi: rspi: Use platform_get_irq_byname_optional() for optional irqs (git-fixes). - commit 6f16787 - staging: rtl8712: fix interface sanity check (git-fixes). - staging: rtl8188eu: fix interface sanity check (git-fixes). - soc: aspeed: Fix snoop_file_poll()'s return type (git-fixes). - soc: renesas: Add missing check for non-zero product register address (git-fixes). - serial: 8250-mtk: Use platform_get_irq_optional() for optional irq (git-fixes). - phy: qcom-usb-hs: Fix extcon double register after power cycle (git-fixes). - phy: ti: gmii-sel: fix mac tx internal delay for rgmii-rxid (git-fixes). - phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role" (git-fixes). - rfkill: allocate static minor (git-fixes). - phy: renesas: rcar-gen3-usb2: Use platform_get_irq_optional() for optional irq (git-fixes). - software node: Get reference to parent swnode in get_parent op (git-fixes). - driver core: platform: Add platform_get_irq_byname_optional() (git-fixes). - commit 3dd636b - config: refresh - only update headers - commit 308eb35 - PCI: layerscape: Add LS1028a support (jsc#SLE-9316). - PCI: layerscape: Add CONFIG_PCI_LAYERSCAPE_EP to build EP/RC separately (jsc#SLE-9316). - PCI: dwc: Return directly when num-lanes is not found (jsc#SLE-9316). - commit a994a9b - moduleparam: fix parameter description mismatch (git-fixes). - net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions (git-fixes). - net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition (git-fixes). - mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card (git-fixes). - net: wireless: ti: wl1251 add device tree support (git-fixes). - commit 55a0d46 - interconnect: qcom: sdm845: Walk the list safely on node removal (git-fixes). - commit dc37ad8 - iio: adc: max9611: Fix too short conversion time delay (git-fixes). - iio: imu: inv_mpu6050: fix temperature reporting using bad unit (git-fixes). - iio: adc: ad7124: Enable internal reference (git-fixes). - iio: adc: ad7606: fix reading unnecessary data from device (git-fixes). - genalloc: Fix a set of docs build warnings (git-fixes). - commit f2d6240 - firmware: arm_scmi: Avoid double free in error flow (git-fixes). - commit 83c312d - drm/nouveau/kms/nv50-: Limit MST BPC to 8 (git-fixes). - drm/nouveau/kms/nv50-: Store the bpc we're using in nv50_head_atom (git-fixes). - drm/nouveau/kms/nv50-: Call outp_atomic_check_view() before handling PBN (git-fixes). - drm: meson: venc: cvbs: fix CVBS mode matching (git-fixes). - drm/mcde: dsi: Fix invalid pointer dereference if panel cannot be found (git-fixes). - drm/dp_mst: Correct the bug in drm_dp_update_payload_part1() (git-fixes). - drm/mgag200: Store flags from PCI driver data in device structure (git-fixes). - drm/mgag200: Extract device type from flags (git-fixes). - commit 2452bc1 - drm/amdgpu/vi: silence an uninitialized variable warning (git-fixes). - commit 45e781e - drm/amd/display: add default clocks if not able to fetch them (git-fixes). - drm/msm: Sanitize the modeset_is_locked checks in dpu (git-fixes). - drm/msm: include linux/sched/task.h (git-fixes). - drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (git-fixes). - drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes). - drm: msm: a6xx: fix debug bus register configuration (git-fixes). - commit 42a4df1 - drm/tegra: Fix ordering of cleanup code (git-fixes). - drm: Don't free jobs in wait_event_interruptible() (git-fixes). - drm/rockchip: Round up _before_ giving to the clock framework (git-fixes). - drm/amd/display: fix struct init in update_bounding_box (git-fixes). - drm/amdgpu/mn: fix documentation for amdgpu_mn_read_lock (git-fixes). - Revert "drm/amdgpu/nbio7.4: add hw bug workaround for vega20" (git-fixes). - drm: rcar_lvds: Fix color mismatches on R-Car H2 ES2.0 and later (git-fixes). - drm/mcde: Fix reference to DOC comment (git-fixes). - Revert "drm/sun4i: dsi: Change the start delay calculation" (git-fixes). - drm: panel-lvds: Potential Oops in probe error handling (git-fixes). - commit 8624fb2 - dmaengine: ti: edma: fix missed failure handling (git-fixes). - drm/v3d: don't leak bin job if v3d_job_init fails (git-fixes). - drm: mst: Fix query_payload ack reply struct (git-fixes). - commit 5a5f2fc - gpio: mpc8xxx: Add platform device to gpiochip->parent (jsc#SLE-9316). - gpio/mpc8xxx: fix qoriq GPIO reading (jsc#SLE-9316). - gpio/mpc8xxx: change irq handler from chained to normal (jsc#SLE-9316). - gpio: mpc8xxx: add ls1088a platform special function (jsc#SLE-9316). - gpio: mpc8xxx: Add ls1028a device specify function (jsc#SLE-9316). - commit 748b19d - Update patch reference for ALSA timer fix (CVE-2019-19807 bsc#1159281) - commit fdd89ba - PCI: rockchip: Fix IO outbound ATU register number (git-fixes). - commit fa4971b - rpm/kernel-subpackage-spec: Fix empty Recommends tag (bsc#1143959) - commit 3fd22e2 - crypto: ccp - Release all allocated memory if sha type is invalid (bsc#1156259 CVE-2019-18808). - commit 9a2a2b6 - Linux 5.3.16 (bnc#1151927 5.3.16). - Input: Fix memory leak in psxpad_spi_probe (bnc#1151927 5.3.16). - io_uring: ensure req->submit is copied when req is deferred (bnc#1151927 5.3.16). - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks (bnc#1151927 5.3.16). - Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers (bnc#1151927 5.3.16). - Input: goodix - add upside-down quirk for Teclast X89 tablet (bnc#1151927 5.3.16). - nfsd: Ensure CLONE persists data and metadata changes to the target file (bnc#1151927 5.3.16). - nfsd: restore NFSv3 ACL support (bnc#1151927 5.3.16). - io_uring: transform send/recvmsg() -ERESTARTSYS to -EINTR (bnc#1151927 5.3.16). - fuse: verify nlink (bnc#1151927 5.3.16). - fuse: verify attributes (bnc#1151927 5.3.16). - arm64: dts: exynos: Revert "Remove unneeded address space mapping for soc node" (bnc#1151927 5.3.16). - tty: vt: keyboard: reject invalid keycodes (bnc#1151927 5.3.16). - serial: stm32: fix clearing interrupt error flags (bnc#1151927 5.3.16). - serial: serial_core: Perform NULL checks for break_ctl ops (bnc#1151927 5.3.16). - serial: ifx6x60: add missed pm_runtime_disable (bnc#1151927 5.3.16). - serial: pl011: Fix DMA ->flush_buffer() (bnc#1151927 5.3.16). - x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (bnc#1151927 5.3.16). - x86/mm/32: Sync only to VMALLOC_END in vmalloc_sync_all() (bnc#1151927 5.3.16). - Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus (bnc#1151927 5.3.16). - sparc64: implement ioremap_uc (bnc#1151927 5.3.16). - jbd2: Fix possible overflow in jbd2_log_space_left() (bnc#1151927 5.3.16). - drm/msm: fix memleak on release (bnc#1151927 5.3.16). - drm: damage_helper: Fix race checking plane->state->fb (bnc#1151927 5.3.16). - drm/i810: Prevent underflow in ioctl (bnc#1151927 5.3.16). - binder: Handle start==NULL in binder_update_page_range() (bnc#1151927 5.3.16). - binder: Prevent repeated use of ->mmap() via NULL mapping (bnc#1151927 5.3.16). - binder: Fix race between mmap() and binder_alloc_print_pages() (bnc#1151927 5.3.16). - lp: fix sparc64 LPSETTIMEOUT ioctl (bnc#1151927 5.3.16). - blacklist.conf: remove it - coresight: etm4x: Fix input validation for sysfs (bnc#1151927 5.3.16). - usb: gadget: u_serial: add missing port entry locking (bnc#1151927 5.3.16). - cpufreq: imx-cpufreq-dt: Correct i.MX8MN's default speed grade value (bnc#1151927 5.3.16). - perf scripts python: exported-sql-viewer.py: Fix use of TRUE with SQLite (bnc#1151927 5.3.16). - crypto: ccp - fix uninitialized list head (bnc#1151927 5.3.16). - KVM: PPC: Book3S HV: XIVE: Fix potential page leak on error path (bnc#1151927 5.3.16). - KVM: PPC: Book3S HV: XIVE: Free previous EQ page when setting up a new one (bnc#1151927 5.3.16). - KVM: x86: Grab KVM's srcu lock when setting nested state (bnc#1151927 5.3.16). - KVM: x86: do not modify masked bits of shared MSRs (bnc#1151927 5.3.16). - KVM: arm/arm64: vgic: Don't rely on the wrong pending table (bnc#1151927 5.3.16). - KVM: PPC: Book3S HV: XIVE: Set kvm->arch.xive when VPs are allocated (bnc#1151927 5.3.16). - KVM: nVMX: Always write vmcs02.GUEST_CR3 during nested VM-Enter (bnc#1151927 5.3.16). - sched/core: Avoid spurious lock dependencies (bnc#1151927 5.3.16). - perf/core: Consistently fail fork on allocation failures (bnc#1151927 5.3.16). - net: ep93xx_eth: fix mismatch of request_mem_region in remove (bnc#1151927 5.3.16). - ravb: implement MTU change while device is up (bnc#1151927 5.3.16). - iwlwifi: pcie: don't consider IV len in A-MSDU (bnc#1151927 5.3.16). - xfrm: release device reference for invalid state (bnc#1151927 5.3.16). - rsxx: add missed destroy_workqueue calls in remove (bnc#1151927 5.3.16). - afs: Fix race in commit bulk status fetch (bnc#1151927 5.3.16). - MIPS: SGI-IP27: fix exception handler replication (bnc#1151927 5.3.16). - selftests: kvm: fix build with glibc >= 2.30 (bnc#1151927 5.3.16). - drm/sun4i: tcon: Set min division of TCON0_DCLK to 1 (bnc#1151927 5.3.16). - audit_get_nd(): don't unlock parent too early (bnc#1151927 5.3.16). - Refresh patches.suse/vfs-add-super_operations-get_inode_dev. - exportfs_decode_fh(): negative pinned may become positive without the parent locked (bnc#1151927 5.3.16). - cgroup: don't put ERR_PTR() into fc->root (bnc#1151927 5.3.16). - autofs: fix a leak in autofs_expire_indirect() (bnc#1151927 5.3.16). - Input: cyttsp4_core - fix use after free bug (bnc#1151927 5.3.16). - commit 8b8fa5f - Update patches.suse/0001-crypto-af_alg-cast-ki_complete-ternary-op-to-int.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/0001-crypto-ecdh-fix-big-endian-bug-in-ECC-library.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/0055-rbd-silence-bogus-uninitialized-warning-in-rbd_object_map_update_finish.patch (jsc#SES-1134 bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-Add-Cometlake-S-PCI-ID.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-Add-mute-led-support-for-HP-ProBook-645-G4.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-Fix-pending-unsol-events-at-shutdown.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-Modify-stream-stripe-mask-only-when-needed.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-hdmi-fix-pin-setup-on-Tigerlake.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-realtek-Dell-headphone-has-noise-on-unmute-.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-realtek-Enable-internal-speaker-of-ASUS-UX4.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-hda-realtek-Enable-the-headset-mic-on-a-Xiaomi-.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-pcm-Fix-stream-lock-usage-in-snd_pcm_period_ela.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ALSA-pcm-oss-Avoid-potential-buffer-overflows.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/CIFS-Fix-SMB2-oplock-break-processing.patch (bsc#1154355 bnc#1151927 5.3.16). - Update patches.suse/Input-synaptics-rmi4-re-enable-IRQs-in-f34v7_do_refl.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/NFC-nxp-nci-Fix-NULL-pointer-dereference-after-I2C-c.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/RDMA-hns-Correct-the-value-of-HNS_ROCE_HEM_CHUNK_LEN.patch (jsc#SLE-8449 bnc#1151927 5.3.16). - Update patches.suse/RDMA-hns-Correct-the-value-of-srq_desc_size.patch (jsc#SLE-8449 bnc#1151927 5.3.16). - Update patches.suse/RDMA-qib-Validate-show-store-callbacks-before-callin.patch (jsc#SLE-8449 bnc#1151927 5.3.16). - Update patches.suse/SUNRPC-Avoid-RPC-delays-when-exiting-suspend.patch (bsc#1154353 bnc#1151927 5.3.16). - Update patches.suse/aio-Fix-io_pgetevents-struct-__compat_aio_sigset-lay.patch (bsc#1158373 bnc#1151927 5.3.16). - Update patches.suse/arm64-tegra-Fix-active-low-warning-for-Jetson-TX1-re.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/block-check-bi_size-overflow-before-merge.patch (bsc#1158370 bnc#1151927 5.3.16). - Update patches.suse/can-slcan-Fix-use-after-free-Read-in-slcan_open.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/can-ucan-fix-non-atomic-allocation-in-completion-han.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/crypto-atmel-aes-Fix-IV-handling-when-req-nbytes-ivs.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/crypto-crypto4xx-fix-double-free-in-crypto4xx_destro.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/crypto-geode-aes-switch-to-skcipher-for-cbc-aes-fall.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/crypto-user-fix-memory-leak-in-crypto_report.patch (CVE-2019-19062 bsc#1157333 git-fixes bnc#1151927 5.3.16). - Update patches.suse/crypto-user-fix-memory-leak-in-crypto_reportstat.patch (CVE-2019-19050 bsc#1157336 git-fixes bnc#1151927 5.3.16). - Update patches.suse/drm-mcde-Fix-an-error-handling-path-in-mcde_probe.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/ecryptfs-fix-unlink-and-rmdir-in-face-of-underlying-.patch (bsc#1158374 bnc#1151927 5.3.16). - Update patches.suse/edac-ghes-fix-locking-and-memory-barrier-issues.patch (bsc#1152489 bnc#1151927 5.3.16). - Update patches.suse/i2c-core-fix-use-after-free-in-of_i2c_notify.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/iomap-Fix-pipe-page-leakage-during-splicing.patch (bsc#1158383 bnc#1151927 5.3.16). - Update patches.suse/kernfs-fix-ino-wrap-around-detection.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/kselftest-Fix-NULL-INSTALL_PATH-for-TARGETS-runlist.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/kvm-x86-fix-out-of-bounds-write-in-kvm_get_emulated_cpuid-cve-2019-19332 (CVE-2019-19332 bsc#1158827 bnc#1151927 5.3.16). - Update patches.suse/kvm-x86-fix-presentation-of-tsx-feature-in-arch_capabilities (CVE-2019-19338 bsc#1158954 bnc#1151927 5.3.16). - Update patches.suse/kvm-x86-remove-a-spurious-export-of-a-static-function (bsc#1158954 bnc#1151927 5.3.16). - Update patches.suse/md-raid0-Fix-an-error-message-in-raid0_make_request.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/media-rc-mark-input-device-as-pointing-stick.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/net-hns3-fix-ETS-bandwidth-validation-bug.patch (bsc#1154353 bnc#1151927 5.3.16). - Update patches.suse/net-hns3-reallocate-SSU-buffer-size-when-pfc_en-chan.patch (bsc#1154353 bnc#1151927 5.3.16). - Update patches.suse/perf-script-Fix-invalid-LBR-binary-mismatch-error.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/rsi-release-skb-if-rsi_prepare_beacon-fails.patch (CVE-2019-19071,bsc#1157067 bnc#1151927 5.3.16). - Update patches.suse/sched-pelt-Fix-update-of-blocked-PELT-ordering.patch (bnc#1155798 (CPU scheduler functional and performance backports) bnc#1151927 5.3.16). - Update patches.suse/spi-Fix-NULL-pointer-when-setting-SPI_CS_HIGH-for-GP.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/spi-Fix-SPI_CS_HIGH-setting-when-using-native-and-GP.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/spi-atmel-Fix-CS-high-support.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/spi-spi-fsl-qspi-Clear-TDH-bits-in-FLSHCR-register.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/spi-stm32-qspi-Fix-kernel-oops-when-unbinding-driver.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/thermal-Fix-deadlock-in-thermal-thermal_zone_device_.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/time-Zero-the-upper-32-bits-in-__kernel_timespec-on-.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/tty-serial-fsl_lpuart-use-the-sg-count-from-dma_map_.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/tty-serial-msm_serial-Fix-flow-control.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/vcs-prevent-write-access-to-vcsu-devices.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/watchdog-aspeed-Fix-clock-behaviour-for-ast2600.patch (git-fixes bnc#1151927 5.3.16). - Update patches.suse/x86-resctrl-fix-potential-lockdep-warning.patch (bsc#1152489 bnc#1151927 5.3.16). - commit f542645 - Delete patches.suse/0002-MODSIGN-print-appropriate-status-message-when-gettin.patch. Be replaced by patches.suse/0001-efi-add-a-function-to-convert-the-status-code-to-a-s.patch patches.suse/0002-efi-show-error-messages-only-when-loading-certificat.patch - commit 167e118 - efi: show error messages only when loading certificates is failed (fate#316531, bnc#854875). - commit 9ff07ee - efi: add a function to convert the status code to a string (fate#316531, bnc#854875). - commit cd7aba4 - Refresh patches.suse/ibmvnic-Fix-typo-in-retry-check.patch. - commit f89f0b0 ++++ kexec-tools: - Bump to version 2.0.20 Changelog: https://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git/log/?id=refs/tags/v2.0.19..v2.0.20 - Backport a upstream patch series: [jsc#SLE-9032] Subject: [PATCH v2 0/3] arm64: handle "reserved" entries in /proc/iomem * kexec-tools-add-variant-helper-functions.patch * kexec-tools-arm64-kexec-allocate-memory-space-avoiding-reserved-regions.patch * kexec-tools-arm64-kdump-deal-with-resource-entries-in-proc-iomem.patch ++++ Mesa: - Update to version 19.3.0 * Mainly changes to the build system, i965, aco, radv and anv * New features, check Phoronix: https://www.phoronix.com/scan.php?page=article&item=mesa-193-features ++++ salt: - Fix virt states to not fail on VMs already stopped - Added: * fix-virt-states-to-not-fail-on-vms-already-stopped.-.patch ------------------------------------------------------------------ ------------------ 2019-12-15 - Dec 15 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: refresh - update headers - drop options which are no longer accessible - commit 82ffcd4 - series.conf: refresh update mainline references and resort: patches.suse/scsi-qla2xxx-Add-debug-dump-of-LOGO-payload-and-ELS-.patch patches.suse/scsi-qla2xxx-Added-support-for-MPI-and-PEP-regions-f.patch patches.suse/scsi-qla2xxx-Allow-PLOGI-in-target-mode.patch patches.suse/scsi-qla2xxx-Change-discovery-state-before-PLOGI.patch patches.suse/scsi-qla2xxx-Configure-local-loop-for-N2N-target.patch patches.suse/scsi-qla2xxx-Correctly-retrieve-and-interpret-active.patch patches.suse/scsi-qla2xxx-Don-t-call-qlt_async_event-twice.patch patches.suse/scsi-qla2xxx-Don-t-defer-relogin-unconditonally.patch patches.suse/scsi-qla2xxx-Drop-superfluous-INIT_WORK-of-del_work.patch patches.suse/scsi-qla2xxx-Fix-PLOGI-payload-and-ELS-IOCB-dump-len.patch patches.suse/scsi-qla2xxx-Fix-incorrect-SFUB-length-used-for-Secu.patch patches.suse/scsi-qla2xxx-Ignore-NULL-pointer-in-tcm_qla2xxx_free.patch patches.suse/scsi-qla2xxx-Ignore-PORT-UPDATE-after-N2N-PLOGI.patch patches.suse/scsi-qla2xxx-Initialize-free_work-before-flushing-it.patch patches.suse/scsi-qla2xxx-Send-Notify-ACK-after-N2N-PLOGI.patch patches.suse/scsi-qla2xxx-Use-explicit-LOGO-in-target-mode.patch - commit b803547 ------------------------------------------------------------------ ------------------ 2019-12-14 - Dec 14 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ACPI: PM: Avoid attaching ACPI PM domain to certain devices (git-fixes). - ALSA: hda/realtek - Line-out jack doesn't work on a Dell AIO (git-fixes). - ALSA: hda/hdmi - Fix duplicate unref of pci_dev (git-fixes). - ALSA: fireface: fix return value in error path of isochronous resources reservation (git-fixes). - ALSA: oxfw: fix return value in error path of isochronous resources reservation (git-fixes). - ALSA: echoaudio: simplify get_audio_levels (git-fixes). - dma-buf: Fix memory leak in sync_file_merge() (git-fixes). - commit 1ccb9b7 ------------------------------------------------------------------ ------------------ 2019-12-13 - Dec 13 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Add --persist-dir flag to allow important container files to be written to a persistent directory - Check OOM counter on cgroups v1 before writing OOM file - Use splice(2) to copy from stdin ++++ gobject-introspection: - Drop python3-Sphix BuildRequires, only used for rebuilding the website contents. ++++ gstreamer-plugins-base: - Enable orc / wayland-egl on SLE15. ++++ kdump: - kdump-powerpc-no-reload-on-CPU-removal.patch: powerpc: Do not reload on CPU hot removal (bsc#1133407, LTC#176111). - kdump-Add-force-option-to-KDUMP_NETCONFIG.patch: Add ":force" option to KDUMP_NETCONFIG (bsc#1108919). - kdump-Add-fence_kdump_send-when-fence-agents-installed.patch: Add fence_kdump_send when fence-agents installed (bsc#1108919). - kdump-FENCE_KDUMP_SEND-variable.patch: Use var for path of fence_kdump_send and remove the unnecessary PRESCRIPT check (bsc#1108919). - kdump-Document-fence_kdump_send.patch: Document kdump behaviour for fence_kdump_send (bsc#1108919). ++++ kernel-default: - scsi: bfa: release allocated memory in case of error (CVE-2019-19066 bsc#1157303). - commit 8663bfd - spi: Fix NULL pointer when setting SPI_CS_HIGH for GPIO CS (git-fixes). - commit be424a0 - vcs: prevent write access to vcsu devices (git-fixes). - tty: serial: pch_uart: correct usage of dma_unmap_sg (git-fixes). - tty: serial: imx: use the sg count from dma_map_sg (git-fixes). - tty: serial: fsl_lpuart: use the sg count from dma_map_sg (git-fixes). - tty: serial: msm_serial: Fix flow control (git-fixes). - tipc: fix wrong timeout input for tipc_wait_for_cond() (git-fixes). - tipc: fix wrong socket reference counter after tipc_sk_timeout() returns (git-fixes). - commit b38c936 - tipc: fix potential memory leak in __tipc_sendmsg() (git-fixes). - spi: atmel: Fix CS high support (git-fixes). - spi: dw: Fix Designware SPI loopback (git-fixes). - spi: atmel: fix handling of cs_change set on non-last xfer (git-fixes). - spi: Fix SPI_CS_HIGH setting when using native and GPIO CS (git-fixes). - spi: spi-fsl-qspi: Clear TDH bits in FLSHCR register (git-fixes). - spi: stm32-qspi: Fix kernel oops when unbinding driver (git-fixes). - tipc: update mon's self addr when node addr generated (git-fixes). - tipc: reduce sensitive to retransmit failures (git-fixes). - commit 03f889b - platform/chrome: wilco_ec: fix use after free issue (git-fixes). - rtc: pm8xxx: update kerneldoc for struct pm8xxx_rtc (git-fixes). - rtc: msm6242: Fix reading of 10-hour digit (git-fixes). - rtc: bd70528: Add MODULE ALIAS to autoload module (git-fixes). - rtc: brcmstb-waketimer: add missed clk_disable_unprepare (git-fixes). - rtc: disable uie before setting time and enable after (git-fixes). - pstore: Make pstore_choose_compression() static (git-fixes). - pinctrl: lewisburg: Update pin list according to v1.1v6 (git-fixes). - pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() (git-fixes). - pinctrl: samsung: Fix device node refcount leaks in init code (git-fixes). - commit 12b6898 - of: unittest: fix memory leak in attach_node_and_children (git-fixes). - of: overlay: add_changeset_property() memory leak (git-fixes). - pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init (git-fixes). - pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init (git-fixes). - pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init (git-fixes). - pinctrl: samsung: Add of_node_put() before return in error path (git-fixes). - pinctrl: sh-pfc: Do not use platform_get_irq() to count interrupts (git-fixes). - pinctrl: sh-pfc: Fix PINMUX_IPSR_PHYS() to set GPSR (git-fixes). - pinctrl: rza2: Fix gpio name typos (git-fixes). - hwrng: omap3-rom - Fix missing clock by probing with device tree (git-fixes). - commit d48f475 - clk: Add clk_hw_unregister_composite helper function definition (git-fixes). - clk: Fix memory leak in clk_unregister() (git-fixes). - clk: pxa: fix one of the pxa RTC clocks (git-fixes). - clk: sprd: Use IS_ERR() to validate the return value of syscon_regmap_lookup_by_phandle() (git-fixes). - clk: qcom: smd: Add missing pnoc clock (git-fixes). - clk: imx7ulp: Correct DDR clock mux options (git-fixes). - clk: imx7ulp: Correct system clock source option #7 (git-fixes). - clk: imx: pll14xx: Fix quick switch of S/K parameter (git-fixes). - clk: renesas: r8a77965: Remove superfluous semicolon (git-fixes). - clk: samsung: exynos5420: Preserve CPU clocks configuration during suspend/resume (git-fixes). - commit 10ab36e - arm64: mm: Fix initialisation of DMA zones on non-NUMA systems (git-fixes). - arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator (git-fixes). - ARM: OMAP2+: Add missing put_device() call in omapdss_init_of() (git-fixes). - apparmor: fix unsigned len comparison with less than zero (git-fixes). - clk: meson: axg-audio: fix regmap last register (git-fixes). - ARM: 8937/1: spectre-v2: remove Brahma-B53 from hardening (git-fixes). - ARM: 8918/2: only build return_address() if needed (git-fixes). - ARM: 8928/1: ARM_ERRATA_775420: Spelling s/date/data/ (git-fixes). - arm64: Silence clang warning on mismatched value/register sizes (git-fixes). - commit 7811b6b - ARM: dts: Fix vcsi regulator to be always-on for droid4 to prevent hangs (git-fixes). - commit 228f19d - watchdog: sprd: Fix the incorrect pointer getting from driver data (git-fixes). - staging: wilc1000: potential corruption in wilc_parse_join_bss_param() (git-fixes). - virt_wifi: fix use-after-free in virt_wifi_newlink() (git-fixes). - tpm: Switch to platform_get_irq_optional() (git-fixes). - commit ff1979e - thermal: Fix deadlock in thermal thermal_zone_device_check (git-fixes). - time: Zero the upper 32-bits in __kernel_timespec on 32-bit (git-fixes). - seccomp: avoid overflow in implicit constant conversion (git-fixes). - rtlwifi: rtl8192de: Fix missing enable interrupt flag (git-fixes). - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer (git-fixes). - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address (git-fixes). - rtw88: fix error handling when setup efuse info (git-fixes). - rtw88: fix NSS of hw_cap (git-fixes). - rtw88: fix beaconing mode rsvd_page memory violation issue (git-fixes). - tpm: add check after commands attribs tab allocation (git-fixes). - commit 05bccb9 - power: supply: bd70528: Add MODULE_ALIAS to allow module auto loading (git-fixes). - PM / devfreq: Lock devfreq in trans_stat_show (git-fixes). - PM / devfreq: Check NULL governor in available_governors_show (git-fixes). - regulator: core: Let boot-on regulators be powered off (git-fixes). - regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id (git-fixes). - regulator: ab8500: Remove AB8505 USB regulator (git-fixes). - regulator: core: Release coupled_rdevs on regulator_init_coupling() error (git-fixes). - regulator: bd70528: Add MODULE_ALIAS to allow module auto loading (git-fixes). - rt2800: remove errornous duplicate condition (git-fixes). - rtlwifi: Remove unnecessary NULL check in rtl_regd_init (git-fixes). - commit c414c52 - PCI: rcar: Fix missing MACCTLR register setting in initialization sequence (git-fixes). - PCI: amlogic: Fix probed clock names (git-fixes). - PCI: dwc: Fix find_next_bit() usage (git-fixes). - PCI: aardvark: Fix PCI_EXP_RTCTL register configuration (git-fixes). - PCI: aardvark: Use LTSSM state to build link training flag (git-fixes). - PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (git-fixes). - PCI: Fix Intel ACS quirk UPDCR register address (git-fixes). - PCI/switchtec: Read all 64 bits of part_event_bitmap (git-fixes). - PCI: Do not use bus number zero from EA capability (git-fixes). - pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args call (git-fixes). - commit f1a197e - PCI: Fix missing bridge dma_ranges resource list cleanup (git-fixes). - PCI/PM: Clear PCIe PME Status even for legacy power management (git-fixes). - PCI/PTM: Remove spurious "d" from granularity message (git-fixes). - PCI: pciehp: Do not disable interrupt twice on suspend (git-fixes). - PCI: pciehp: Avoid returning prematurely from sysfs requests (git-fixes). - mtd: rawnand: brcmnand: Fix NULL pointer assignment (git-fixes). - mtd: rawnand: Change calculating of position page containing BBM (git-fixes). - mtd: spi-nor: fix silent truncation in spi_nor_read_raw() (git-fixes). - mtd: spi-nor: fix silent truncation in spi_nor_read() (git-fixes). - mtd: cfi_cmdset_0002: only check errors when ready in cfi_check_err_status() (git-fixes). - commit a7c6767 - mt76: mt76u: fix endpoint definition order (git-fixes). - Revert "mt76: mt76x0e: don't use hw encryption for MT7630E" (git-fixes). - mt76: mt76u: rely on usb_interface instead of usb_dev (git-fixes). - mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (git-fixes). - mtd: devices: fix mchp23k256 read and write (git-fixes). - mtd: spear_smi: Fix Write Burst mode (git-fixes). - commit 4c444cf - mfd: rk808: Fix RK818 ID template (git-fixes). - mei: fix modalias documentation (git-fixes). - mmc: core: fix wl1251 sdio quirks (git-fixes). - mmc: sdio: fix wl1251 vendor id (git-fixes). - mmc: sdhci-of-esdhc: fix up erratum A-008171 workaround (git-fixes). - media: hantro: Fix s_fmt for dynamic resolution changes (git-fixes). - media: aspeed-video: Fix memory leaks in aspeed_video_probe (git-fixes). - media: flexcop-usb: ensure -EIO is returned on error condition (git-fixes). - media: venus: remove invalid compat_ioctl32 handler (git-fixes). - commit 973a35e - media: cedrus: Use correct H264 8x8 scaling list (git-fixes). - media: exynos4-is: fix wrong mdev and v4l2 dev order in error path (git-fixes). - media: fdp1: Fix R-Car M3-N naming in debug message (git-fixes). - media: coda: fix deadlock between decoder picture run and start command (git-fixes). - media: exynos4-is: Fix recursive locking in isp_video_release() (git-fixes). - media: radio: wl1273: fix interrupt masking on release (git-fixes). - media: bdisp: fix memleak on release (git-fixes). - media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes). - media: v4l: cadence: Fix how unsued lanes are handled in 'csi2rx_start()' (git-fixes). - media: rc: mark input device as pointing stick (git-fixes). - commit 05115b9 - media: ov6650: Fix stored crop rectangle not in sync with hardware (git-fixes). - media: ov6650: Fix stored frame format not in sync with hardware (git-fixes). - media: ov6650: Fix default format not applied on device probe (git-fixes). - media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support (git-fixes). - media: ov6650: Fix some format attributes not under control (git-fixes). - media: ov6650: Fix incorrect use of JPEG colorspace (git-fixes). - media: ov6650: Fix crop rectangle alignment not passed back (git-fixes). - media: ov6650: Fix control handler not freed on init error (git-fixes). - media: ov6650: Fix MODULE_DESCRIPTION (git-fixes). - media: max2175: Fix build error without CONFIG_REGMAP_I2C (git-fixes). - commit f24d029 - leds: trigger: netdev: fix handling on interface rename (git-fixes). - media: rcar-vin: Fix incorrect return statement in rvin_try_format() (git-fixes). - media: vim2m: Fix abort issue (git-fixes). - media: vim2m: Fix BUG_ON in vim2m_device_release() (git-fixes). - media: seco-cec: Add a missing 'release_region()' in an error handling path (git-fixes). - iwlwifi: check kasprintf() return value (git-fixes). - iwlwifi: pcie: fix support for transmitting SKBs with fraglist (git-fixes). - mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (git-fixes). - iwlwifi: mvm: consider ieee80211 station max amsdu value (git-fixes). - kernfs: fix ino wrap-around detection (git-fixes). - commit 199f72e - Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash (git-fixes). - i2c: i2c-stm32f7: fix 10-bits check in slave free id search loop (git-fixes). - i2c: stm32f7: report dma error during probe (git-fixes). - i2c: stm32f7: fix & reorder remove & probe error handling (git-fixes). - i2c: stm32f7: rework slave_id allocation (git-fixes). - iio: adis16480: Add debugfs_reg_access entry (git-fixes). - iio: adis16480: Fix scales factors (git-fixes). - iio: imu: adis: assign value only if return code zero in read funcs (git-fixes). - iio: imu: adis: assign read val in debugfs hook only if op successful (git-fixes). - intel_th: Fix a double put_device() in error path (git-fixes). - commit a869d19 - docs: admin-guide: Remove threads-max auto-tuning (git-fixes). - docs: admin-guide: Fix min value of threads-max in kernel.rst (git-fixes). - HID: i2c-hid: Reset ALPS touchpads on resume (git-fixes). - gpio: mpc8xxx: Don't overwrite default irq_set_type callback (git-fixes). - Documentation: Fix warning in drm-kms-helpers.rst (git-fixes). - Documentation: debugfs: Document debugfs helper for unsigned long values (git-fixes). - iio: imu: adis16480: assign bias value only if operation succeeded (git-fixes). - hwmon: (pmbus/ibm-cffps) Switch LEDs to blocking brightness call (git-fixes). - gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist (git-fixes). - Documentation: TLS: Add missing counter description (git-fixes). - commit fc72e99 - docs: networking: devlink-trap: Fix reference to other document (git-fixes). - docs: Fix "make help" suggestion for SPHINXDIR (git-fixes). - docs: Catch up with the new location of get_user_pages_fast() (git-fixes). - cw1200: Fix a signedness bug in cw1200_load_firmware() (git-fixes). - crypto: virtio - deal with unsupported input sizes (git-fixes). - crypto: virtio - implement missing support for output IVs (git-fixes). - crypto: tgr192 - remove unneeded semicolon (git-fixes). - crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr (git-fixes). - crypto: atmel - Fix authenc support when it is set to m (git-fixes). - commit afa1ae2 - can: ucan: fix non-atomic allocation in completion handler (git-fixes). - can: slcan: Fix use-after-free Read in slcan_open (git-fixes). - compat_ioctl: handle SIOCOUTQNSD (git-fixes). - Bluetooth: Fix memory leak in hci_connect_le_scan (git-fixes). - Bluetooth: delete a stray unlock (git-fixes). - brcmfmac: disable PCIe interrupts before bus reset (git-fixes). - Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (git-fixes). - crypto: geode-aes - convert to skcipher API and make thread-safe (git-fixes). - crypto: geode-aes - switch to skcipher for cbc(aes) fallback (git-fixes). - crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize (git-fixes). - commit 1788826 - ASoC: fsl_audmix: Add spin lock to protect tdms (git-fixes). - ASoC: rsnd: fix DALIGN register for SSIU (git-fixes). - ALSA: cs4236: fix error return comparison of an unsigned integer (git-fixes). - ASoC: SOF: Intel: Broadwell: clarify mutual exclusion with legacy driver (git-fixes). - ASoC: soc-pcm: fixup dpcm_prune_paths() loop continue (git-fixes). - Revert "ASoC: SOF: Force polling mode on CFL and CNL" (git-fixes). - ASoC: simple_card_utils.h: Add missing include (git-fixes). - ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes). - ath10k: Correct error handling of dma_map_single() (git-fixes). - ath10k: Check if station exists before forwarding tx airtime report (git-fixes). - commit d2f34ae - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 (git-fixes). - ACPI: OSL: only free map once in osl.c (git-fixes). - ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge (git-fixes). - ACPI / utils: Move acpi_dev_get_first_match_dev() under CONFIG_ACPI (git-fixes). - ACPI: LPSS: Add dmi quirk for skipping _DEP check for some device-links (git-fixes). - ACPI: LPSS: Add LNXVIDEO -> BYT I2C1 to lpss_device_links (git-fixes). - ACPI: LPSS: Add LNXVIDEO -> BYT I2C7 to lpss_device_links (git-fixes). - commit e0be9a6 ++++ rdma-core: - Fix post scripts to work with systemd 244: udevadm has been moved from /sbin to /usr/bin and systemd is dropping the compat links now. ++++ mozjs60: - Remove Update-to-ICU-64-Part-3-Update-tests.patch, SLE is back to ICU 60.x. ++++ u-boot-rpiarm64: Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.10 * Fix bsc#1158357 by: * Patches added: 0024-rpi-fix-dram-bank-initialization.patch 0025-rpi-Enable-DRAM-bank-initialization.patch 0026-ARM-defconfig-Fix-32bit-config-for-.patch ------------------------------------------------------------------ ------------------ 2019-12-12 - Dec 12 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Kill the process group on timeout ++++ python-kiwi: - Fixed installation chapter in the documentation The chapter still outlines multipython support but we dropped support for python2 some time ago ++++ kernel-default: - hwrng: iproc-rng200 - Add support for BCM2711 (jsc#SLE-7772). - commit 5106a14 - USB: fix kABI padding (jsc#SLE-8133). - commit 2bf99e9 - typeC: add kABI padding (jsc#SLE-8133). - commit e45f332 - powerpc/pseries/mobility: notify network peers after migration (bsc#1152631 ltc#181798). - commit c61f369 - platform/x86: intel_pmc_core: Add Comet Lake (CML) platform support to intel_pmc_core driver (jsc#SLE-11113). - platform/x86: intel_pmc_core: Fix the SoC naming inconsistency (jsc#SLE-11113). - commit 1e10fa5 - x86/platform/uv: Account for UV Hubless in is_uvX_hub Ops (jsc#SLE-10790). - x86/platform/uv: Check EFI Boot to set reboot type (jsc#SLE-10790). - x86/platform/uv: Decode UVsystab Info (jsc#SLE-10790). - x86/platform/uv: Add UV Hubbed/Hubless Proc FS Files (jsc#SLE-10790). - x86/platform/uv: Setup UV functions for Hubless UV Systems (jsc#SLE-10790). - x86/platform/uv: Add return code to UV BIOS Init function (jsc#SLE-10790). - x86/platform/uv: Return UV Hubless System Type (jsc#SLE-10790). - x86/platform/uv: Save OEM_ID from ACPI MADT probe (jsc#SLE-10790). - commit a305bf3 - net/ibmvnic: Fix typo in retry check (bsc#1155689 ltc#182047). - commit 59fccb6 ++++ procps: - Add aptch procps-ng-3.3.16-comm_len.patch * "ps -C" does not allow anymore an argument longer than 15 characters (bsc#1158830) ++++ python3-core: - Unify all Python 3.6* SLE packages into one (jsc#SLE-9426, jsc#SLE-9427, bsc#1159035) - Patches which were already included upstream: - CVE-2018-1061-DOS-via-regexp-difflib.patch - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch ++++ podman: - Update podman to v1.6.4 - Remove winsz FIFO on container restart to allow use with Conmon 2.03 and higher - Ensure volumes reacquire locks on system restart, preventing deadlocks when starting containers - Suppress spurious log messages when running rootless Podman - Update vendored containers/storage to v1.13.6 - Fix a deadlock related to writing events - Do not use the journald event logger when it is not available - Remove obsolete patch container-start-fix.patch ++++ python3: - Unify all Python 3.6* SLE packages into one (jsc#SLE-9426, jsc#SLE-9427, bsc#1159035) - Patches which were already included upstream: - CVE-2018-1061-DOS-via-regexp-difflib.patch - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch ++++ salt: - Add missing bugzilla references: Properly handle colons in inline dicts with yamlloader (bsc#1095651) Fix corrupt public key with m2crypto python3 (bsc#1099323) Add missing dateutils import (bsc#1099945) Fix UnicodeDecodeError using is_binary check (bsc#1100225) Prevent payload crash on decoding binary data (bsc#1100697) Fix file.blockreplace to avoid throwing IndexError (bsc#1101812) Add API log rotation on SUSE package (bsc#1102218) Fix wrong recurse behavior on for linux_acl.present (bsc#1106164) Handle anycast IPv6 addresses on network.routes (bsc#1114474) Crontab module fix: file attributes option missing (bsc#1114824) Add metadata to accepted keyword arguments (bsc#1122680) Bugfix: properly refresh pillars (bsc#1125015) ++++ qemu: - Update to v4.2.0: See http://wiki.qemu.org/ChangeLog/4.2 Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package Some noteworthy changes: * x86: Denverton, Snowridge, and Dhyana CPU models added * x86: Latest version of all CPU models how have TSX (HLE and RTM) disabled by default * x86: Support for AVX512 BFloat16 extensions * x86: VMX features exposed more accurately and controllably * s390: TCG now implements IEP (Instruction Execution Protection) * PowerPC: POWER8 and POWER9 non-virtualized machines separated out * PowerPC: RTAS now comes from SLOF instead of QEMU itself * PowerPC: Unplug of multifunction PCI devices now unplugs the whole slot, as in x86 * ARM: Support for >256 CPUs with KVM is fixed * ARM: Memory hotplug now supported , when using UEFI, ACPI, for virt machine type * ARM: SVE support possuble now for KVM guests * ARM: ACPI generic event device can now deliver powerdown event * The backend device can be specified for a guest audio device * virtio v1.1 packed virtqueues supported * Socket based character device backends now support TCP keep-alive * Use encryption library cipher mode facilities, allowing improved performance for eg. AES-XTS encrption * Misc block device improvements, esp. with nbd - See the following few release-candidate changelog entries for additional changes related to this release - Switched package build to be out-of-tree ++++ rpm: - Consolidate beecrypt patches into 'beecrypt.diff' old patches: beecrypt-4.1.2.diff beecrypt-4.1.2-build.diff - Use libgcrypt as crypto library for SP2 [jsc#SLE-9552] new patch: libgcrypt.diff - Backport ndb fixes and enable ndb support [jsc#SLE-7272] new patch: ndb-backport.diff - Allow to disable bdb database support [jsc#SLE-7272] new patch: disable-bdb.diff - Rewrite rpmqpack to use rpm's database interface modified patch: rpmqpack.diff ------------------------------------------------------------------ ------------------ 2019-12-11 - Dec 11 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Add --persist-dir to allow callers to specify a directory that conmon should mirror certain important files that should persist reboots (right now, just the container exit file) ++++ glibc: - ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685) ++++ kernel-default: - mm: Implement no-MMU variant of vmalloc_user_node_flags (bsc#1154353). - bpf: Add bpf_jit_blinding_enabled for !CONFIG_BPF_JIT (bsc#1154353). - powerpc: Add const qual to local_read() parameter (bsc#1154353). - net: sfp: fix sfp_bus_add_upstream() warning (bsc#1154353). - commit 0920fda - RDMA/hns: Fix build error again (jsc#SLE-8449). - Update config files. - commit 56e934b - Update patch reference for wimax fix (CVE-2019-19051 bsc#1159024) - commit a70fc76 - arm64: move patches to sorted section No code change. - Refresh patches.suse/PCI-tegra-Fix-CLKREQ-dependency-programming.patch. - Refresh patches.suse/ahci-tegra-use-regulator_bulk_set_supply_names.patch. - Refresh patches.suse/arm64-kpti-Add-NVIDIA-s-Carmel-core-to-the-KPTI-whit.patch. - Refresh patches.suse/clk-Add-API-to-get-index-of-the-clock-parent.patch. - Refresh patches.suse/clk-tegra-Add-suspend-and-resume-support-on-Tegra210.patch. - Refresh patches.suse/clk-tegra-Fix-build-error-without-CONFIG_PM_SLEEP.patch. - Refresh patches.suse/clk-tegra-Move-SOR0-implementation-to-Tegra124.patch. - Refresh patches.suse/clk-tegra-Reimplement-SOR-clock-on-Tegra124.patch. - Refresh patches.suse/clk-tegra-Reimplement-SOR-clocks-on-Tegra210.patch. - Refresh patches.suse/clk-tegra-Remove-last-remains-of-TEGRA210_CLK_SOR1_S.patch. - Refresh patches.suse/clk-tegra-Rename-sor0_lvds-to-sor0_out.patch. - Refresh patches.suse/clk-tegra-Share-clk-and-rst-register-defines-with-Te.patch. - Refresh patches.suse/clk-tegra-Support-for-OSC-context-save-and-restore.patch. - Refresh patches.suse/clk-tegra-Use-fence_udelay-during-PLLU-init.patch. - Refresh patches.suse/clk-tegra-clk-dfll-Add-suspend-and-resume-support.patch. - Refresh patches.suse/clk-tegra-clk-super-Add-restore-context-support.patch. - Refresh patches.suse/clk-tegra-clk-super-Fix-to-enable-PLLP-branches-to-C.patch. - Refresh patches.suse/clk-tegra-divider-Save-and-restore-divider-rate.patch. - Refresh patches.suse/clk-tegra-periph-Add-restore_context-support.patch. - Refresh patches.suse/clk-tegra-pll-Save-and-restore-pll-context.patch. - Refresh patches.suse/clk-tegra-pllout-Save-and-restore-pllout-context.patch. - Refresh patches.suse/cpufreq-tegra124-Add-suspend-and-resume-support.patch. - Refresh patches.suse/dt-bindings-clock-tegra-Rename-SOR0_LVDS-to-SOR0_OUT.patch. - Refresh patches.suse/firmware-tegra-Move-BPMP-resume-to-noirq-phase.patch. - Refresh patches.suse/gpio-max77620-Do-not-allocate-IRQs-upfront.patch. - Refresh patches.suse/gpio-max77620-Fix-interrupt-handling.patch. - Refresh patches.suse/gpio-tegra186-Add-debounce-support.patch. - Refresh patches.suse/gpio-tegra186-Derive-register-offsets-from-bank-port.patch. - Refresh patches.suse/gpio-tegra186-Implement-wake-event-support.patch. - Refresh patches.suse/gpio-tegra186-Program-interrupt-route-mapping.patch. - Refresh patches.suse/iommu-tegra-smmu-Fix-client-enablement-order.patch. - Refresh patches.suse/iommu-tegra-smmu-Fix-page-tables-in-4-GiB-memory.patch. - Refresh patches.suse/iommu-tegra-smmu-Use-non-secure-register-for-flushin.patch. - Refresh patches.suse/memory-tegra-Set-DMA-mask-based-on-supported-address.patch. - Refresh patches.suse/mfd-max77620-Do-not-allocate-IRQs-upfront.patch. - Refresh patches.suse/net-stmmac-Only-enable-enhanced-addressing-mode-when.patch. - Refresh patches.suse/net-stmmac-Support-enhanced-addressing-mode-for-DWMA.patch. - Refresh patches.suse/phy-tegra-use-regulator_bulk_set_supply_names.patch. - Refresh patches.suse/phy-tegra-xusb-Add-XUSB-dual-mode-support-on-Tegra21.patch. - Refresh patches.suse/phy-tegra-xusb-Add-usb3-port-fake-support-on-Tegra21.patch. - Refresh patches.suse/phy-tegra-xusb-Add-vbus-override-support-on-Tegra186.patch. - Refresh patches.suse/phy-tegra-xusb-Add-vbus-override-support-on-Tegra210.patch. - Refresh patches.suse/soc-tegra-fuse-Add-FUSE-clock-check-in-tegra_fuse_re.patch. - Refresh patches.suse/soc-tegra-pmc-Add-missing-IRQ-callbacks-on-Tegra194.patch. - Refresh patches.suse/soc-tegra-pmc-Add-reset-sources-and-levels-on-Tegra1.patch. - Refresh patches.suse/soc-tegra-pmc-Add-wake-event-support-on-Tegra210.patch. - Refresh patches.suse/soc-tegra-pmc-Configure-core-power-request-polarity.patch. - Refresh patches.suse/soc-tegra-pmc-Configure-deep-sleep-control-settings.patch. - Refresh patches.suse/soc-tegra-pmc-Fix-crashes-for-hierarchical-interrupt.patch. - Refresh patches.suse/soc-tegra-pmc-Support-wake-events-on-more-Tegra-SoCs.patch. - Refresh patches.suse/soc-tegra-pmc-Use-lower-case-for-hexadecimal-literal.patch. - Refresh patches.suse/usb-host-xhci-tegra-Add-Tegra194-XHCI-support.patch. - Refresh patches.suse/usb-host-xhci-tegra-Correct-phy-enable-sequence.patch. - Refresh patches.suse/usb-host-xhci-tegra-use-devm_platform_ioremap_resour.patch. - Refresh patches.suse/usb-host-xhci-tegra-use-regulator_bulk_set_supply_na.patch. - Refresh patches.suse/xhci-tegra-Parameterize-mailbox-register-addresses.patch. - commit 3cb7073 - net/tls: allow compiling TLS TOE out (bsc#1154353). - Update config files. - commit 6230ee0 - drivers/perf: Add CCPI2 PMU support in ThunderX2 UNCORE driver (jsc#SLE-10207,jsc#SLE-9619). - Documentation: perf: Update documentation for ThunderX2 PMU uncore driver (jsc#SLE-10207,jsc#SLE-9619). - commit 1b0c5b1 - bpf: Introduce BPF trampoline (bsc#1154353). - Refresh patches.suse/bpf-Fix-race-in-btf_resolve_helper_id.patch. - commit f6e150b - KVM: x86: Remove a spurious export of a static function (bsc#1158954). - commit 00bd7c4 - bpf: Track contents of read-only maps as scalars (bsc#1154353). - Refresh patches.suse/bpf-Implement-accurate-raw_tp-context-access-via-BTF.patch. - commit 188f581 - net: sockmap: use bitmap for copy info (bsc#1154353). - Refresh patches.suse/net-skmsg-fix-TLS-1.3-crash-with-full-sk_msg.patch. - commit daf1422 - patches.suse/block-Warn-if-elevator-parameter-is-used.patch: Update tags - commit ef8c281 - net_sched: validate TCA_KIND attribute in tc_chain_tmplt_add() (bsc#1154353). - inet: protect against too small mtu values (bsc#1154353). - gre: refetch erspan header from skb->data after pskb_may_pull() (bsc#1154353). - tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE() (bsc#1154353). - tcp: tighten acceptance of ACKs not matching a child socket (bsc#1154353). - tcp: fix rejected syncookies due to stale timestamps (bsc#1154353). - net/mlx5e: E-switch, Fix Ingress ACL groups in switchdev mode for prio tag (jsc#SLE-8464). - net/mlx5e: ethtool, Fix analysis of speed setting (jsc#SLE-8464). - net/mlx5e: Fix translation of link mode into speed (jsc#SLE-8464). - net/mlx5e: Fix free peer_flow when refcount is 0 (jsc#SLE-8464). - net/mlx5e: Fix freeing flow with kfree() and not kvfree() (jsc#SLE-8464). - net/mlx5e: Fix SFF 8472 eeprom length (jsc#SLE-8464). - net/mlx5e: Query global pause state before setting prio2buffer (jsc#SLE-8464). - net/mlx5e: Fix TXQ indices to be sequential (jsc#SLE-8464). - tcp: md5: fix potential overestimation of TCP option space (bsc#1154353). - net-sysfs: Call dev_hold always in netdev_queue_add_kobject (bsc#1154353). - net/tls: Fix return values to avoid ENOTSUPP (bsc#1154353). - net: avoid an indirect call in ____sys_recvmsg() (bsc#1154353). - mqprio: Fix out-of-bounds access in mqprio_dump (bsc#1154353). - bpf: Fix a bug when getting subprog 0 jited image in check_attach_btf_id (bsc#1154353). - net: hns3: fix VF ID issue for setting VF VLAN (bsc#1154353). - net: hns3: fix a use after free problem in hns3_nic_maybe_stop_tx() (bsc#1154353). - net: hns3: fix for TX queue not restarted problem (bsc#1154353). - hsr: fix a NULL pointer dereference in hsr_dev_xmit() (bsc#1154353). - net: Fixed updating of ethertype in skb_mpls_push() (bsc#1154353). - net: sfp: fix hwmon (bsc#1154353). - net: sfp: fix unbind (bsc#1154353). - xdp: obtain the mem_id mutex before trying to remove an entry (bsc#1154353). - act_ct: support asymmetric conntrack (bsc#1154353). - net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (bsc#1154353). - net: ipv6: add net argument to ip6_dst_lookup_flow (bsc#1154353). - cls_flower: Fix the behavior using port ranges with hw-offload (bsc#1154353). - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues (bsc#1154353). - tcp: refactor tcp_retransmit_timer() (bsc#1154353). - net/core: Populate VF index in struct ifla_vf_guid (bsc#1154353). - net: bridge: deny dev_set_mac_address() when unregistering (bsc#1154353). - net: fix a leak in register_netdevice() (bsc#1154353). - Fixed updating of ethertype in function skb_mpls_pop (bsc#1154353). - sch_cake: Add missing NLA policy entry TCA_CAKE_SPLIT_GSO (bsc#1154353). - bpf: Fix build in minimal configurations (bsc#1154353). - bpf: Fix static checker warning (bsc#1154353). - SUNRPC: Fix backchannel latency metrics (bsc#1154353). - SUNRPC: Fix svcauth_gss_proxy_init() (bsc#1154353). - SUNRPC: Trace gssproxy upcall results (bsc#1154353). - sunrpc: fix crash when cache_head become valid before update (bsc#1154353). - svcrdma: Improve DMA mapping trace points (bsc#1154353). - SUNRPC: Capture completion of all RPC tasks (bsc#1154353). - SUNRPC: Fix another issue with MIC buffer space (bsc#1154353). - xprtrdma: Replace dprintk in xprt_rdma_set_port (bsc#1154353). - xprtrdma: Replace dprintk() in rpcrdma_update_connect_private() (bsc#1154353). - xprtrdma: Refine trace_xprtrdma_fixup (bsc#1154353). - xprtrdma: Report the computed connect delay (bsc#1154353). - xprtrdma: Wake tasks after connect worker fails (bsc#1154353). - xprtrdma: Pull up sometimes (bsc#1154353). - xprtrdma: Refactor rpcrdma_prepare_msg_sges() (bsc#1154353). - xprtrdma: Move the rpcrdma_sendctx::sc_wr field (bsc#1154353). - xprtrdma: Remove rpcrdma_sendctx::sc_device (bsc#1154353). - xprtrdma: Remove rpcrdma_sendctx::sc_xprt (bsc#1154353). - xprtrdma: Ensure ri_id is stable during MR recycling (bsc#1154353). - xprtrdma: Manage MRs in context of a single connection (bsc#1154353). - xprtrdma: Fix MR list handling (bsc#1154353). - xprtrdma: Close window between waking RPC senders and posting Receives (bsc#1154353). - xprtrdma: Initialize rb_credits in one place (bsc#1154353). - xprtrdma: Connection becomes unstable after a reconnect (bsc#1154353). - SUNRPC: Add trace points to observe transport congestion control (bsc#1154353). - SUNRPC: Eliminate log noise in call_reserveresult (bsc#1154353). - SUNRPC: Avoid RPC delays when exiting suspend (bsc#1154353). - net/mlx5e: Fix build error without IPV6 (jsc#SLE-8464). - net: inet_is_local_reserved_port() port arg should be unsigned short (bsc#1154353). - IB: mlx5: no need to check return value of debugfs_create functions (jsc#SLE-8446). - RDMA/hns: Delete unnecessary callback functions for cq (jsc#SLE-8449). - RDMA/hns: Rename the functions used inside creating cq (jsc#SLE-8449). - RDMA/hns: Redefine the member of hns_roce_cq struct (jsc#SLE-8449). - RDMA/hns: Redefine interfaces used in creating cq (jsc#SLE-8449). - RDMA/efa: Expose RDMA read related attributes (jsc#SLE-5640). - RDMA/efa: Support remote read access in MR registration (jsc#SLE-5640). - RDMA/efa: Store network attributes in device attributes (jsc#SLE-5640). - IB/hfi1: remove redundant assignment to variable ret (jsc#SLE-8449). - RDMA/bnxt_re: Fix missing le16_to_cpu (jsc#SLE-8372 bsc#1153275). - RDMA/bnxt_re: Fix chip number validation Broadcom's Gen P5 series (jsc#SLE-8372 bsc#1153275). - RDMA/bnxt_re: Fix Kconfig indentation (jsc#SLE-8372 bsc#1153275). - IB/mlx5: Implement callbacks for getting VFs GUID attributes (jsc#SLE-8446). - IB/ipoib: Add ndo operation for getting VFs GUID attributes (jsc#SLE-8449). - IB/core: Add interfaces to get VF node and port GUIDs (jsc#SLE-8449). - net/core: Add support for getting VF GUIDs (jsc#SLE-8449). - RDMA/qedr: Fix null-pointer dereference when calling rdma_user_mmap_get_offset (jsc#SLE-8215). - RDMA/cm: Use refcount_t type for refcount variable (jsc#SLE-8449). - IB/mlx5: Support extended number of strides for Striding RQ (jsc#SLE-8446). - IB/mlx4: Update HW GID table while adding vlan GID (jsc#SLE-8461). - RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' (jsc#SLE-8392). - RDMA/cma: Use ACK timeout for RoCE packetLifeTime (jsc#SLE-8449). - RDMA/efa: Clear the admin command buffer prior to its submission (jsc#SLE-5640). - RDMA/siw: Cleanup unused mmap structures (jsc#SLE-8381). - RDMA/qedr: Make qedr_iw_load_qp() static (jsc#SLE-8215). - RDMA/ocrdma: Fix spelling mistake in variable name (jsc#SLE-8449). - RDMA/qib: Validate ->show()/store() callbacks before calling them (jsc#SLE-8449). - RDMA/i40iw: Fix potential use after free (jsc#SLE-8449). - RDMA/qedr: Fix potential use after free (jsc#SLE-8215). - RDMA/srpt: Report the SCSI residual to the initiator (jsc#SLE-8449). - IB/mlx5: Support flow counters offset for bulk counters (jsc#SLE-8446). - RDMA: Change MAD processing function to remove extra casting and parameter (jsc#SLE-8449). - RDMA/hfi1: Delete unreachable code (jsc#SLE-8449). - RDMA/hns: Modify appropriate printings (jsc#SLE-8449). - RDMA/hns: Fix non-standard error codes (jsc#SLE-8449). - RDMA/hns: Modify hns_roce_hw_v2_get_cfg to simplify the code (jsc#SLE-8449). - RDMA/hns: Simplify doorbell initialization code (jsc#SLE-8449). - RDMA/hns: Replace not intuitive function/macro names (jsc#SLE-8449). - RDMA/hns: Modify fields of struct hns_roce_srq (jsc#SLE-8449). - RDMA/hns: Delete unnecessary uar from hns_roce_cq (jsc#SLE-8449). - RDMA/hns: Remove unnecessary structure hns_roce_sqp (jsc#SLE-8449). - RDMA/hns: Delete unnecessary variable max_post (jsc#SLE-8449). - RDMA/mlx5: Rewrite MAD processing logic to be readable (jsc#SLE-8446). - RDMA/ocrdma: Simplify process_mad function (jsc#SLE-8449). - RDMA/mad: Do not check MAD sizes in roce and ib drivers (jsc#SLE-8449). - RDMA/ocrdma: Make ocrdma_pma_counters() return void (jsc#SLE-8449). - RDMA/mad: Allocate zeroed MAD buffer (jsc#SLE-8449). - RDMA/qib: Delete empty check_cc_key function (jsc#SLE-8449). - RDMA/qib: Delete extra line (jsc#SLE-8449). - RDMA/mad: Delete never implemented functions (jsc#SLE-8449). - Revert "RDMA/srpt: Postpone HCA removal until after configfs directory removal" (jsc#SLE-8449). - RDMA/qedr: Remove unsupported modify_port callback (jsc#SLE-8215). - RDMA/ocrdma: Remove unsupported modify_port callback (jsc#SLE-8449). - RDMA/hns: Remove unsupported modify_port callback (jsc#SLE-8449). - RDMA/core: Fix return code when modify_port isn't supported (jsc#SLE-8449). - RDMA/qedr: Add iWARP doorbell recovery support (jsc#SLE-8215). - RDMA/qedr: Add doorbell overflow recovery support (jsc#SLE-8215). - RDMA/qedr: Use the common mmap API (jsc#SLE-8215). - RDMA/siw: Use the common mmap_xa helpers (jsc#SLE-8381). - RDMA/efa: Use the common mmap_xa helpers (jsc#SLE-5640). - RDMA: Connect between the mmap entry and the umap_priv structure (jsc#SLE-8449). - RDMA/core: Create mmap database and cookie helper functions (jsc#SLE-8449). - RDMA/core: Move core content from ib_uverbs to ib_core (jsc#SLE-8449). - IB/mlx5: Test write combining support (jsc#SLE-8446). - RDMA/mlx5: Return proper error value (jsc#SLE-8446). - RDMA/odp: Remove broken debugging call to invalidate_range (jsc#SLE-8449). - RDMA/mlx5: Do not race with mlx5_ib_invalidate_range during create and destroy (jsc#SLE-8446). - RDMA/mlx5: Do not store implicit children in the odp_mkeys xarray (jsc#SLE-8446). - RDMA/mlx5: Rework implicit ODP destroy (jsc#SLE-8446). - RDMA/mlx5: Avoid double lookups on the pagefault path (jsc#SLE-8446). - RDMA/mlx5: Reduce locking in implicit_mr_get_data() (jsc#SLE-8446). - RDMA/mlx5: Use an xarray for the children of an implicit ODP (jsc#SLE-8446). - RDMA/mlx5: Split implicit handling from pagefault_mr (jsc#SLE-8446). - RDMA/mlx5: Set the HW IOVA of the child MRs to their place in the tree (jsc#SLE-8446). - RDMA/mlx5: Lift implicit_mr_alloc() into the two routines that call it (jsc#SLE-8446). - RDMA/mlx5: Rework implicit_mr_get_data (jsc#SLE-8446). - RDMA/mlx5: Delete struct mlx5_priv->mkey_table (jsc#SLE-8446). - RDMA/mlx5: Use a dedicated mkey xarray for ODP (jsc#SLE-8446). - RDMA/mlx5: Split sig_err MR data into its own xarray (jsc#SLE-8446). - RDMA/mlx5: Use SRCU properly in ODP prefetch (jsc#SLE-8446). - RDMA/vmw_pvrdma: Use resource ids from physical device if available (jsc#SLE-8449). - RDMA/core: Set DMA parameters correctly (jsc#SLE-8449). - RDMA/siw: Increase DMA max_segment_size parameter (jsc#SLE-8381). - RDMA/rxe: Increase DMA max_segment_size parameter (jsc#SLE-8449). - RDMA/siw: Fix post_recv QP state locking (jsc#SLE-8381). - RDMA/iw_cxgb4: Report correct port speed/width (jsc#SLE-8392). - RDMA/qedr: Fix memory leak in user qp and mr (jsc#SLE-8215). - RDMA/qedr: Fix synchronization methods and memory leaks in qedr (jsc#SLE-8215). - RDMA/qedr: Fix qpids xarray api used (jsc#SLE-8215). - RDMA/qedr: Fix srqs xarray initialization (jsc#SLE-8215). - RDMA/hns: Fix memory leak on 'context' on error return path (jsc#SLE-8449). - RDMA/hns: Bugfix for qpc/cqc timer configuration (jsc#SLE-8449). - RDMA/hns: Fix to support 64K page for srq (jsc#SLE-8449). - RDMA/srpt: Fix TPG creation (jsc#SLE-8449). - RDMA/hns: Delete BITS_PER_BYTE redefinition (jsc#SLE-8449). - RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size() (jsc#SLE-8449). - RDMA/cm: Update copyright together with SPDX tag (jsc#SLE-8449). - RDMA/cm: Use specific keyword to check define (jsc#SLE-8449). - RDMA/cm: Delete unused cm_is_active_peer function (jsc#SLE-8449). - RDMA/rxe: Remove useless rxe_init_device_param assignments (jsc#SLE-8449). - RDMA/core: Check that process is still alive before sending it to the users (jsc#SLE-8449). - RDMA/restrack: Remove PID namespace support (jsc#SLE-8449). - IB/core: Do not notify GID change event of an unregistered device (jsc#SLE-8449). - IB/mlx5: Align usage of QP1 create flags with rest of mlx5 defines (jsc#SLE-8446). - IB/mlx5: Remove dead code (jsc#SLE-8446). - RDMA/uverbs: Add a check for uverbs_attr_get to uverbs_copy_to_struct_or_zero (jsc#SLE-8449). - IB/cma: Honor traffic class from lower netdevice for RoCE (jsc#SLE-8449). - RDMA/nldev: Provide MR statistics (jsc#SLE-8449). - RDMA/mlx5: Return ODP type per MR (jsc#SLE-8446). - RDMA/nldev: Allow different fill function per resource (jsc#SLE-8449). - IB/mlx5: Introduce ODP diagnostic counters (jsc#SLE-8446). - infiniband: fix sw/rdmavt/ kernel-doc notation (jsc#SLE-8449). - infiniband: fix core/ kernel-doc notation (jsc#SLE-8449). - infiniband: fix ulp/iser/iser_initiator.c kernel-doc warnings (jsc#SLE-8449). - infiniband: fix ulp/iser/iser_verbs.c kernel-doc notation (jsc#SLE-8449). - infiniband: fix core/verbs.c kernel-doc notation (jsc#SLE-8449). - infiniband: fix ulp/srpt/ib_srpt.h kernel-doc notation (jsc#SLE-8449). - infiniband: fix ulp/opa_vnic/opa_vnic_internal.h kernel-doc notation (jsc#SLE-8449). - infiniband: fix ulp/iser/iscsi_iser.h kernel-doc warnings (jsc#SLE-8449). - infiniband: fix core/ipwm_util.h kernel-doc warnings (jsc#SLE-8449). - infiniband: fix ulp/iser/iscsi_iser. kernel-doc notation (jsc#SLE-8449). - RDMA/mlx5: Add capability for max sge to get optimized performance (jsc#SLE-8446). - RDMA/rw: Support threshold for registration vs scattering to local pages (jsc#SLE-8449). - RDMA/siw: Fix SQ/RQ drain logic (jsc#SLE-8381). - ib/srp: Add missing new line after displaying fast_io_fail_tmo param (jsc#SLE-8449). - RDMA/hns: Release qp resources when failed to destroy qp (jsc#SLE-8449). - RDMA/hns: Fix a spelling mistake in a macro (jsc#SLE-8449). - RDMA/hns: Modify return value of restrack functions (jsc#SLE-8449). - RDMA/hns: Modify variable/field name from vlan to vlan_id (jsc#SLE-8449). - RDMA/hns: Fix wrong parameters when initial mtt of srq->idx_que (jsc#SLE-8449). - RDMA/hns: remove a redundant le16_to_cpu (jsc#SLE-8449). - IB/mlx5: Introduce and use mkey context setting helper routine (jsc#SLE-8446). - RDMA/iser: Use iser_err instead of pr_err for logging (jsc#SLE-8449). - RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series (jsc#SLE-8372 bsc#1153275). - RDMA/srp: Calculate max_it_iu_size if remote max_it_iu length available (jsc#SLE-8449). - RDMA/srp: Add parse function for maximum initiator to target IU size (jsc#SLE-8449). - IB/cm: Use container_of() instead of typecast (jsc#SLE-8449). - IB/mlx5: Remove unnecessary else statement (jsc#SLE-8446). - IB/mlx5: Remove unnecessary return statement (jsc#SLE-8446). - RDMA/mlx5: Group boolean parameters to take less space (jsc#SLE-8446). - RDMA/srpt: Postpone HCA removal until after configfs directory removal (jsc#SLE-8449). - RDMA/srpt: Make the code for handling port identities more systematic (jsc#SLE-8449). - RDMA/srpt: Rework the code that waits until an RDMA port is no longer in use (jsc#SLE-8449). - RDMA/srpt: Rework the approach for closing an RDMA channel (jsc#SLE-8449). - RDMA/srpt: Improve a debug message (jsc#SLE-8449). - RDMA/srpt: Fix handling of iWARP logins (jsc#SLE-8449). - RDMA/srpt: Fix handling of SR-IOV and iWARP ports (jsc#SLE-8449). - RDMA/srp: Make route resolving error messages more informative (jsc#SLE-8449). - RDMA/srp: Honor the max_send_sge device attribute (jsc#SLE-8449). - RDMA/srp: Remove two casts (jsc#SLE-8449). - RDMA/siw: Make node GUIDs valid EUI-64 identifiers (jsc#SLE-8381). - RDMA/rxe: Verify modify_device mask (jsc#SLE-8449). - RDMA/bnxt_re: Remove unsupported modify_device callback (jsc#SLE-8372 bsc#1153275). - RDMA/core: Fix return code when modify_device isn't supported (jsc#SLE-8449). - RDMA/siw: Fix port number endianness in a debug message (jsc#SLE-8381). - RDMA/siw: Simplify several debug messages (jsc#SLE-8381). - IB/iser: remove redundant macro definitions (jsc#SLE-8449). - IB/iser: bound protection_sg size by data_sg size (jsc#SLE-8449). - IB/iser: add unlikely checks in the fast path (jsc#SLE-8449). - RDMA/counter: Prevent QP counter manual binding in auto mode (jsc#SLE-8449). - net/sched: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1154353). - net/netfilter: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1154353). - net/core: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1154353). - bpf/cgroup: Replace rcu_swap_protected() with rcu_replace_pointer() (bsc#1154353). - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() (bsc#1154353). - net: phy: add helpers phy_(un)lock_mdio_bus (bsc#1154353). - bpf: Simplify __bpf_arch_text_poke poke type handling (bsc#1154353). - bpf, x86: Emit patchable direct jump as tail call (bsc#1154353). - bpf: Constant map key tracking for prog array pokes (bsc#1154353). - bpf: Add poke dependency tracking for prog array maps (bsc#1154353). - bpf: Add initial poke descriptor table for jit images (bsc#1154353). - bpf: Move owner type, jited info into array auxiliary data (bsc#1154353). - bpf: Move bpf_free_used_maps into sleepable section (bsc#1154353). - bpf, x86: Generalize and extend bpf_arch_text_poke for direct jumps (bsc#1154353). - bpf: Provide better register bounds after jmp32 instructions (bsc#1154353). - xsk: Fix xsk_poll()'s return type (bsc#1154353). - mlxsw: spectrum_router: Fix use of uninitialized adjacency index (bsc#1154488). - mlxsw: spectrum_router: After underlay moves, demote conflicting tunnels (bsc#1154488). - bnxt_en: Add support for flashing the device via devlink (jsc#SLE-8371 bsc#1153274). - bnxt_en: Allow PHY settings on multi-function or NPAR PFs if allowed by FW (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add async. event logic for PHY configuration changes (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor the initialization of the ethtool link settings (jsc#SLE-8371 bsc#1153274). - bnxt_en: Skip disabling autoneg before PHY loopback when appropriate (jsc#SLE-8371 bsc#1153274). - bnxt_en: Assign more RSS context resources to the VFs (jsc#SLE-8371 bsc#1153274). - bnxt_en: Initialize context memory to the value specified by firmware (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix suspend/resume path on 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Send FUNC_RESOURCE_QCAPS command in bnxt_resume() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Combine 2 functions calling the same HWRM_DRV_RGTR fw command (jsc#SLE-8371 bsc#1153274). - bnxt_en: Do driver unregister cleanup in bnxt_init_one() failure path (jsc#SLE-8371 bsc#1153274). - bnxt_en: Disable/enable Bus master during suspend/resume (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add chip IDs for 57452 and 57454 chips (jsc#SLE-8371 bsc#1153274). - sfc: fix build without CONFIG_RFS_ACCEL (jsc#SLE-8314). - net: gro: use vlan API instead of accessing directly (bsc#1154353). - net/mlx5e: Remove redundant pointer check (jsc#SLE-8464). - net/mlx5e: TC, Stub out ipv6 tun create header function (jsc#SLE-8464). - net/mlx5: DR, Add support for Geneve packets SW steering (jsc#SLE-8464). - net/mlx5: DR, Add HW bits and definitions for Geneve flex parser (jsc#SLE-8464). - net/mlx5: DR, Refactor VXLAN GPE flex parser tunnel code for SW steering (jsc#SLE-8464). - net/mlx5: Don't write read-only fields in MODIFY_HCA_VPORT_CONTEXT command (jsc#SLE-8464). - net: use rhashtable_lookup() instead of rhashtable_lookup_fast() (bsc#1154353). - net: phy: initialise phydev speed and duplex sanely (bsc#1154353). - net: phy: remove phy_ethtool_sset() (bsc#1154353). - sfc: do ARFS expiry work occasionally even without NAPI poll (jsc#SLE-8314). - sfc: add statistics for ARFS (jsc#SLE-8314). - sfc: suppress MCDI errors from ARFS (jsc#SLE-8314). - sfc: change ARFS expiry mechanism (jsc#SLE-8314). - ice: Update FW API minor version (jsc#SLE-7926). - ice: remove pointless NULL check of port_info (jsc#SLE-7926). - ice: Implement ethtool ops for channels (jsc#SLE-7926). - ice: implement VF stats NDO (jsc#SLE-7926). - ice: add helpers for virtchnl (jsc#SLE-7926). - ice: Add ice_pf_to_dev(pf) macro (jsc#SLE-7926). - ice: Do not use devm* functions for local uses (jsc#SLE-7926). - ice: Refactor removal of VLAN promiscuous rules (jsc#SLE-7926). - ice: Fix setting coalesce to handle DCB configuration (jsc#SLE-7926). - ice: Only disable VF state when freeing each VF resources (jsc#SLE-7926). - ice: fix stack leakage (jsc#SLE-7926). - ice: Don't modify stripping for add/del VLANs on VF (jsc#SLE-7926). - ice: Disallow VF VLAN opcodes if VLAN offloads disabled (jsc#SLE-7926). - ice: Correct capabilities reporting of max TCs (jsc#SLE-7926). - ice: Store number of functions for the device (jsc#SLE-7926). - net: inet_is_local_reserved_port() should return bool not int (bsc#1154353). - cxgb4: add stats for MQPRIO QoS offload Tx path (jsc#SLE-8389). - cxgb4: add UDP segmentation offload support (jsc#SLE-8389). - cxgb4/chcr: update SGL DMA unmap for USO (jsc#SLE-8389). - seg6: allow local packet processing for SRv6 End.DT6 behavior (bsc#1154353). - ipv4: use dst hint for ipv4 list receive (bsc#1154353). - ipv4: move fib4_has_custom_rules() helper to public header (bsc#1154353). - ipv6: introduce and uses route look hints for list input (bsc#1154353). - ipv6: keep track of routes using src (bsc#1154353). - ipv6: add fib6_has_custom_rules() helper (bsc#1154353). - bpf: skmsg, fix potential psock NULL pointer dereference (bsc#1154353). - lwtunnel: check erspan options before allocating tun_info (bsc#1154353). - lwtunnel: be STRICT to validate the new LWTUNNEL_IP(6)_OPTS (bsc#1154353). - net: remove the unnecessary strict_start_type in some policies (bsc#1154353). - net: sched: allow flower to match erspan options (bsc#1154353). - net: sched: allow flower to match vxlan options (bsc#1154353). - net: sched: add erspan option support to act_tunnel_key (bsc#1154353). - net: sched: add vxlan option support to act_tunnel_key (bsc#1154353). - net: sfp: soft status and control support (bsc#1154353). - net: sfp: add some quirks for GPON modules (bsc#1154353). - net: sfp: add support for module quirks (bsc#1154353). - tcp: warn if offset reach the maxlen limit when using snprintf (bsc#1154353). - ip_gre: Make none-tun-dst gre tunnel store tunnel info as metadat_dst in recv (bsc#1154353). - bpf: Switch bpf_map_{area_alloc,area_mmapable_alloc}() to u64 size (bsc#1154353). - bpf: Make array_map_mmap static (bsc#1154353). - bpf: Fix memory leak on object 'data' (bsc#1154353). - bpf: Add mmap() support for BPF_MAP_TYPE_ARRAY (bsc#1154353). - bpf: Convert bpf_prog refcnt to atomic64_t (bsc#1154353). - bpf: Switch bpf_map ref counter to atomic64_t so bpf_map_inc() never fails (bsc#1154353). - bpf: Support attaching tracing BPF program to other BPF programs (bsc#1154353). - bpf: Compare BTF types of functions arguments with actual types (bsc#1154353). - bpf: Annotate context types (bsc#1154353). - bpf: Reserve space for BPF trampoline in BPF programs (bsc#1154353). - bpf: Add kernel test functions for fentry testing (bsc#1154353). - bpf: Add bpf_arch_text_poke() helper (bsc#1154353). - bpf: Refactor x86 JIT into helpers (bsc#1154353). - bpf: Support doubleword alignment in bpf_jit_binary_alloc (bsc#1154353). - bpf: Add array support to btf_struct_access (bsc#1154353). - net: ipconfig: Wait for deferred device probes (bsc#1154353). - net: page_pool: add the possibility to sync DMA memory for device (bsc#1154353). - net: sched: pie: enable timestamp based delay calculation (bsc#1154353). - cxgb4: add TC-MATCHALL classifier ingress offload (jsc#SLE-8389). - cxgb4: check rule prio conflicts before offload (jsc#SLE-8389). - cxgb4: add TC-MATCHALL classifier egress offload (jsc#SLE-8389). - net/mlx5e: Rx, Update page pool numa node when changed (jsc#SLE-8464). - page_pool: Don't recycle non-reusable pages (bsc#1154353). - page_pool: Add API to update numa node (bsc#1154353). - lwtunnel: add support for multiple geneve opts (bsc#1154353). - cxgb4: remove unneeded semicolon for switch block (jsc#SLE-8389). - lwtunnel: change to use nla_put_u8 for LWTUNNEL_IP_OPT_ERSPAN_VER (bsc#1154353). - bnxt_en: Abort waiting for firmware response if there is no heartbeat (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add a warning message for driver initiated reset (jsc#SLE-8371 bsc#1153274). - bnxt_en: Return proper error code for non-existent NVM variable (jsc#SLE-8371 bsc#1153274). - bnxt_en: Report health status update after reset is done (jsc#SLE-8371 bsc#1153274). - bnxt_en: Set MASTER flag during driver registration (jsc#SLE-8371 bsc#1153274). - bnxt_en: Extend ETHTOOL_RESET to hot reset driver (jsc#SLE-8371 bsc#1153274). - bnxt_en: Increase firmware response timeout for coredump commands (jsc#SLE-8371 bsc#1153274). - bnxt_en: Improve RX buffer error handling (jsc#SLE-8371 bsc#1153274). - bnxt_en: Update firmware interface spec to 1.10.1.12 (jsc#SLE-8371 bsc#1153274). - page_pool: add destroy attempts counter and rename tracepoint (bsc#1154353). - xdp: remove memory poison on free for struct xdp_mem_allocator (bsc#1154353). - net: phy: avoid matching all-ones clause 45 PHY IDs (bsc#1154353). - net: phy: marvell10g: add SFP+ support (bsc#1154353). - net: phy: add core phylib sfp support (bsc#1154353). - net: phylink: update to use phy_support_asym_pause() (bsc#1154353). - bonding: symmetric ICMP transmit (bsc#1154353). - net: core: allow fast GRO for skbs with Ethernet header in head (bsc#1154353). - bnx2x: Remove hw_reset_t function casts (bsc#1154395). - bnx2x: Remove format_fw_ver_t function casts (bsc#1154395). - bnx2x: Remove config_init_t function casts (bsc#1154395). - bnx2x: Remove read_status_t function casts (bsc#1154395). - bnx2x: Drop redundant callback function casts (bsc#1154395). - page_pool: do not release pool until inflight == 0 (bsc#1154353). - tun: fix data-race in gro_normal_list() (bsc#1154353). - mlxsw: spectrum_router: Allocate discard adjacency entry when needed (bsc#1154488). - net/tls: Fix unused function warning (bsc#1154353). - net/mlx5: Add devlink reload (jsc#SLE-8464). - net/mlx5e: Set netdev name space on creation (jsc#SLE-8464). - net/mlx5: Remove redundant NULL initializations (jsc#SLE-8464). - net/mlx5: Read num_vfs before disabling SR-IOV (jsc#SLE-8464). - net/mlx5: DR, Fix matcher builders select check (jsc#SLE-8464). - net/mlx5: Add new chain for netfilter flow table offload (jsc#SLE-8464). - net/mlx5: Refactor creating fast path prio chains (jsc#SLE-8464). - net/mlx5: Accumulate levels for chains prio namespaces (jsc#SLE-8464). - net/mlx5: Define fdb tc levels per prio (jsc#SLE-8464). - net/mlx5: Rename FDB_* tc related defines to FDB_TC_* defines (jsc#SLE-8464). - net/mlx5: Simplify fdb chain and prio eswitch defines (jsc#SLE-8464). - IB/mlx5: Load profile according to RoCE enablement state (jsc#SLE-8446). - IB/mlx5: Rename profile and init methods (jsc#SLE-8446). - net/mlx5: Handle "enable_roce" devlink param (jsc#SLE-8464). - net/mlx5: Document flow_steering_mode devlink param (jsc#SLE-8464). - devlink: Add new "enable_roce" generic device param (bsc#1154353). - net/mlx5: fix spelling mistake "metdata" -> "metadata" (jsc#SLE-8464). - net/mlx5: fix kvfree of uninitialized pointer spec (jsc#SLE-8464). - IB/mlx5: Introduce and use mlx5_core_is_vf() (jsc#SLE-8446). - net/mlx5: E-switch, Enable metadata on own vport (jsc#SLE-8464). - net/mlx5: Refactor ingress acl configuration (jsc#SLE-8464). - net/mlx5: Restrict metadata disablement to offloads mode (jsc#SLE-8464). - net/mlx5: E-switch, Offloads shift ACL programming during enable/disable vport (jsc#SLE-8464). - net/mlx5: E-switch, Offloads introduce and use per vport acl tables APIs (jsc#SLE-8464). - net/mlx5: Move ACL drop counters life cycle close to ACL lifecycle (jsc#SLE-8464). - net/mlx5: E-switch, Legacy introduce and use per vport acl tables APIs (jsc#SLE-8464). - net/mlx5: E-switch, Prepare code to handle vport enable error (jsc#SLE-8464). - net/mlx5: Tide up state_lock and vport enabled flag usage (jsc#SLE-8464). - net/mlx5: Move legacy drop counter and rule under legacy structure (jsc#SLE-8464). - net/mlx5: Move metdata fields under offloads structure (jsc#SLE-8464). - net/mlx5: Correct comment for legacy fields (jsc#SLE-8464). - net/mlx5: Introduce and use mlx5_esw_is_manager_vport() (jsc#SLE-8464). - net/mlx5: E-switch, Introduce and use vlan rule config helper (jsc#SLE-8464). - net/mlx5: E-Switch, Rename ingress acl config in offloads mode (jsc#SLE-8464). - net/mlx5: E-Switch, Rename egress config to generic name (jsc#SLE-8464). - net/mlx5: Fixed a typo in a comment in esw_del_uc_addr() (jsc#SLE-8464). - net/mlx5: Expose optimal performance scatter entries capability (jsc#SLE-8446). - cxgb4: Fix an error code in cxgb4_mqprio_alloc_hw_resources() (jsc#SLE-8389). - bnxt_en: Fix array overrun in bnxt_fill_l2_rewrite_fields() (jsc#SLE-8371 bsc#1153274). - net: sfp: fix spelling mistake "requies" -> "requires" (bsc#1154353). - bridge: implement get_link_ksettings ethtool method (bsc#1154353). - vxlan: implement get_link_ksettings ethtool method (bsc#1154353). - sfc: trace_xdp_exception on XDP failure (jsc#SLE-8314). - net/sched: actions: remove unused 'order' (bsc#1154353). - netdevsim: Update dummy reporter's devlink binary interface (bsc#1154353). - net/mlx5: Dump of fw_fatal use updated devlink binary interface (jsc#SLE-8464). - devlink: Allow large formatted message of binary output (bsc#1154353). - cxgb4: make function 'cxgb4_mqprio_free_hw_resources' static (jsc#SLE-8389). - mlxsw: spectrum: Enable EMAD string TLV (bsc#1154488). - mlxsw: core: Add support for using EMAD string TLV (bsc#1154488). - mlxsw: core: Extend EMAD information reported to devlink hwerr (bsc#1154488). - mlxsw: core: Add support for EMAD string TLV parsing (bsc#1154488). - mlxsw: core: Add EMAD string TLV (bsc#1154488). - mlxsw: emad: Remove deprecated EMAD TLVs (bsc#1154488). - mlxsw: core: Parse TLVs' offsets of incoming EMADs (bsc#1154488). - cxgb4: remove redundant assignment to hdr_len (jsc#SLE-8389). - mlxsw: core: Enable devlink reload only on probe (bsc#1154488). - net: sfp: allow modules with slow diagnostics to probe (bsc#1154353). - net: sfp: allow sfp to probe slow to initialise GPON modules (bsc#1154353). - net: sfp: move module insert reporting out of probe (bsc#1154353). - net: sfp: split power mode switching from probe (bsc#1154353). - net: sfp: track upstream's attachment state in state machine (bsc#1154353). - net: sfp: ensure TX_FAULT has deasserted before probing the PHY (bsc#1154353). - net: sfp: allow fault processing to transition to other states (bsc#1154353). - net: sfp: eliminate mdelay() from PHY probe (bsc#1154353). - net: sfp: split the PHY probe from sfp_sm_mod_init() (bsc#1154353). - net: sfp: control TX_DISABLE and phy only from main state machine (bsc#1154353). - net: sfp: avoid power switch on address-change modules (bsc#1154353). - net: sfp: parse SFP power requirement earlier (bsc#1154353). - net: sfp: rename T_PROBE_WAIT to T_SERIAL (bsc#1154353). - net: sfp: handle module remove outside state machine (bsc#1154353). - net: sfp: rename sfp_sm_ins_next() as sfp_sm_mod_next() (bsc#1154353). - net: sfp: move tx disable on device down to main state machine (bsc#1154353). - net: sfp: move sfp sub-state machines into separate functions (bsc#1154353). - net: sfp: fix sfp_bus_put() kernel documentation (bsc#1154353). - lwtunnel: ignore any TUNNEL_OPTIONS_PRESENT flags set by users (bsc#1154353). - lwtunnel: get nlsize for erspan options properly (bsc#1154353). - lwtunnel: change to use nla_parse_nested on new options (bsc#1154353). - net: sfp: rework upstream interface (bsc#1154353). - devlink: disallow reload operation during device cleanup (bsc#1154353). - packet: fix data-race in fanout_flow_is_huge() (bsc#1154353). - ice: print opcode when printing controlq errors (jsc#SLE-7926). - ice: use more accurate ICE_DBG mask types (jsc#SLE-7926). - ice: Introduce and use ice_vsi_type_str (jsc#SLE-7926). - ice: remove unnecessary conditional check (jsc#SLE-7926). - ice: Update enum ice_flg64_bits to current specification (jsc#SLE-7926). - ice: delay less (jsc#SLE-7926). - ice: use pkg_dwnld_status instead of sq_last_status (jsc#SLE-7926). - ice: Change max MSI-x vector_id check in cfg_irq_map (jsc#SLE-7926). - ice: Check if VF is disabled for Opcode and other operations (jsc#SLE-7926). - ice: configure software LLDP in ice_init_pf_dcb (jsc#SLE-7926). - ice: Fix to change Rx/Tx ring descriptor size via ethtool with DCBx (jsc#SLE-7926). - ice: avoid setting features during reset (jsc#SLE-7926). - ice: Implement DCBNL support (jsc#SLE-7926). - ice: Add NDO callback to set the maximum per-queue bitrate (jsc#SLE-7926). - ice: Use ice_ena_vsi and ice_dis_vsi in DCB configuration flow (jsc#SLE-7926). - net: icmp: fix data-race in cmp_global_allow() (bsc#1154353). - cxgb4: fix 64-bit division on i386 (jsc#SLE-8389). - cxgb4: Use match_string() helper to simplify the code (jsc#SLE-8389). - net: add a READ_ONCE() in skb_peek_tail() (bsc#1154353). - net: add annotations on hh->hh_len lockless accesses (bsc#1154353). - net: use u64_stats_t in struct pcpu_lstats (bsc#1154353). - tun: switch to u64_stats_t (bsc#1154353). - u64_stats: provide u64_stats_t type (bsc#1154353). - net: dummy: use standard dev_lstats_add() and dev_lstats_read() (bsc#1154353). - vsockmon: use standard dev_lstats_add() and dev_lstats_read() (bsc#1154353). - veth: use standard dev_lstats_add() and dev_lstats_read() (bsc#1154353). - net: nlmon: use standard dev_lstats_add() and dev_lstats_read() (bsc#1154353). - net: provide dev_lstats_add() helper (bsc#1154353). - net: provide dev_lstats_read() helper (bsc#1154353). - net: ethernet: intel: Demote MTU change prints to debug (jsc#SLE-7966). - mlxsw: Add layer 3 devlink-trap exceptions support (bsc#1154488). - mlxsw: Add specific trap for packets routed via invalid nexthops (bsc#1154488). - mlxsw: Add new FIB entry type for reject routes (bsc#1154488). - devlink: Add layer 3 generic packet exception traps (bsc#1154353). - mlxsw: Add layer 3 devlink-trap support (bsc#1154488). - devlink: Add layer 3 generic packet traps (bsc#1154353). - tcp: Remove one extra ktime_get_ns() from cookie_init_timestamp (bsc#1154353). - inetpeer: fix data-race in inet_putpeer / inet_putpeer (bsc#1154353). - mlxsw: spectrum: Fix error return code in mlxsw_sp_port_module_info_init() (bsc#1154488). - cxgb4: add FLOWC based QoS offload (jsc#SLE-8389). - cxgb4: add Tx and Rx path for ETHOFLD traffic (jsc#SLE-8389). - cxgb4: add ETHOFLD hardware queue support (jsc#SLE-8389). - cxgb4: parse and configure TC-MQPRIO offload (jsc#SLE-8389). - cxgb4: rework queue config and MSI-X allocation (jsc#SLE-8389). - cxgb4: query firmware for QoS offload resources (jsc#SLE-8389). - net_sched: gen_estimator: extend packet counter to 64bit (bsc#1154353). - ice: Fix return value when SR-IOV is not supported (jsc#SLE-7926). - ice: Rename VF function ice_vc_dis_vf to match its behavior (jsc#SLE-7926). - ice: Get rid of ice_cleanup_header (jsc#SLE-7926). - ice: print PCI link speed and width (jsc#SLE-7926). - ice: print unsupported module message (jsc#SLE-7926). - ice: write register with correct offset (jsc#SLE-7926). - ice: Check for null pointer dereference when setting rings (jsc#SLE-7926). - ice: save PCI state in probe (jsc#SLE-7926). - ice: Adjust DCB INIT for SW mode (jsc#SLE-7926). - ice: fix driver unload flow (jsc#SLE-7926). - ice: handle DCBx non-contiguous TC request (jsc#SLE-7926). - ice: Update Boot Configuration Section read of NVM (jsc#SLE-7926). - ice: add ethtool -m support for reading i2c eeprom modules (jsc#SLE-7926). - tcp: fix data-race in tcp_recvmsg() (bsc#1154353). - net: silence data-races on sk_backlog.tail (bsc#1154353). - lwtunnel: add options setting and dumping for erspan (bsc#1154353). - lwtunnel: add options setting and dumping for vxlan (bsc#1154353). - lwtunnel: add options setting and dumping for geneve (bsc#1154353). - lwtunnel: add options process for cmp_encap (bsc#1154353). - lwtunnel: add options process for arp request (bsc#1154353). - net: annotate lockless accesses to sk->sk_max_ack_backlog (bsc#1154353). - net: annotate lockless accesses to sk->sk_ack_backlog (bsc#1154353). - net: use helpers to change sk_ack_backlog (bsc#1154353). - net: avoid potential false sharing in neighbor related code (bsc#1154353). - inet_diag: use jiffies_delta_to_msecs() (bsc#1154353). - net: neigh: use long type to store jiffies delta (bsc#1154353). - netdevsim: drop code duplicated by a merge (bsc#1154353). - cxgb4: Add pci reset handler (jsc#SLE-8389). - cnic: Set fp_hsi_ver as part of CLIENT_SETUP ramrod (bsc#1154395). - bnx2x: Fix PF-VF communication over multi-cos queues (bsc#1154395). - bnx2x: Enable Multi-Cos feature (bsc#1154395). - bnx2x: Utilize FW 7.13.15.0 (bsc#1154395). - net_sched: add TCA_STATS_PKT64 attribute (bsc#1154353). - net_sched: extend packet counter to 64bit (bsc#1154353). - net_sched: do not export gnet_stats_basic_packed to uapi (bsc#1154353). - net: hns3: remove unused macros (bsc#1154353). - vsock: Simplify '__vsock_release()' (bsc#1154353). - icmp: remove duplicate code (bsc#1154353). - icmp: add helpers to recognize ICMP error packets (bsc#1154353). - ice: allow 3k MTU for XDP (jsc#SLE-7926). - ice: add build_skb() support (jsc#SLE-7926). - ice: introduce frame padding computation logic (jsc#SLE-7926). - ice: introduce legacy Rx flag (jsc#SLE-7926). - ice: Add support for AF_XDP (jsc#SLE-7926). - ice: Move common functions to ice_txrx_lib.c (jsc#SLE-7926). - ice: Add support for XDP (jsc#SLE-7926). - ice: get rid of per-tc flow in Tx queue configuration routines (jsc#SLE-7926). - ice: Introduce ice_base.c (jsc#SLE-7926). - i40e: implement VF stats NDO (jsc#SLE-8025). - i40e: enable X710 support (jsc#SLE-8025). - ixgbe: protect TX timestamping from API misuse (jsc#SLE-7979 jsc#SLE-7981). - fm10k: update driver version to match out-of-tree (jsc#SLE-8009). - ixgbe: Make use of cpumask_local_spread to improve RSS locality (jsc#SLE-7979 jsc#SLE-7981). - fm10k: add support for ndo_get_vf_stats operation (jsc#SLE-8009). - fm10k: add missing field initializers to TLV attributes) (jsc#SLE-8009). - ipv6: use jhash2() in rt6_exception_hash() (bsc#1154353). - net: bridge: fdb: eliminate extra port state tests from fast-path (bsc#1154353). - net/mlx5: DR, Support IPv4 and IPv6 mixed matcher (jsc#SLE-8464). - net/mlx5: LAG, Use affinity type enumerators (jsc#SLE-8464). - net/mlx5: LAG, Use port enumerators (jsc#SLE-8464). - net/mlx5: rate limit alloc_ent error messages (jsc#SLE-8464). - net/mlx5e: Add ToS (DSCP) header rewrite support (jsc#SLE-8464). - net/mlx5e: Bit sized fields rewrite support (jsc#SLE-8464). - net/mlx5: WQ, Move short getters into header file (jsc#SLE-8464). - net/mlx5e: TX, Dump WQs wqe descriptors on CQE with error events (jsc#SLE-8464). - net/mlx5: Support lockless FTE read lookups (jsc#SLE-8464). - net/mlx5: Do not hold group lock while allocating FTE in software (jsc#SLE-8464). - net/mlx5e: Verify that rule has at least one fwd/drop action (jsc#SLE-8464). - net/mlx5: Clear VF's configuration on disabling SRIOV (jsc#SLE-8464). - net/mlx5: Remove unneeded variable in mlx5_unload_one (jsc#SLE-8464). - net/mlx5: FPGA, support network cards with standalone FPGA (jsc#SLE-8464). - net/mlx5: DR, Replace CRC32 implementation to use kernel lib (jsc#SLE-8464). - net: icmp6: provide input address for traceroute6 (bsc#1154353). - net: icmp: use input address in traceroute (bsc#1154353). - xsk: Restructure/inline XSKMAP lookup/redirect/flush (bsc#1154353). - bpf: Implement map_gen_lookup() callback for XSKMAP (bsc#1154353). - xsk: Store struct xdp_sock as a flexible array member of the XSKMAP (bsc#1154353). - bpf: Replace prog_raw_tp+btf_id with prog_tracing (bsc#1154353). - bpf: Enforce 'return 0' in BTF-enabled raw_tp programs (bsc#1154353). - net: bridge: fdb: restore unlikely() when taking over externally added entries (bsc#1154353). - net: bridge: fdb: avoid two atomic bitops in br_fdb_external_learn_add() (bsc#1154353). - net: bridge: fdb: br_fdb_update can take flags directly (bsc#1154353). - bnxt_en: Call bnxt_ulp_stop()/bnxt_ulp_start() during suspend/resume (jsc#SLE-8372 bsc#1153275). - bnxt_en: Call bnxt_ulp_stop()/bnxt_ulp_start() during error recovery (jsc#SLE-8372 bsc#1153275). - bnxt_en: Improve bnxt_ulp_stop()/bnxt_ulp_start() call sequence (jsc#SLE-8372 bsc#1153275). - bnxt_en: flow_offload: offload tunnel decap rules via indirect callbacks (jsc#SLE-8372 bsc#1153275). - bnxt_en: Add support for NAT(L3/L4 rewrite) (jsc#SLE-8372 bsc#1153275). - bnxt: Avoid logging an unnecessary message when a flow can't be offloaded (jsc#SLE-8372 bsc#1153275). - bnxt_en: Add support for L2 rewrite (jsc#SLE-8372 bsc#1153275). - sfc: add XDP counters to ethtool stats (jsc#SLE-8314). - sfc: handle XDP_TX outcomes of XDP eBPF programs (jsc#SLE-8314). - sfc: allocate channels for XDP tx queues (jsc#SLE-8314). - sfc: Enable setting of xdp_prog (jsc#SLE-8314). - sfc: perform XDP processing on received packets (jsc#SLE-8314). - sfc: support encapsulation of xdp_frames in efx_tx_buffer (jsc#SLE-8314). - mlxsw: Fix 64-bit division in mlxsw_sp_sb_prs_init (bsc#1154488). - net: hns3: cleanup byte order issues when printed (bsc#1154353). - net: hns3: cleanup some print format warning (bsc#1154353). - net: hns3: add or modify some comments (bsc#1154353). - net: hns3: optimize local variable initialization (bsc#1154353). - net: hns3: cleanup a format-truncation warning (bsc#1154353). - net: hns3: cleanup some coding style issues (bsc#1154353). - net: hns3: cleanup some magic numbers (bsc#1154353). - net: hns3: add struct netdev_queue debug info for TX timeout (bsc#1154353). - net: hns3: dump some debug information when reset fail (bsc#1154353). - bnxt_en: Add support to collect crash dump via ethtool (jsc#SLE-8372 bsc#1153275). - bnxt_en: Add support to invoke OP-TEE API to reset firmware (jsc#SLE-8372 bsc#1153275). - mlxsw: spectrum: Generalize split count check (bsc#1154488). - mlxsw: spectrum: Iterate over all ports in gap during unsplit create (bsc#1154488). - mlxsw: spectrum: Fix base port get for split count 4 and 8 (bsc#1154488). - mlxsw: spectrum: Use port_module_max_width to compute base port index (bsc#1154488). - mlxsw: spectrum: Remember split base local port and use it in unsplit (bsc#1154488). - mlxsw: spectrum: Introduce resource for getting offset of 4 lanes split port (bsc#1154488). - mlxsw: spectrum: Push getting offsets of split ports into a helper (bsc#1154488). - mlxsw: spectrum: Add sanity checks into module info get (bsc#1154488). - mlxsw: spectrum: Pass mapping values in port mapping structure (bsc#1154488). - mlxsw: spectrum: Use mapping of port being split for creating split ports (bsc#1154488). - mlxsw: spectrum: Replace port_to_module array with array of structs (bsc#1154488). - mlxsw: spectrum: Distinguish between unsplittable and split port (bsc#1154488). - mlxsw: spectrum: Move max_width check up before count check (bsc#1154488). - mlxsw: spectrum: Use PMTM register to get max module width (bsc#1154488). - mlxsw: reg: Add Port Module Type Mapping Register (bsc#1154488). - mlxsw: reg: Extend PMLP tx/rx lane value size to 4 bits (bsc#1154488). - cxgb4/l2t: Simplify 't4_l2e_free()' and '_t4_l2e_free()' (jsc#SLE-8389). - net: sched: update action implementations to support flags (bsc#1154353). - net: sched: extend TCA_ACT space with TCA_ACT_FLAGS (bsc#1154353). - net: sched: modify stats helper functions to support regular stats (bsc#1154353). - net: sched: don't expose action qstats to skb_tc_reinsert() (bsc#1154353). - net: sched: extract qstats update code into functions (bsc#1154353). - net: sched: extract bstats update code into function (bsc#1154353). - net: sched: extract common action counters update code into function (bsc#1154353). - e1000e: Fix compiler warning when CONFIG_PM_SLEEP is not set (jsc#SLE-8100). - e1000e: Add support for Tiger Lake (jsc#SLE-8100). - i40e: Add UDP segmentation offload support (jsc#SLE-8025). - ixgbe: Add UDP segmentation offload support (jsc#SLE-7979 jsc#SLE-7981). - igb: Add UDP segmentation offload support (jsc#SLE-7967 jsc#SLE-8010). - e1000e: Drop unnecessary __E1000_DOWN bit twiddling (jsc#SLE-8100). - e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm (jsc#SLE-8100). - e1000e: Add support for Comet Lake (jsc#SLE-8100). - vxlan: drop "vxlan" parameter in vxlan_fdb_alloc() (bsc#1154353). - net: phy: marvell: add downshift support for 88E1145 (bsc#1154353). - bonding: balance ICMP echoes in layer3+4 mode (bsc#1154353). - flow_dissector: extract more ICMP information (bsc#1154353). - flow_dissector: skip the ICMP dissector for non ICMP packets (bsc#1154353). - flow_dissector: add meaningful comments (bsc#1154353). - mlxsw: Enforce firmware version for Spectrum-2 (bsc#1154488). - mlxsw: Bump firmware version to 13.2000.2308 (bsc#1154488). - mlxsw: pci: Increase PCI reset timeout for SN3800 systems (bsc#1154488). - mlxsw: reg: Increase size of MPAR register (bsc#1154488). - net: bridge: fdb: set flags directly in fdb_create (bsc#1154353). - net: bridge: fdb: convert offloaded to use bitops (bsc#1154353). - net: bridge: fdb: convert added_by_external_learn to use bitops (bsc#1154353). - net: bridge: fdb: convert added_by_user to bitops (bsc#1154353). - net: bridge: fdb: convert is_sticky to bitops (bsc#1154353). - net: bridge: fdb: convert is_static to bitops (bsc#1154353). - net: bridge: fdb: convert is_local to bitops (bsc#1154353). - inet: do not call sublist_rcv on empty list (bsc#1154353). - broadcom: bnxt: Fix use true/false for bool (bsc#1154353). - cavium: thunder: Fix use true/false for bool type (bsc#1154353). - net: phy: marvell: add PHY tunable support for more PHY versions (bsc#1154353). - net: phy: marvell: add downshift support for M88E1111 (bsc#1154353). - net: phy: marvell: fix downshift function naming (bsc#1154353). - net: phy: marvell: fix typo in constant MII_M1011_PHY_SRC_DOWNSHIFT_MASK (bsc#1154353). - i40e: prevent memory leak in i40e_setup_macvlans (jsc#SLE-8025). - i40e: Refactoring VF MAC filters counting to make more reliable (jsc#SLE-8025). - i40e: Fix LED blinking flow for X710T*L devices (jsc#SLE-8025). - i40e: allow ethtool to report SW and FW versions in recovery mode (jsc#SLE-8025). - i40e: initialize ITRN registers with correct values (jsc#SLE-8025). - i40e: Extend PHY access with page change flag (jsc#SLE-8025). - i40e: Extract detection of HW flags into a function (jsc#SLE-8025). - i40e: Wrong 'Advertised FEC modes' after set FEC to AUTO (jsc#SLE-8025). - i40e: Fix for persistent lldp support (jsc#SLE-8025). - sock: remove unneeded semicolon (bsc#1154353). - mlxsw: spectrum_buffers: remove unneeded semicolon (bsc#1154488). - mvpp2: prefetch frame header (bsc#1154353). - mvpp2: sync only the received frame (bsc#1154353). - mvpp2: refactor frame drop routine (bsc#1154353). - net: Fix various misspellings of "connect" (bsc#1154353). - net: Fix misspellings of "configure" and "configuration" (bsc#1154353). - bpf: Prepare btf_ctx_access for non raw_tp use case (bsc#1154353). - bpf: Allow __sk_buff tstamp in BPF_PROG_TEST_RUN (bsc#1154353). - ipvs: batch __ip_vs_dev_cleanup (bsc#1154353). - ipvs: batch __ip_vs_cleanup (bsc#1154353). - ipvs: no need to update skb route entry for local destination packets (bsc#1154353). - tcp: add TCP_INFO status for failed client TFO (bsc#1154353). - mlxsw: spectrum_buffers: Calculate the size of the main pool (bsc#1154488). - mlxsw: spectrum: Use guaranteed buffer size as pool size limit (bsc#1154488). - net: phy: add support for clause 37 auto-negotiation (bsc#1154353). - net: phy: modify assignment to OR for dev_flags in phy_attach_direct (bsc#1154353). - fq_codel: do not include (bsc#1154353). - mlxsw: core: Extend QSFP EEPROM size for ethtool (bsc#1154488). - mlxsw: reg: Add macro for getting QSFP module EEPROM page number (bsc#1154488). - igc: Clean up unused shadow_vfta pointer (jsc#SLE-7966). - igc: Add Rx checksum support (jsc#SLE-7966). - igc: Add set_rx_mode support (jsc#SLE-7966). - e1000e: Add support for S0ix (jsc#SLE-8100). - igc: Add SCTP CRC checksumming functionality (jsc#SLE-7966). - net/sched: act_police: re-use tcf_tm_dump() (bsc#1154353). - net: phy: marvell: remove superseded function marvell_set_downshift (bsc#1154353). - net: phy: marvell: support downshift as PHY tunable (bsc#1154353). - net: hns3: log and clear hardware error after reset complete (bsc#1154353). - net: hns3: do not allocate linear data for fraglist skb (bsc#1154353). - net: hns3: minor cleanup for hns3_handle_rx_bd() (bsc#1154353). - net: hns3: make struct hns3_enet_ring cacheline aligned (bsc#1154353). - net: hns3: introduce ring_to_netdev() in enet module (bsc#1154353). - net: hns3: minor optimization for barrier in IO path (bsc#1154353). - net: hns3: optimized MAC address in management table (bsc#1154353). - net: hns3: remove struct hns3_nic_ring_data in hns3_enet module (bsc#1154353). - mlxsw: spectrum: Register switched port analyzers (SPAN) as resource (bsc#1154488). - net: phy: avoid NPE if read_page/write_page callbacks are not available (bsc#1154353). - net: sched: Avoid using yield() in a busy waiting loop (bsc#1154353). - pktgen: remove unnecessary assignment in pktgen_xmit() (bsc#1154353). - net: sfp: move fwnode parsing into sfp-bus layer (bsc#1154353). - net: phylink: use more linkmode_* (bsc#1154353). - net_sched: sch_fq: remove one obsolete check in fq_dequeue() (bsc#1154353). - net: core: use listified Rx for GRO_NORMAL in napi_gro_receive() (bsc#1154353). - mlxsw: spectrum: Add support for 400Gbps (50Gbps per lane) link modes (bsc#1154488). - ethtool: Add support for 400Gbps (50Gbps per lane) link modes (bsc#1154353). - xdp: Trivial, fix spelling in function description (bsc#1154353). - bpf: Fix cast to pointer from integer of different size warning (bsc#1154353). - flow_dissector: Allow updating the flow dissector program atomically (bsc#1154353). - bpf: Align struct bpf_prog_stats (bsc#1154353). - bpf/flow_dissector: add mode to enforce global BPF flow dissector (bsc#1154353). - genetlink: do not parse attributes for families with zero maxattr (bsc#1154353). - tcp: improve recv_skip_hint for tcp_zerocopy_receive (bsc#1154353). - netdevsim: implement couple of testing devlink health reporters (bsc#1154353). - devlink: propagate extack down to health reporter ops (bsc#1154353). - devlink: don't do reporter recovery if the state is healthy (bsc#1154353). - sock_get_timeout: drop unnecessary return variable (bsc#1154353). - af_unix: __unix_find_socket_byname() cleanup (bsc#1154353). - ipvlan: consolidate TSO flags using NETIF_F_ALL_TSO (bsc#1154353). - team: call RCU read lock when walking the port_list (bsc#1154353). - Revert "tun: call dev_get_valid_name() before register_netdevice()" (bsc#1154353). - net: tipc: prepare attrs in __tipc_nl_compat_dumpit() (bsc#1154353). - net: genetlink: always allocate separate attrs for dumpit ops (bsc#1154353). - net: hns3: support tx-scatter-gather-fraglist feature (bsc#1154353). - net: hns3: add support for configuring VF MAC from the host (bsc#1154353). - net: hns3: add support for configuring bandwidth of VF on the host (bsc#1154353). - net: hns3: add support for setting VF trust (bsc#1154353). - net: hns3: add support for spoof check setting (bsc#1154353). - net: hns3: add support for setting VF link status on the host (bsc#1154353). - tun: fix memory leak in error path (bsc#1154353). - netdevsim: fix spelling mistake "forbidded" -> "forbid" (bsc#1154353). - nfp: bpf: make array exp_mask static, makes object smaller (bsc#1154353). - net: hns3: make array tick_array static, makes object smaller (bsc#1154353). - net: hns: make arrays static, makes object smaller (bsc#1154353). - net/tls: store decrypted on a single bit (bsc#1154353). - net/tls: store async_capable on a single bit (bsc#1154353). - net/tls: pass context to tls_device_decrypted() (bsc#1154353). - net/tls: make allocation failure unlikely (bsc#1154353). - net/tls: mark sk->err being set as unlikely (bsc#1154353). - net: core: use helper skb_ensure_writable in more places (bsc#1154353). - ipv6: Make ipv6_mc_may_pull() return bool (bsc#1154353). - net: core: change return type of pskb_may_pull to bool (bsc#1154353). - net: ena: ethtool: support set_channels callback (bsc#1154492). - net: ena: remove redundant print of number of queues (bsc#1154492). - net: ena: make ethtool -l show correct max number of queues (bsc#1154492). - net: ena: ethtool: get_channels: use combined only (bsc#1154492). - net: ena: multiple queue creation related cleanups (bsc#1154492). - net: ena: change num_queues to num_io_queues for clarity and consistency (bsc#1154492). - netdevsim: implement devlink dev_info op (bsc#1154353). - net: devlink: fix reporter dump dumpit (bsc#1154353). - mlxsw: minimal: Add validation for FW version (bsc#1154488). - mlxsw: core: Push minor/subminor fw version check into helper (bsc#1154488). - mlxsw: thermal: Provide optimization for QSFP modules number detection (bsc#1154488). - mlxsw: hwmon: Provide optimization for QSFP modules number detection (bsc#1154488). - mlxsw: reg: Extend MGPIR register with new field exposing the number of QSFP modules (bsc#1154488). - netdevsim: add couple of debugfs bools to debug devlink reload (bsc#1154353). - devlink: have genetlink code to parse the attrs during dumpit (bsc#1154353). - net: tipc: allocate attrs locally instead of using genl_family_attrbuf in compat_dumpit() (bsc#1154353). - net: tipc: have genetlink code to parse the attrs during dumpit (bsc#1154353). - net: nfc: have genetlink code to parse the attrs during dumpit (bsc#1154353). - net: ieee802154: have genetlink code to parse the attrs during dumpit (bsc#1154353). - net: genetlink: parse attrs and store in contect info struct during dumpit (bsc#1154353). - net: genetlink: push attrbuf allocation and parsing to a separate function (bsc#1154353). - net: genetlink: introduce dump info struct to be available during dumpit op (bsc#1154353). - net: genetlink: push doit/dumpit code from genl_family_rcv_msg (bsc#1154353). - netdevsim: create devlink and netdev instances in namespace (bsc#1154353). - net: devlink: export devlink net setter (bsc#1154353). - net/tls: add TlsDeviceRxResync statistic (bsc#1154353). - net/tls: add TlsDecryptError stat (bsc#1154353). - net/tls: add statistics for installed sessions (bsc#1154353). - net/tls: add skeleton of MIB statistics (bsc#1154353). - net/tls: add device decrypted trace point (bsc#1154353). - net/tls: add tracing for device/offload events (bsc#1154353). - net: devlink: don't ignore errors during dumpit (bsc#1154353). - igmp: uninline ip_mc_validate_checksum() (bsc#1154353). - net: spread "enum sock_flags" (bsc#1154353). - net/tls: rename tls_hw_* functions tls_toe_* (bsc#1154353). - net/tls: move TOE-related code to a separate file (bsc#1154353). - net/tls: move tls_build_proto() on init path (bsc#1154353). - net/tls: rename tls_device to tls_toe_device (bsc#1154353). - net/tls: move TOE-related structures to a separate header (bsc#1154353). - net: devlink: allow to change namespaces during reload (bsc#1154353). - netdevsim: take devlink net instead of init_net (bsc#1154353). - netdevsim: register port netdevices into net of device (bsc#1154353). - netdevsim: implement proper devlink reload (bsc#1154353). - netdevsim: add all ports in nsim_dev_create() and del them in destroy() (bsc#1154353). - mlxsw: Propagate extack down to register_fib_notifier() (bsc#1154488). - mlxsw: Register port netdevices into net of core (bsc#1154488). - mlxsw: spectrum: Take devlink net instead of init_net (bsc#1154488). - net: devlink: export devlink net getter (bsc#1154353). - net: fib_notifier: propagate extack down to the notifier block callback (bsc#1154353). - mlxsw: spectrum_router: Don't rely on missing extack to symbolize dump (bsc#1154488). - net: fib_notifier: propagate possible error during fib notifier registration (bsc#1154353). - net: fib_notifier: make FIB notifier per-netns (bsc#1154353). - netdevsim: change fib accounting and limitations to be per-device (bsc#1154353). - net: propagate errors correctly in register_netdevice() (bsc#1154353). - mvpp2: remove misleading comment (bsc#1154353). - net_sched: remove need_resched() from qdisc_run() (bsc#1154353). - net: introduce per-netns netdevice notifiers (bsc#1154353). - net: push loops and nb calls into helper functions (bsc#1154353). - ipv6: minor code reorg in inet6_fill_ifla6_attrs() (bsc#1154353). - net: rtnetlink: add possibility to use alternative names as message handle (bsc#1154353). - net: rtnetlink: introduce helper to get net_device instance by ifname (bsc#1154353). - net: rtnetlink: unify the code in __rtnl_newlink get dev with the rest (bsc#1154353). - net: rtnetlink: put alternative names to getlink message (bsc#1154353). - net: rtnetlink: add linkprop commands to add and delete alternative ifnames (bsc#1154353). - net: introduce name_node struct to be used in hashlist (bsc#1154353). - net: procfs: use index hashlist instead of name hashlist (bsc#1154353). - tcp: add ipv6_addr_v4mapped_loopback() helper (bsc#1154353). - net: core: dev: replace state xoff flag comparison by netif_xmit_stopped method (bsc#1154353). - ipv6: add priority parameter to ip6_xmit() (bsc#1154353). - rocker: add missing init_net check in FIB notifier (bsc#1154353). - commit 113b872 - spi: pxa2xx: Add support for Intel Comet Lake-H (jsc#SLE-7946). - mtd: spi-nor: intel-spi: Add support for Intel Comet Lake-H SPI serial flash (jsc#SLE-7946). - commit 66b146b - mfd: intel-lpss: Add Intel Comet Lake PCH-H PCI IDs (jsc#SLE-7946). - mfd: intel-lpss: Add default I2C device properties for Gemini Lake (jsc#SLE-7946). - commit a741dd5 - i2c: i801: Correct Intel Jasper Lake SOC naming (jsc#SLE-7946). - i2c: i801: Add support for Intel Comet Lake PCH-H (jsc#SLE-7946). - commit b378292 - i2c: i801: Add support for Intel Jasper Lake (jsc#SLE-7946). - commit a0fd0de - i2c: i801: Bring back Block Process Call support for certain platforms (jsc#SLE-7946). - i2c: i801: Use iTCO version 6 in Cannon Lake PCH and beyond (jsc#SLE-7946). - commit 7cc4af0 - KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (CVE-2019-19338 bsc#1158954). - KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (CVE-2019-19338 bsc#1158954). - KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (CVE-2019-19338 bsc#1158954). - commit 431ce6a - KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) (CVE-2019-19332 bsc#1158827). - commit ed2bb4d - libbpf: Fix sym->st_value print on 32-bit arches (bsc#1158962). - commit ff62fd7 ++++ libcontainers-common: - Update to image 5.0.0 - Clean up various imports primarily so that imports of packages that aren't in the standard library are all in one section. - Update to major version v5 - return resp error message - copy.Image(): select the CopySystemImage image using the source context - Add manifest list support - docker: handle http 429 status codes - allow for .dockercfg files to reside in non-home directories - Use the correct module path in (make test-skopeo) - Update to libpod 1.6.3 - Handling of the libpod.conf configuration file has seen major changes. Most significantly, rootless users will no longer automatically receive a complete configuration file when they first use Podman, and will instead only receive differences from the global configuration. - Initial support for the CNI DNS plugin, which allows containers to resolve the IPs of other containers via DNS name, has been added - Podman now supports anonymous named volumes, created by specifying only a destination to the -v flag to the podman create and podman run commands - Named volumes now support uid and gid options in --opt o=... to set UID and GID of the created volume - Update to storage 1.15.3 - overlay: allow storing images with more than 127 layers - Lazy initialize the layer store - tarlogger: drop state mutex ++++ rdma-core: - Remove file listed twice - Disable pyverbs build for older releases that do not have python3-Cython >= 0.25 ++++ libgcrypt: - FIPS: RSA/DSA/ECDSA are missing hashing operation [bsc#1155337] * Add libgcrypt-FIPS-RSA-DSA-ECDSA-hashing-operation.patch ++++ systemd: - Manually set system-uid-max and system-gid-max to 499 It used to be detected automatically by meson but it's been broken by the migration of login.defs from /etc to /usr/etc. - Import commit d8f6a204858bff68b8e0e7be86b418c36087ab2e 6c5e492a65 cryptsetup: umount encrypted devices before detaching it during shutdown ++++ libzypp: - MediaCurl: assert cookie file has mode 0600 (bsc#1158763, CVE-2019-18900) - version 17.19.0 (12) ++++ salt: - xfs: do not fail if type is not present (bsc#1153611) - Added: * xfs-do-not-fails-if-type-is-not-present.patch ++++ wicked: - version 0.6.61 - dracut: add initial cmdline parsing as a config source - address: don't check hwaddr length if parsing as ARPHRD_VOID - utils: added find and insert var array utils, cleanup - client: add show-policy command calling policy generation - client: initial support to generate a basic policy directly - client: cleanup convert and show-config commands ------------------------------------------------------------------ ------------------ 2019-12-10 - Dec 10 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - backport patches for lvm2 to avoid software abnormal work (bsc#1158861) + bug-1158861_01-config-remove-filter-typo.patch + bug-1158861_02-config-Fix-default-option-which-makes-no-sense.patch + bug-1158861_03-vgchange-don-t-fail-monitor-command-if-vg-is-exporte.patch + bug-1158861_04-fix-duplicate-pv-size-check.patch + bug-1158861_05-hints-fix-copy-of-filter.patch + bug-1158861_06-fix-segfault-for-invalid-characters-in-vg-name.patch + bug-1158861_07-vgck-let-updatemetadata-repair-mismatched-metadata.patch + bug-1158861_08-hints-fix-mem-leaking-buffers.patch + bug-1158861_09-pvcreate-pvremove-fix-reacquiring-global-lock-after.patch - backport upstream patches for passing lvm2 testsuite (bsc#1158628) + bug-1158628_01-tests-replaces-grep-q-usage.patch + bug-1158628_02-tests-fix-ra-checking.patch + bug-1158628_03-tests-simplify-some-var-settings.patch + bug-1158628-04-pvmove-correcting-read_ahead-setting.patch + bug-1158628_05-activation-add-synchronization-point.patch + bug-1158628_06-pvmove-add-missing-synchronization.patch + bug-1158628_07-activation-extend-handling-of-pending_delete.patch + bug-1158628_08-lv_manip-add-synchronizations.patch + bug-1158628_09-lvconvert-improve-validation-thin-and-cache-pool-con.patch + bug-1158628_10-thin-activate-layer-pool-aas-read-only-LV.patch + bug-1158628_11-tests-mdadm-stop-in-test-cleanup.patch + bug-1158628_12-test-increase-size-of-raid10-LV-allowing-tests-to-su.patch + bug-1158628_13-lvconvert-fix-return-value-when-zeroing-fails.patch + bug-1158628_14-tests-add-extra-settle.patch + bug-1158628_15-test-Fix-handling-leftovers-from-previous-tests.patch - bug-1043040_test-fix-read-ahead-issues-in-test-scripts.patch ++++ dracut: - Update to version 049+git116.e9995c78: * dracut.spec: add convertfs module correctly (boo#1158777) ++++ glib-networking: - Update to version 2.62.2: + Fix handshake_context crashes. ++++ kernel-default: - EDAC/altera: Use fast register IO for S10 IRQs (bsc#1152489). - commit 48045b4 - scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Don't defer relogin unconditonally (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Send Notify ACK after N2N PLOGI (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Configure local loop for N2N target (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Don't call qlt_async_event twice (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Allow PLOGI in target mode (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Change discovery state before PLOGI (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Initialize free_work before flushing it (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use explicit LOGO in target mode (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Correctly retrieve and interpret active flash region (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit b9f4605 - blacklist.conf: Append 'drm/i915: Remove logical HW ID' - commit c366de4 - blacklist.conf: Append 'drm/i915: Fix g4x sprite scaling stride check with GTT remapping' - commit ed52fa1 - blacklist.conf: Append 'drm/i915/dp: Fix dsc bpp calculations, v5.' - commit 4e094fc - blacklist.conf: Append 'drm/i915: Mark contents as dirty on a write fault' - commit f55151a - blacklist.conf: Append 'drm/i915: Bump skl+ max plane width to 5k for linear/x-tiled' - commit 69b4952 - blacklist.conf: Append 'drm/i915: Don't mix srcu tag and negative error codes' - commit 6d16d9a - blacklist.conf: Append 'drm/i915: Restore relaxed padding (OCL_OOB_SUPPRES_ENABLE) for skl+' - commit cd7484b - blacklist.conf: Append 'drm/i915: Limit MST to <= 8bpc once again' - commit ead6b3f - blacklist.conf: Append 'drm/i915/dp: Fix DSC enable code to use cpu_transcoder instead of encoder->type' - commit d2a961c - Update patch reference for nfc fix (CVE-2019-19526 bsc#1158893) - commit 9e59e81 - drm/i915: Preload LUTs if the hw isn't currently using them (bsc#1152489) - commit 7d0ea8f - video/hdmi: Fix AVI bar unpack (bsc#1152489) - commit 0ac3f29 - fbdev/sa1100fb: Remove even more dead code (bsc#1152489) - commit 896a116 - update mainline references update Patch-mainline tags: patches.suse/hugetlb-region_chg-provides-only-cache-entry.patch patches.suse/hugetlb-remove-duplicated-code.patch patches.suse/hugetlbfs-hugetlb_fault_mutex_hash-cleanup.patch patches.suse/hugetlbfs-take-read_lock-on-i_mmap-for-PMD-sharing.patch patches.suse/include-linux-memcontrol.h-fix-comments-based-on-per-node-memcg.patch patches.suse/mm-clean-up-and-clarify-lruvec-lookup-procedure.patch patches.suse/mm-drop-mmap_sem-before-calling-balance_dirty_pages-in-write-fault.patch patches.suse/mm-emit-tracepoint-when-RSS-changes.patch patches.suse/mm-filemap.c-remove-redundant-cache-invalidation-after-async-direct-io-write.patch patches.suse/mm-filemap.c-warn-if-stale-pagecache-is-left-after-direct-write.patch patches.suse/mm-hugetlb-avoid-looping-to-the-same-hugepage-if-pages-and-vmas.patch patches.suse/mm-introduce-compound_nr.patch patches.suse/mm-introduce-page_shift.patch patches.suse/mm-introduce-page_size.patch patches.suse/mm-madvise.c-replace-with-page_size-in-madvise_inject_error.patch patches.suse/mm-memcg-clean-up-reclaim-iter-array.patch patches.suse/mm-memcg-make-memory.emin-the-baseline-for-utilisation-determination.patch patches.suse/mm-memcg-make-scan-aggression-always-exclude-protection.patch patches.suse/mm-memcg-proportional-memory.-low-min-reclaim.patch patches.suse/mm-memcontrol-remove-dead-code-from-memory_max_write.patch patches.suse/mm-memfd-fix-COW-issue-on-MAP_PRIVATE-and-F_SEAL_FUTURE_WRITE-mappings.patch patches.suse/mm-memory-failure.c-clean-up-around-tk-pre-allocation.patch patches.suse/mm-migrate.c-handle-freed-page-at-the-first-place.patch patches.suse/mm-mmap.c-__vma_unlink_prev-is-not-necessary-now.patch patches.suse/mm-mmap.c-extract-__vma_unlink_list-as-counterpart-for-__vma_link_list.patch patches.suse/mm-mmap.c-prev-could-be-retrieved-from-vma-vm_prev.patch patches.suse/mm-mmap.c-rb_parent-is-not-necessary-in-__vma_link_list.patch patches.suse/mm-mmap.c-remove-a-never-triggered-warning-in-__vma_adjust.patch patches.suse/mm-mmap.c-use-IS_ERR_VALUE-to-check-return-value-of-get_unmapped_area.patch patches.suse/mm-page_io.c-annotate-refault-stalls-from-swap_readpage.patch patches.suse/mm-rmap.c-don-t-reuse-anon_vma-if-we-just-want-a-copy.patch patches.suse/mm-rmap.c-fix-outdated-comment-in-page_get_anon_vma.patch patches.suse/mm-rmap.c-reuse-mergeable-anon_vma-as-parent-when-fork.patch patches.suse/mm-rmap.c-use-VM_BUG_ON_PAGE-in-__page_check_anon_rmap.patch patches.suse/mm-shmem-use-proper-gfp-flags-for-shmem_writepage.patch patches.suse/mm-slab-make-kmalloc_info-contain-all-types-of-names.patch patches.suse/mm-slab-remove-unused-kmalloc_size.patch patches.suse/mm-slab_common-use-enum-kmalloc_cache_type-to-iterate-over-kmalloc-caches.patch patches.suse/mm-slub-print-the-offset-of-fault-addresses.patch patches.suse/mm-slub.c-clean-up-validate_slab.patch patches.suse/mm-slub.c-update-comments.patch patches.suse/mm-soft-offline-convert-parameter-to-pfn.patch patches.suse/mm-swap.c-piggyback-lru_add_drain_all-calls.patch patches.suse/mm-swap.c-trivial-mark_page_accessed-cleanup.patch patches.suse/mm-thp-do-not-queue-fully-unmapped-pages-for-deferred-split.patch patches.suse/mm-vmalloc-add-more-comments-to-the-adjust_va_to_fit_type.patch patches.suse/mm-vmalloc-do-not-keep-unpurged-areas-in-the-busy-tree.patch patches.suse/mm-vmalloc-modify-struct-vmap_area-to-reduce-its-size.patch patches.suse/mm-vmalloc-remove-preempt_disable-enable-when-doing-preloading.patch patches.suse/mm-vmalloc-respect-passed-gfp_mask-when-doing-preloading.patch patches.suse/mm-vmalloc-rework-vmap_area_lock.patch patches.suse/mm-vmalloc.c-move-area-pages-after-if-statement.patch patches.suse/mm-vmalloc.c-remove-unnecessary-highmem_mask-from-parameter-of-gfpflags_allow_blocking.patch patches.suse/mm-vmscan-detect-file-thrashing-at-the-reclaim-root.patch patches.suse/mm-vmscan-enforce-inactive-active-ratio-at-the-reclaim-root.patch patches.suse/mm-vmscan-harmonize-writeback-congestion-tracking-for-nodes-memcgs.patch patches.suse/mm-vmscan-memcontrol-remove-mem_cgroup_select_victim_node.patch patches.suse/mm-vmscan-move-file-exhaustion-detection-to-the-node-level.patch patches.suse/mm-vmscan-move-inactive_list_is_low-swap-check-to-the-caller.patch patches.suse/mm-vmscan-naming-fixes-global_reclaim-and-sane_reclaim.patch patches.suse/mm-vmscan-remove-unused-lru_pages-argument.patch patches.suse/mm-vmscan-replace-shrink_node-loop-with-a-retry-jump.patch patches.suse/mm-vmscan-simplify-lruvec_lru_size.patch patches.suse/mm-vmscan-split-shrink_node-into-node-part-and-memcgs-part.patch patches.suse/mm-vmscan-turn-shrink_node_memcg-into-shrink_lruvec.patch patches.suse/mm-vmscan.c-fix-typo-in-comment.patch patches.suse/mm-vmscan.c-remove-unused-scan_control-parameter-from-pageout.patch patches.suse/rss_stat-add-support-to-detect-RSS-updates-of-external-mm.patch patches.suse/shmem-pin-the-file-in-shmem_fault-if-mmap_sem-is-dropped.patch patches.suse/vmalloc-lift-the-arm-flag-for-coherent-mappings-to-common-code.patch - commit fdd2a26 ++++ lvm2: - backport patches for lvm2 to avoid software abnormal work (bsc#1158861) + bug-1158861_01-config-remove-filter-typo.patch + bug-1158861_02-config-Fix-default-option-which-makes-no-sense.patch + bug-1158861_03-vgchange-don-t-fail-monitor-command-if-vg-is-exporte.patch + bug-1158861_04-fix-duplicate-pv-size-check.patch + bug-1158861_05-hints-fix-copy-of-filter.patch + bug-1158861_06-fix-segfault-for-invalid-characters-in-vg-name.patch + bug-1158861_07-vgck-let-updatemetadata-repair-mismatched-metadata.patch + bug-1158861_08-hints-fix-mem-leaking-buffers.patch + bug-1158861_09-pvcreate-pvremove-fix-reacquiring-global-lock-after.patch - backport upstream patches for passing lvm2 testsuite (bsc#1158628) + bug-1158628_01-tests-replaces-grep-q-usage.patch + bug-1158628_02-tests-fix-ra-checking.patch + bug-1158628_03-tests-simplify-some-var-settings.patch + bug-1158628-04-pvmove-correcting-read_ahead-setting.patch + bug-1158628_05-activation-add-synchronization-point.patch + bug-1158628_06-pvmove-add-missing-synchronization.patch + bug-1158628_07-activation-extend-handling-of-pending_delete.patch + bug-1158628_08-lv_manip-add-synchronizations.patch + bug-1158628_09-lvconvert-improve-validation-thin-and-cache-pool-con.patch + bug-1158628_10-thin-activate-layer-pool-aas-read-only-LV.patch + bug-1158628_11-tests-mdadm-stop-in-test-cleanup.patch + bug-1158628_12-test-increase-size-of-raid10-LV-allowing-tests-to-su.patch + bug-1158628_13-lvconvert-fix-return-value-when-zeroing-fails.patch + bug-1158628_14-tests-add-extra-settle.patch + bug-1158628_15-test-Fix-handling-leftovers-from-previous-tests.patch - bug-1043040_test-fix-read-ahead-issues-in-test-scripts.patch ++++ mozjs60: - Add Don-t-run-non262-extensions-clone-errors.js-on-s390x.patch, based on Debian patch, to enable back tests on s390x (and ppc64). - Add tests-Expect-a-test-to-fail-on-big-endian.patch, based on Debian patch, accept a test failure on big-endian like s390x. - Ensure build for x86 is with SSE2 (SSE for floating point math),* required by upstream (requires switching package to i686). - enable back tests on s390x and i586 - Remove build workaround on ppc64le. - Reorder/change build flags to follow Debian and Fedora. - Enable back tests on all platforms (except JIT on s390). - Ensure we don't build bundled security libs. - Don't ship a icu bundle for big-endian, recreate it instead, with patches icu_sources_data-Write-command-output-to-our-stderr.patch and icu_sources_data.py-Decouple-from-Mozilla-build-system.patch. - Update patch enddianness.patch with more fixes from bmo#1590907 to fix strings usage on s390x (bsc#1158355). - Add Skip-some-i18n-tests-because-we-are-now-using-system-ICU.patch Update-to-ICU-61-Part-3-Update-tests.patch, Update-to-ICU-64-Part-3-Update-tests.patch, Update-to-ICU-65-Part-3-Update-tests.patch to allow building with system icu - Add flag to switch between system icu and embedded icu and enable system icu. ++++ openssl-1_1: - Security fix: [bsc#1158809, CVE-2019-1551] * Overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli - Add openssl-1_1-CVE-2019-1551.patch ++++ libsolv: - build with -DENABLE_RPMDB_LIBRPM=1 on SUSE to support multiple rpm database backends - added two new function to make libzypp independent of the rpm database format - bump version to 0.7.10 ++++ libvirt: - virt-create-rootfs: add SLE 15 and SLE 12 service packs support bsc#1154093 ++++ salt: - Don't use __python indirection macros on spec file %__python is no longer defined in RPM 4.15 (python2 is going EOL in Jan 2020); additionally, python/python3 are just binaries in the path. - Fix errors when running virt.get_hypervisor function - Added: * fix-virt.get_hypervisor-188.patch ++++ qemu: - Update to v4.2.0-rc5: See http://wiki.qemu.org/ChangeLog/4.2 ------------------------------------------------------------------ ------------------ 2019-12-9 - Dec 9 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Fix tight loop on OOM ++++ glibc: - s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226) ++++ kdump: - kdump-nss-modules.patch: Improve the handling of NSS (bsc#1021846). - kdump-skip-mounts-if-no-proc-vmcore.patch: Skip kdump-related mounts if there is no /proc/vmcore (bsc#1102252, bsc#1125011). - kdump-clean-up-kdump-mount-points.patch: Make sure that kdump mount points are cleaned up (bsc#1102252, bsc#1125011). ++++ kernel-default: - EDAC/ghes: Do not warn when incrementing refcount on 0 (bsc#1152489). - commit b152db6 - Update patch reference for a media driver fix (CVE-2019-19533 bsc#1158834) - commit 035b8ec - Update patch references for USB and HID fixes (CVE-2019-19532 bsc#1158824 CVE-2019-19523) - commit b7c3995 - xprtrdma: Add unique trace points for posting Local Invalidate WRs (bsc#1158811). - commit 0045bd6 - rbd: silence bogus uninitialized warning in rbd_object_map_update_finish() (jsc#SES-1134). - ceph: increment/decrement dio counter on async requests (jsc#SES-1134). - ceph: take the inode lock before acquiring cap refs (jsc#SES-1134). - rbd: cancel lock_dwork if the wait is interrupted (jsc#SES-1134). - ceph: call ceph_mdsc_destroy from destroy_fs_client (jsc#SES-1134). - libceph: use ceph_kvmalloc() for osdmap arrays (jsc#SES-1134). - libceph: avoid a __vmalloc() deadlock in ceph_kvmalloc() (jsc#SES-1134). - commit 6eea6f4 - ceph: allow object copies across different filesystems in the same cluster (jsc#SES-1134). - Refresh patches.suse/ceph-don-t-allow-copy_file_range-when-stripe_count-1.patch. - commit 8a618ea - ceph: include ceph_debug.h in cache.c (jsc#SES-1134). - ceph: move static keyword to the front of declarations (jsc#SES-1134). - rbd: pull rbd_img_request_create() dout out into the callers (jsc#SES-1134). - libceph: drop unused con parameter of calc_target() (jsc#SES-1134). - ceph: use release_pages() directly (jsc#SES-1134). - rbd: fix response length parameter for encoded strings (jsc#SES-1134). - ceph: allow arbitrary security.* xattrs (jsc#SES-1134). - ceph: only set CEPH_I_SEC_INITED if we got a MAC label (jsc#SES-1134). - ceph: turn ceph_security_invalidate_secctx into static inline (jsc#SES-1134). - ceph: add buffered/direct exclusionary locking for reads and writes (jsc#SES-1134). - libceph: handle OSD op ceph_pagelist_append() errors (jsc#SES-1134). - ceph: don't return a value from void function (jsc#SES-1134). - ceph: don't freeze during write page faults (jsc#SES-1134). - ceph: update the mtime when truncating up (jsc#SES-1134). - ceph: fix indentation in __get_snap_name() (jsc#SES-1134). - ceph: remove incorrect comment above __send_cap (jsc#SES-1134). - ceph: remove CEPH_I_NOFLUSH (jsc#SES-1134). - ceph: remove unneeded test in try_flush_caps (jsc#SES-1134). - ceph: have __mark_caps_flushing return flush_tid (jsc#SES-1134). - ceph: fix comments over ceph_add_cap (jsc#SES-1134). - ceph: eliminate session->s_trim_caps (jsc#SES-1134). - ceph: remove ceph_get_cap_mds and __ceph_get_cap_mds (jsc#SES-1134). - ceph: don't SetPageError on writepage errors (jsc#SES-1134). - commit 3a5a01d - ceph: auto reconnect after blacklisted (jsc#SES-1134). - Refresh patches.suse/ceph-return-EINVAL-if-given-fsc-mount-option-on-kern.patch. - commit a6819c7 - ceph: invalidate all write mode filp after reconnect (jsc#SES-1134). - ceph: return -EIO if read/write against filp that lost file locks (jsc#SES-1134). - ceph: add helper function that forcibly reconnects to ceph cluster (jsc#SES-1134). - ceph: pass filp to ceph_get_caps() (jsc#SES-1134). - ceph: track and report error of async metadata operation (jsc#SES-1134). - ceph: allow closing session in restarting/reconnect state (jsc#SES-1134). - libceph: add function that clears osd client's abort_err (jsc#SES-1134). - libceph: add function that reset client's entity addr (jsc#SES-1134). - ceph: don't list vxattrs in listxattr() (jsc#SES-1134). - ceph: allow copy_file_range when src and dst inode are same (jsc#SES-1134). - commit d6afa0a - EDAC/ghes: Fix locking and memory barrier issues (bsc#1152489). - commit 7d2325a - kabi/severities: whitelist libceph, rbd, and ceph (jsc#SES-1134). - commit 1f1a9d5 - kernel/module.c: wakeup processes in module_wq on module unload (git-fixes). - commit 311cb05 - blacklist.conf: Append 'drm/i915: Preload LUTs if the hw isn't currently using them' - commit 7964f08 ++++ libzypp: - dup: fix removing orphaned packages dropped by to-be-installed products (bsc#1155819) - version 17.18.1 (12) ++++ salt: - Align virt.full_info fixes with upstream Salt - Let salt-ssh use platform-python on RHEL8 (bsc#1158441) - Added: * align-virt-full-info-fixes-with-upstream-192.patch * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch ------------------------------------------------------------------ ------------------ 2019-12-8 - Dec 8 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version: 9.19.6 → 9.19.7 - Fixed swap setup if btrfs is used In case of a volume manager the simplified variant of the device name is used in the fstab file to reference the swap device. However this is only correct for the lvm volume management but not for btrfs. In case of btrfs the swap space is not a subvolume but a real partition and thus the simplified device spec in fstab puts in the loop mapped device which is wrong. This patch fixes it and is related to bsc#1156908 ++++ kernel-default: - ALSA: pcm: oss: Avoid potential buffer overflows (git-fixes). - ALSA: hda: hdmi - Keep old slot assignment behavior for Intel platforms (git-fixes). - ALSA: hda: Modify stream stripe mask only when needed (git-fixes). - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen (git-fixes). - ALSA: hda: hdmi - preserve non-MST PCM routing for Intel platforms (git-fixes). - ALSA: hda: hdmi - fix kernel oops caused by invalid PCM idx (git-fixes). - ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G (git-fixes). - ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 (git-fixes). - ALSA: hda: hdmi - fix regression in connect list handling (git-fixes). - ALSA: hda/hdmi - enable automatic runtime pm for AMD HDMI codecs by default (git-fixes). - ALSA: hda/hdmi - enable runtime pm for newer AMD display audio (git-fixes). - ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio (git-fixes). - ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD (git-fixes). - commit 4b98432 ------------------------------------------------------------------ ------------------ 2019-12-6 - Dec 6 2019 ------------------- ------------------------------------------------------------------ ++++ kdump: - kdump-Clean-up-the-use-of-current-vs-boot-network-iface.patch: Clean up the use of current vs. boot network interface names (bsc#1094444, bsc#1116463, bsc#1141064). - kdump-Use-a-custom-namespace-for-physical-NICs.patch: Use a custom namespace for physical NICs (bsc#1094444, bsc#1116463, bsc#1141064). - kdump-preserve-white-space.patch: Preserve white space when removing kernel command line options (bsc#1117652). ++++ kernel-default: - Linux 5.3.15 (bnc#1151927 5.3.15). - openvswitch: remove another BUG_ON() (bnc#1151927 5.3.15). - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() (bnc#1151927 5.3.15). - net: sched: fix `tc -s class show` no bstats on class with nolock subqueues (bnc#1151927 5.3.15). - selftests: pmtu: use -oneline for ip route list cache (bnc#1151927 5.3.15). - net: macb: add missed tasklet_kill (bnc#1151927 5.3.15). - selftests: bpf: correct perror strings (bnc#1151927 5.3.15). - selftests: bpf: test_sockmap: handle file creation failures gracefully (bnc#1151927 5.3.15). - net/tls: use sg_next() to walk sg entries (bnc#1151927 5.3.15). - net/tls: remove the dead inplace_crypto code (bnc#1151927 5.3.15). - selftests/tls: add a test for fragmented messages (bnc#1151927 5.3.15). - net: skmsg: fix TLS 1.3 crash with full sk_msg (bnc#1151927 5.3.15). - net/tls: free the record on encryption error (bnc#1151927 5.3.15). - net/tls: take into account that bpf_exec_tx_verdict() may free the record (bnc#1151927 5.3.15). - x86/fpu: Don't cache access to fpu_fpregs_owner_ctx (bnc#1151927 5.3.15). - platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size (bnc#1151927 5.3.15). - platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer (bnc#1151927 5.3.15). - HID: core: check whether Usage Page item is after Usage ID items (bnc#1151927 5.3.15). - ext4: add more paranoia checking in ext4_expand_extra_isize handling (bnc#1151927 5.3.15). - net: disallow ancillary data for __sys_{send,recv}msg_file() (bnc#1151927 5.3.15). - net: separate out the msghdr copy from ___sys_{send,recv}msg() (bnc#1151927 5.3.15). - io_uring: async workers should inherit the user creds (bnc#1151927 5.3.15). - gve: Fix the queue page list allocated pages count (bnc#1151927 5.3.15). - openvswitch: fix flow command message size (bnc#1151927 5.3.15). - net: psample: fix skb_over_panic (bnc#1151927 5.3.15). - tipc: fix link name length check (bnc#1151927 5.3.15). - staging: rtl8723bs: Drop ACPI device ids (bnc#1151927 5.3.15). - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids (bnc#1151927 5.3.15). - staging: wilc1000: fix illegal memory access in wilc_parse_join_bss_param() (bnc#1151927 5.3.15). - staging: rtl8192e: fix potential use after free (bnc#1151927 5.3.15). - thunderbolt: Power cycle the router if NVM authentication fails (bnc#1151927 5.3.15). - mei: me: add comet point V device id (bnc#1151927 5.3.15). - mei: bus: prefix device names on bus with the bus name (bnc#1151927 5.3.15). - usb: dwc2: use a longer core rest timeout in dwc2_core_reset() (bnc#1151927 5.3.15). - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P (bnc#1151927 5.3.15). - net: dsa: sja1105: fix sja1105_parse_rgmii_delays() (bnc#1151927 5.3.15). - macvlan: schedule bc_work even if error (bnc#1151927 5.3.15). - mdio_bus: don't use managed reset-controller (bnc#1151927 5.3.15). - sctp: cache netns in sctp_ep_common (bnc#1151927 5.3.15). - sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook (bnc#1151927 5.3.15). - net: fec: fix clock count mis-match (bnc#1151927 5.3.15). - xfrm: Fix memleak on xfrm state destroy (bnc#1151927 5.3.15). - ARM: dts: stm32: Fix CAN RAM mapping on stm32mp157c (bnc#1151927 5.3.15). - arm64: dts: zii-ultra: fix ARM regulator GPIO handle (bnc#1151927 5.3.15). - ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend (bnc#1151927 5.3.15). - arm64: dts: imx8mm: fix compatible string for sdma (bnc#1151927 5.3.15). - ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts (bnc#1151927 5.3.15). - arm64: dts: ls1028a: fix a compatible issue (bnc#1151927 5.3.15). - reset: fix reset_control_ops kerneldoc comment (bnc#1151927 5.3.15). - soundwire: intel: fix intel_register_dai PDI offsets and numbers (bnc#1151927 5.3.15). - thunderbolt: Read DP IN adapter first two dwords in one go (bnc#1151927 5.3.15). - x86/tsc: Respect tsc command line paraemeter for clocksource_tsc_early (bnc#1151927 5.3.15). - perf scripting engines: Iterate on tep event arrays directly (bnc#1151927 5.3.15). - watchdog: pm8916_wdt: fix pretimeout registration flow (bnc#1151927 5.3.15). - mac80211: fix station inactive_time shortly after boot (bnc#1151927 5.3.15). - net/fq_impl: Switch to kvmalloc() for memory allocation (bnc#1151927 5.3.15). - net: stmmac: xgmac: Disable Flow Control when 1 or more queues are in AV (bnc#1151927 5.3.15). - net: stmmac: xgmac: Fix TSA selection (bnc#1151927 5.3.15). - net: stmmac: xgmac: bitrev32 returns u32 (bnc#1151927 5.3.15). - net: stmmac: gmac4: bitrev32 returns u32 (bnc#1151927 5.3.15). - netfilter: ipset: Fix nla_policies to fully support NL_VALIDATE_STRICT (bnc#1151927 5.3.15). - netfilter: nf_tables_offload: skip EBUSY on chain update (bnc#1151927 5.3.15). - netfilter: nf_tables: bogus EOPNOTSUPP on basechain update (bnc#1151927 5.3.15). - net: mscc: ocelot: fix __ocelot_rmw_ix prototype (bnc#1151927 5.3.15). - samples/bpf: fix build by setting HAVE_ATTR_TEST to zero (bnc#1151927 5.3.15). - can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit race condition (bnc#1151927 5.3.15). - can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails (bnc#1151927 5.3.15). - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error (bnc#1151927 5.3.15). - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error (bnc#1151927 5.3.15). - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors (bnc#1151927 5.3.15). - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM (bnc#1151927 5.3.15). - can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open (bnc#1151927 5.3.15). - can: peak_usb: report bus recovery as well (bnc#1151927 5.3.15). - net: fec: add missed clk_disable_unprepare in remove (bnc#1151927 5.3.15). - block: drbd: remove a stray unlock in __drbd_send_protocol() (bnc#1151927 5.3.15). - nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths (bnc#1151927 5.3.15). - nvme-rdma: fix a segmentation fault during module unload (bnc#1151927 5.3.15). - ceph: return -EINVAL if given fsc mount option on kernel w/o support (bnc#1151927 5.3.15). - idr: Fix idr_alloc_u32 on 32-bit systems (bnc#1151927 5.3.15). - idr: Fix integer overflow in idr_for_each_entry (bnc#1151927 5.3.15). - XArray: Fix xas_next() with a single entry at 0 (bnc#1151927 5.3.15). - ASoC: stm32: sai: add restriction on mmap support (bnc#1151927 5.3.15). - ASoC: hdac_hda: fix race in device removal (bnc#1151927 5.3.15). - ASoC: rockchip: rockchip_max98090: Enable SHDN to fix headset detection (bnc#1151927 5.3.15). - ASoC: compress: fix unsigned integer overflow check (bnc#1151927 5.3.15). - drm/amdgpu: add warning for GRBM 1-cycle delay issue in gfx9 (bnc#1151927 5.3.15). - drm/amd/swSMU: fix smu workload bit map error (bnc#1151927 5.3.15). - drm/amdgpu: dont schedule jobs while in reset (bnc#1151927 5.3.15). - clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call (bnc#1151927 5.3.15). - clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate (bnc#1151927 5.3.15). - scripts/gdb: fix debugging modules compiled with hot/cold partitioning (bnc#1151927 5.3.15). - mm/gup_benchmark: fix MAP_HUGETLB case (bnc#1151927 5.3.15). - commit de8adb7 - Update patches.suse/ALSA-hda-hdmi-add-Tigerlake-support.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/ASoC-SOF-ipc-Fix-memory-leak-in-sof_set_get_large_ct.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/ASoC-SOF-topology-Fix-bytes-control-size-checks.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/ASoC-kirkwood-fix-device-remove-ordering.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/ASoC-kirkwood-fix-external-clock-probe-defer.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/ASoC-msm8916-wcd-analog-Fix-RX1-selection-in-RDAC2-M.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/ASoC-ti-sdma-pcm-Add-back-the-flags-parameter-for-no.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/bpf-Allow-narrow-loads-of-bpf_sysctl-fields-with-off.patch (bsc#1155518 bnc#1151927 5.3.15). - Update patches.suse/bpf-Change-size-to-u64-for-bpf_map_-area_alloc-charg.patch (bsc#1155518 bnc#1151927 5.3.15). - Update patches.suse/bridge-ebtables-don-t-crash-when-using-dnat-target-i.patch (bsc#1154353 bnc#1151927 5.3.15). - Update patches.suse/can-rx-offload-can_rx_offload_offload_one-do-not-inc.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/can-rx-offload-can_rx_offload_queue_tail-fix-error-h.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-at91-avoid-sleeping-early.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-at91-fix-update-bit-maps-on-CFG_MOR-write.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-at91-sam9x60-fix-programmable-clock.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-samsung-exynos5420-Preserve-PLL-configuration-du.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-samsung-exynos542x-Move-G3D-subsystem-clocks-to-.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-samsung-exynos5433-Fix-error-paths.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-sunxi-Fix-operator-precedence-in-sunxi_divs_clk_.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-sunxi-ng-a80-fix-the-zero-ing-of-bits-16-and-18.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clk-ti-clkctrl-Fix-failed-to-enable-error-with-doubl.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/clocksource-drivers-mediatek-Fix-error-handling.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/drm-amdgpu-register-gpu-instance-before-fan-boost-fe.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/fbdev-c2p-Fix-link-failure-on-non-inlining.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/i40e-Fix-for-ethtool-m-issue-on-X722-NIC.patch (jsc#SLE-8025 bnc#1151927 5.3.15). - Update patches.suse/iavf-initialize-ITRN-registers-with-correct-values.patch (jsc#SLE-7940 bnc#1151927 5.3.15). - Update patches.suse/ice-fix-potential-infinite-loop-because-loop-counter.patch (jsc#SLE-7926 bnc#1151927 5.3.15). - Update patches.suse/idr-Fix-idr_get_next_ul-race-with-idr_remove.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/mac80211-fix-ieee80211_txq_setup_flows-failure-path.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/net-bcmgenet-reapply-manual-settings-to-the-PHY.patch (jsc#SLE-7772 bnc#1151927 5.3.15). - Update patches.suse/net-bcmgenet-use-RGMII-loopback-for-MAC-reset.patch (jsc#SLE-7772 bnc#1151927 5.3.15). - Update patches.suse/net-mlx5e-Fix-eswitch-debug-print-of-max-fdb-flow.patch (jsc#SLE-8464 bnc#1151927 5.3.15). - Update patches.suse/net-mlx5e-Use-correct-enum-to-determine-uplink-port.patch (jsc#SLE-8464 bnc#1151927 5.3.15). - Update patches.suse/pinctrl-cherryview-Allocate-IRQ-chip-dynamic.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/powerpc-bpf-Fix-tail-call-implementation.patch (bsc#1157698 bnc#1151927 5.3.15). - Update patches.suse/pwm-bcm-iproc-Prevent-unloading-the-driver-module-wh.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/reset-Fix-memory-leak-in-reset_control_array_put.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/slip-Fix-use-after-free-Read-in-slip_open.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/soc-imx-gpc-fix-initialiser-format.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/stacktrace-Don-t-skip-first-entry-on-noncurrent-task.patch (bnc#1154866 bnc#1151927 5.3.15). - Update patches.suse/thunderbolt-Fix-lockdep-circular-locking-depedency-w.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/watchdog-bd70528-Add-MODULE_ALIAS-to-allow-module-au.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/watchdog-imx_sc_wdt-Pretimeout-should-follow-SCU-fir.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/watchdog-meson-Fix-the-wrong-value-of-left-time.patch (git-fixes bnc#1151927 5.3.15). - Update patches.suse/x86-resctrl-prevent-null-pointer-dereference-when-reading-mondata.patch (bsc#1152489 bnc#1151927 5.3.15). - commit ac8515c - Refresh and enable patches.suse/0001-MODSIGN-do-not-load-mok-when-secure-boot-disabled.patch. (fate#316531) - commit 44cbe3a ++++ snapper: - snapper-zypp-plugin subpackage rewritten from Python to C++ (jsc#SLE-10500) - added integration tests in snapper-testsuite subpackage - version 0.8.7 ------------------------------------------------------------------ ------------------ 2019-12-5 - Dec 5 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version: 9.18.16 → 9.19.6 This version includes several fixes: * Fixed setup of default grub config In /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT also contained the root= information. If grub2-mkconfig runs with that information it places the root device information twice because grub2-mkconfig resolves this information itself. This commit prevents the root= information to be placed in the default grub config and Fixes bsc#1156908 * Include grub.cfg inside the efi partition This commit ensures the grub.cfg file is included within the vfat efi partition. This fixes #1271 and bsc#1157354 * Reference commit for SUSE maintenance This commit adds a reference to Issue #1261 and the report in bugzilla bsc#1157104 * Fixed zipl bootloader setup for s390 images The preparation to call zipl and the call itself were wrong. For whatever reason the kernel image the initrd are moved to another location prior to calling zipl. That move broke the system because no kernel/initrd existed at the expected place anymore. In addition the zipl call itself was issued from a the wrong directory. Also no config file was written as an after effect of the refactoring in Issue #1194. This Fixes #1173 and bsc#1156694 * Ensure grub.cfg is copied in EFI/BOOT folder This commit fixes the live images in efi mode. Grub configuration file is copied to the correct location in /EFI/BOOT. Fixes bsc#1155815 * Fix the sha256 generated file content This commit makes sure the generated sha256 file in a 'kiwi result bundle' call includes the filename with the correct extension. For compressed files it was omiting the suffix that included during the compression. Fixes #1223 and related to bsc#1139915 ++++ kernel-default: - supported.conf: Support Broadcom's Genet Ethernet driver (bsc#158563) - commit 9ba4eec - net: thunderx: start phy before starting autonegotiation (bsc#1158107). - commit 7049617 - s390/livepatch: Implement reliable stack tracing for the consistency model (jsc#SLE-11050). - Update config files. - commit 069014a - s390/unwind: add stack pointer alignment sanity checks (jsc#SLE-11050). - commit 1bb4634 - s390/unwind: filter out unreliable bogus %r14 (jsc#SLE-11050). - commit 2756f26 - s390/unwind: start unwinding from reliable state (jsc#SLE-11050). - commit f610667 - s390/test_unwind: print verbose unwinding results (jsc#SLE-11050). - commit 0357290 - s390: fix register clobbering in CALL_ON_STACK (jsc#SLE-11050). - commit 0d20bdc - s390/unwind: always inline get_stack_pointer (jsc#SLE-11050). - commit b82cd7f - s390/unwind: stop gracefully at task pt_regs (jsc#SLE-11050). - commit 02b1171 - s390/head64: correct init_task stack setup (jsc#SLE-11050). - commit bb6645d - blacklist.conf: Add 9163e0184bd7 and 91cbf01178c3 - commit 7e1a7fc - s390/unwind: make reuse_sp default when unwinding pt_regs (jsc#SLE-11050). - commit d6b50c9 - s390/unwind: report an error if pt_regs are not on stack (jsc#SLE-11050). - commit 13143f4 - s390: avoid misusing CALL_ON_STACK for task stack setup (jsc#SLE-11050). - commit 49822da - s390: correct CALL_ON_STACK back_chain saving (jsc#SLE-11050). - commit d1292ec - s390/unwind: unify task is current checks (jsc#SLE-11050). - commit f37218c - s390: disable preemption when switching to nodat stack with CALL_ON_STACK (jsc#SLE-11050). - commit 2b3e23a - s390: always inline disabled_wait (jsc#SLE-11050). - commit e18f4f8 - s390/unwind: drop unnecessary code around calling ftrace_graph_ret_addr() (jsc#SLE-11050). - commit f07dfe2 - s390: always inline current_stack_pointer() (jsc#SLE-11050). - commit b8e1cdf - s390/process: avoid custom stack unwinding in get_wchan (jsc#SLE-11050). - commit 83d7f05 - s390/unwind: fix get_stack_pointer(NULL, NULL) (jsc#SLE-11050). - commit cf38773 - s390/stacktrace: use common arch_stack_walk infrastructure (jsc#SLE-11050). - Update config files. - commit c353280 ++++ bluez: - Add tools-Fix-build-after-y2038-changes-in-glibc.patch * The 32-bit SIOCGSTAMP has been deprecated. Use the deprecated name to fix the build.(bsc#1156544) ++++ systemd: - Upgrade to v244 (commit 090da85161ceb1ba0b4c208963c7156a8fdf10c6) See https://github.com/openSUSE/systemd/blob/SUSE/v244/NEWS for details. This includes the following bug fixes: - upstream commit b49e14d5f3081dfcd363d8199a14c0924ae9152f (bsc#1139459) - upstream commit 22683674716fd0e5b016ce5a7d8fd90df5f9f9e7 (bsc#1151377) - upstream commit faf205de3ba9a11b0ba17682123d7f3fedc7da24 (bsc#1151377) - upstream commit 27c3112dcbd1b5f171c36c32550d9c6331375b0b (bsc#1155574) - upstream commit 21b40f16622f171a9969dc334d74fb5eb2f575c2 (bsc#1159814) - upstream commit 9b88bb5023dfa3cea406c14fdaa3d8e3e320907a (jsc#SLE-7689) Legacy and obsolete symlinks have been finally dropped. Dropped 0001-logind-keep-backward-compatibility-with-UserTasksMax.patch. Users were notified about the deprecation of UserTasksMax option and how to move to the new mechanism. The dropin replacement for UserTasksMax is therefore no more generated but its use still produces a warning. Added 0001-SUSE-policy-do-not-clean-tmp-by-default.patch and 0001-Fix-run-lock-group-to-follow-openSUSE-policy.patch. These patches were extracted from the git repo because it's not clear where the SUSE tmpfiles specificities should be located. ++++ libzypp: - Resolver: add solution actions for SOLVER_SOLUTION_BLACK (retracted/PTF) - Solvable: add isRetracted and isPtf attributes. - version 17.18.0 (12) ++++ u-boot-rpiarm64: - Run spec cleaner - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.10 * Patches added: 0023-boo-1144161-Remove-nand-mtd-spi-dfu.patch - boo#1144161 ------------------------------------------------------------------ ------------------ 2019-12-4 - Dec 4 2019 ------------------- ------------------------------------------------------------------ ++++ gstreamer: - Update to version 1.16.2: + Interlaced video scaling fixes + CineForm video support in AVI + audioresample: avoid glitches due to rounding errors after changing rate + Command line tool output printing improvements on Windows + various performance improvements, memory leak fixes and security fixes + VP9 decoding fixes + wasapi: bug fixes and stability improvements + tsdemux: improved handling of certain discontinuities + vaapi h265 decoder: wait for I-frame before trying to decode + tee: Make sure to actually deactivate pads that are released + bin: Drop need-context messages without source instead of crashing + gst: Don't pass miniobjects to GST_DEBUG_OBJECT() and similar macros + tracers: Don't leak temporary GstStructure ++++ gstreamer-plugins-base: - Update to version 1.16.2: + xvimagepool: Update size, stride, and offset with allocated XvImage + video-converter: Fix RGB-XYZ-RGB conversion + audiorate: Update next_offset on rate change + audioringbuffer: Reset reorder flag before check + audio-buffer: Don't fail to map buffers with zero samples + videorate: Fix max-duplication-time handling + gl/gbm: ensure we call the resize callback before attempting to draw + video-converter: Various fixes for interlaced scaling + gstrtspconnection: messages_bytes not decreased + check: Don't use real audio devices for tests + riff: add CineForm mapping + glfilters: Don't use static variables for storing per-element state + glupload: Add VideoMetas and GLSyncMeta to the raw uploaded buffers + streamsynchronizer: avoid pad release race during logging. ++++ kernel-default: - xfs: Sanity check flags of Q_XQUOTARM call (bsc#1158460). - commit 57267ac - fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1158459). - commit d29bae9 - gfs2: add compat_ioctl support (bsc#1158458). - commit fa0941a - ocfs2: fix passing zero to 'PTR_ERR' warning (bsc#1158457). - commit b1e2fe5 - splice: only read in as much information as there is pipe buffer space (bsc#1158456). - commit 0d75db3 - ext4: update direct I/O read lock pattern for IOCB_NOWAIT (bsc#1158454). - iomap: fix return value of iomap_dio_bio_actor on 32bit systems (bsc#1158455). - loop: fix no-unmap write-zeroes request behavior (bsc#1158389). - commit c9b89d4 - supported.conf: support gpio-regulator used by Raspberry Pi 4 (bsc#1158451) - commit 83d8e7e - EDAC/amd64: Set grain per DIMM (bsc#1152489). - commit f4d7468 - ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853). - commit c038bf4 - Update patch reference for ieee802154 fix (CVE-2019-19525 bsc#1158417) - commit 0ca3a8c - Update patch references for input and USB fixes (CVE-2019-19524 bsc#1158413 CVE-2019-19528 bsc#1158407 CVE-2019-19534 bsc#1158398) - commit 61129d2 - mm/page_io.c: annotate refault stalls from swap_readpage (bnc#1155780 (VM/FS functional and performance backports)). - mm: shmem: use proper gfp flags for shmem_writepage() (bnc#1155780 (VM/FS functional and performance backports)). - mm/madvise.c: replace with page_size() in madvise_inject_error() (bnc#1155780 (VM/FS functional and performance backports)). - mm, thp: do not queue fully unmapped pages for deferred split (bnc#1155780 (VM/FS functional and performance backports)). - mm/migrate.c: handle freed page at the first place (bnc#1155780 (VM/FS functional and performance backports)). - mm/hugetlb: avoid looping to the same hugepage if !pages and !vmas (bnc#1155780 (VM/FS functional and performance backports)). - hugetlb: remove duplicated code (bnc#1155780 (VM/FS functional and performance backports)). - hugetlb: region_chg provides only cache entry (bnc#1155780 (VM/FS functional and performance backports)). - hugetlbfs: take read_lock on i_mmap for PMD sharing (bnc#1155780 (VM/FS functional and performance backports)). - hugetlbfs: hugetlb_fault_mutex_hash() cleanup (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmscan.c: fix typo in comment (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: enforce inactive:active ratio at the reclaim root (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: detect file thrashing at the reclaim root (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: move file exhaustion detection to the node level (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: harmonize writeback congestion tracking for nodes & memcgs (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: split shrink_node() into node part and memcgs part (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: turn shrink_node_memcg() into shrink_lruvec() (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: replace shrink_node() loop with a retry jump (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: naming fixes: global_reclaim() and sane_reclaim() (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: move inactive_list_is_low() swap check to the caller (bnc#1155780 (VM/FS functional and performance backports)). - mm: clean up and clarify lruvec lookup procedure (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: simplify lruvec_lru_size() (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmscan.c: remove unused scan_control parameter from pageout() (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmscan: remove unused lru_pages argument (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc: rework vmap_area_lock (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc: add more comments to the adjust_va_to_fit_type() (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc: respect passed gfp_mask when doing preloading (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc: remove preempt_disable/enable when doing preloading (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc.c: remove unnecessary highmem_mask from parameter of gfpflags_allow_blocking() (bnc#1155780 (VM/FS functional and performance backports)). - mm, soft-offline: convert parameter to pfn (bnc#1155780 (VM/FS functional and performance backports)). - mm/memory-failure.c clean up around tk pre-allocation (bnc#1155780 (VM/FS functional and performance backports)). - mm, memfd: fix COW issue on MAP_PRIVATE and F_SEAL_FUTURE_WRITE mappings (bnc#1155780 (VM/FS functional and performance backports)). - mm/rmap.c: use VM_BUG_ON_PAGE() in __page_check_anon_rmap() (bnc#1155780 (VM/FS functional and performance backports)). - mm/rmap.c: fix outdated comment in page_get_anon_vma() (bnc#1155780 (VM/FS functional and performance backports)). - mm/mmap.c: use IS_ERR_VALUE to check return value of get_unmapped_area (bnc#1155780 (VM/FS functional and performance backports)). - mm/rmap.c: reuse mergeable anon_vma as parent when fork (bnc#1155780 (VM/FS functional and performance backports)). - mm/rmap.c: don't reuse anon_vma if we just want a copy (bnc#1155780 (VM/FS functional and performance backports)). - mm/mmap.c: rb_parent is not necessary in __vma_link_list() (bnc#1155780 (VM/FS functional and performance backports)). - mm/mmap.c: extract __vma_unlink_list() as counterpart for __vma_link_list() (bnc#1155780 (VM/FS functional and performance backports)). - mm/mmap.c: __vma_unlink_prev() is not necessary now (bnc#1155780 (VM/FS functional and performance backports)). - mm/mmap.c: prev could be retrieved from vma->vm_prev (bnc#1155780 (VM/FS functional and performance backports)). - mm/swap.c: piggyback lru_add_drain_all() calls (bnc#1155780 (VM/FS functional and performance backports)). - mm/mmap.c: remove a never-triggered warning in __vma_adjust() (bnc#1155780 (VM/FS functional and performance backports)). - rss_stat: add support to detect RSS updates of external mm (bnc#1155780 (VM/FS functional and performance backports)). - mm: emit tracepoint when RSS changes (bnc#1155780 (VM/FS functional and performance backports)). - shmem: pin the file in shmem_fault() if mmap_sem is dropped (bnc#1155780 (VM/FS functional and performance backports)). - mm: drop mmap_sem before calling balance_dirty_pages() in write fault (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: memcontrol: remove mem_cgroup_select_victim_node() (bnc#1155780 (VM/FS functional and performance backports)). - include/linux/memcontrol.h: fix comments based on per-node memcg (bnc#1155780 (VM/FS functional and performance backports)). - mm: memcontrol: remove dead code from memory_max_write() (bnc#1155780 (VM/FS functional and performance backports)). - mm, memcg: clean up reclaim iter array (bnc#1155780 (VM/FS functional and performance backports)). - mm/swap.c: trivial mark_page_accessed() cleanup (bnc#1155780 (VM/FS functional and performance backports)). - mm/filemap.c: warn if stale pagecache is left after direct write (bnc#1155780 (VM/FS functional and performance backports)). - mm/filemap.c: remove redundant cache invalidation after async direct-io write (bnc#1155780 (VM/FS functional and performance backports)). - mm/slub.c: clean up validate_slab() (bnc#1155780 (VM/FS functional and performance backports)). - mm/slub.c: update comments (bnc#1155780 (VM/FS functional and performance backports)). - mm: slub: print the offset of fault addresses (bnc#1155780 (VM/FS functional and performance backports)). - mm, slab_common: use enum kmalloc_cache_type to iterate over kmalloc caches (bnc#1155780 (VM/FS functional and performance backports)). - mm, slab: remove unused kmalloc_size() (bnc#1155780 (VM/FS functional and performance backports)). - mm, slab: make kmalloc_info[] contain all types of names (bnc#1155780 (VM/FS functional and performance backports)). - mm, memcg: make scan aggression always exclude protection (bnc#1155780 (VM/FS functional and performance backports)). - mm, memcg: make memory.emin the baseline for utilisation determination (bnc#1155780 (VM/FS functional and performance backports)). - mm, memcg: proportional memory.{low,min} reclaim (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc.c: move 'area->pages' after if statement (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc: modify struct vmap_area to reduce its size (bnc#1155780 (VM/FS functional and performance backports)). - mm/vmalloc: do not keep unpurged areas in the busy tree (bnc#1155780 (VM/FS functional and performance backports)). - mm: introduce compound_nr() (bnc#1155780 (VM/FS functional and performance backports)). - mm: introduce page_shift() (bnc#1155780 (VM/FS functional and performance backports)). - mm: introduce page_size() (bnc#1155780 (VM/FS functional and performance backports)). - vmalloc: lift the arm flag for coherent mappings to common code (bnc#1155780 (VM/FS functional and performance backports)). - commit d67e35b - bpf, testing: Convert prog tests to probe_read_{user, kernel}{, _str} helper (bsc#1155518). - bpf, samples: Use bpf_probe_read_user where appropriate (bsc#1155518). - commit e02b4fe - Update patch reference for USB can security fix (CVE-2019-19529 bsc#1158381) - commit a96958b - iomap: Fix pipe page leakage during splicing (bsc#1158383). - commit b73f21b - ext4: Fix credit estimate for final inode freeing (bsc#1158380). - commit 99e5121 - ubifs: Fix memory leak in __ubifs_node_verify_hmac error path (bsc#1158378). - commit 7babaf3 - ubifs: Fix memory leak in read_znode() error path (bsc#1158376). - commit b3fc39e - ecryptfs: fix unlink and rmdir in face of underlying fs modifications (bsc#1158374). - commit 9fe5fae - aio: Fix io_pgetevents() struct __compat_aio_sigset layout (bsc#1158373). - commit 569924c - xdp: Fix cleanup on map free for devmap_hash map type (bsc#1155518). - libbpf: Fix call relocation offset calculation bug (bsc#1155518). - selftests, bpf: Fix test_tc_tunnel hanging (bsc#1155518). - selftests, bpf: xdping is not meant to be run standalone (bsc#1155518). - bpf: Fix race in btf_resolve_helper_id() (bsc#1155518). - libbpf: Improve handling of corrupted ELF during map initialization (bsc#1155518). - libbpf: Make btf__resolve_size logic always check size error condition (bsc#1155518). - libbpf: Fix another potential overflow issue in bpf_prog_linfo (bsc#1155518). - libbpf: Fix potential overflow issue (bsc#1155518). - libbpf: Fix memory leak/double free issue (bsc#1155518). - libbpf: Fix negative FD close() in xsk_setup_xdp_prog() (bsc#1155518). - bpf: Account for insn->off when doing bpf_probe_read_kernel (bsc#1155518). - bpf: Switch BPF probe insns to bpf_probe_read_kernel (bsc#1155518). - bpf: Add probe_read_{user, kernel} and probe_read_{user, kernel}_str helpers (bsc#1155518). - bpf: Make use of probe_user_write in probe write helper (bsc#1155518). - uaccess: Add strict non-pagefault kernel-space read function (bsc#1155518). - uaccess: Add non-pagefault user-space write function (bsc#1155518). - bpf: Fix bpf jit kallsym access (bsc#1155518). - libbpf: Don't use kernel-side u32 type in xsk.c (bsc#1155518). - libbpf: Fix off-by-one error in ELF sanity check (bsc#1155518). - libbpf: Fix compatibility for kernels without need_wakeup (bsc#1155518). - libbpf: Fix strncat bounds error in libbpf_prog_type_by_name (bsc#1155518). - bpf: Fix build error without CONFIG_NET (bsc#1155518). - bpf: Fix bpf_attr.attach_btf_id check (bsc#1155518). - selftests/bpf: Add kfree_skb raw_tp test (bsc#1155518). - bpf: Check types of arguments passed into helpers (bsc#1155518). - bpf: Add support for BTF pointers to x86 JIT (bsc#1155518). - bpf: Add support for BTF pointers to interpreter (bsc#1155518). - bpf: Attach raw_tp program with BTF via type name (bsc#1155518). - bpf: Implement accurate raw_tp context access via BTF (bsc#1155518). - libbpf: Auto-detect btf_id of BTF-based raw_tracepoints (bsc#1155518). - bpf: Add attach_btf_id attribute to program load (bsc#1155518). - bpf: Process in-kernel BTF (bsc#1155518). - bpf: Add typecast to bpf helpers to help BTF generation (bsc#1155518). - bpf: Add typecast to raw_tracepoints to help BTF generation (bsc#1155518). - bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() (bsc#1155518). - libbpf: Fix passing uninitialized bytes to setsockopt (bsc#1155518). - selftests/bpf: Fix btf_dump padding test case (bsc#1155518). - selftests/bpf: test_progs: add missing \n to CHECK_FAIL (bsc#1155518). - selftests/bpf: test_progs: fix verbose mode garbage (bsc#1155518). - selftests/bpf: test_progs: remove unused ret (bsc#1155518). - selftests/bpf: test_progs: remove asserts from subtests (bsc#1155518). - selftests/bpf: test_progs: remove global fail/success counts (bsc#1155518). - selftests/bpf: test_progs: test__skip (bsc#1155518). - selftests/bpf: test_progs: drop extra trailing tab (bsc#1155518). - selftests/bpf: test_progs: test__printf -> printf (bsc#1155518). - selftests/bpf: test_progs: switch to open_memstream (bsc#1155518). - commit b4301c5 - blacklist.conf: Add fs/f2fs to blacklist We don't care about F2FS as we don't even compile it. - commit d73a3d9 - ext4: set error return correctly when ext4_htree_store_dirent fails (bsc#1158371). - commit 7f15da5 - Revert "nvme: Add quirk for Kingston NVME SSD running FW E8FK11.T" (git-fixes). - PCI/MSI: Fix incorrect MSI-X masking on resume (git-fixes). - commit e6e544b - block: check bi_size overflow before merge (bsc#1158370). - commit b8ddf8c - series.conf: cleanup update mainline references, refresh and move into sorted section: patches.suse/mm-pcp-Share-common-code-between-memory-hotplug-and-percpu-sysctl-handler.patch patches.suse/mm-pcpu-Make-zone-pcp-updates-and-reset-internal-to-the-mm.patch patches.suse/autonuma-fix-watermark-checking-in-migrate_balanced_pgdat.patch patches.suse/autonuma-reduce-cache-footprint-when-scanning-page-tables.patch patches.suse/CIFS-Fix-SMB2-oplock-break-processing.patch patches.suse/cifs-move-cifsFileInfo_put-logic-into-a-work-queue.patch - commit f9fc458 - series.conf: refresh update mainline references and resort: patches.suse/pci-aardvark-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-altera-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-dwc-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-export-pci_parse_request_of_pci_ranges.patch patches.suse/pci-faraday-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-ftpci100-use-inbound-resources-for-setup.patch patches.suse/pci-iproc-use-inbound-resources-for-setup.patch patches.suse/pci-iproc-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-mediatek-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-mobiveil-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-of-add-inbound-resource-parsing-to-helpers.patch patches.suse/pci-rcar-use-inbound-resources-for-setup.patch patches.suse/pci-rockchip-drop-storing-driver-private-outbound-resource-data.patch patches.suse/pci-rockchip-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-v3-semi-use-inbound-resources-for-setup.patch patches.suse/pci-v3-semi-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-versatile-enable-compile_test.patch patches.suse/pci-versatile-remove-usage-of-phys_offset.patch patches.suse/pci-versatile-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-xgene-use-inbound-resources-for-setup.patch patches.suse/pci-xgene-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-xilinx-nwl-use-pci_parse_request_of_pci_ranges.patch patches.suse/pci-xilinx-use-pci_parse_request_of_pci_ranges.patch patches.suse/resource-add-a-resource_list_first_type-helper.patch - commit 14fed6d ++++ mozilla-nss: - update to NSS 3.47.1 * CVE-2019-11745 - EncryptUpdate should use maxout, not block size (boo#1158527) * Fix a crash that could be caused by client certificates during startup (bmo#1590495, bsc#1158527) * Fix compile-time warnings from uninitialized variables in a perl script (bmo#1589810) - update to NSS 3.47 * Support AES HW acceleration on ARMv8 (bmo#1152625) * Allow per-socket run-time ordering of the cipher suites presented in ClientHello (bmo#1267894) * Add CMAC to FreeBL and PKCS #11 libraries (bmo#1570501) - update to NSS 3.46.1 * The following CA certificates were Removed: expired Class 2 Primary root certificate expired UTN-USERFirst-Client root certificate expired Deutsche Telekom Root CA 2 root certificate Swisscom Root CA 2 root certificate * Significant improvements to AES-GCM performance on ARM * Soft token MAC verification not constant time (bmo#1582343) * Remove arbitrary HKDF output limit by allocating space as needed (bmo#1577953) - update to NSS 3.46 * CVE-2019-17006 - Add length checks for cryptographic primitives (bmo#1539788, bsc#1159819) * The following CA certificates were Removed: expired Class 2 Primary root certificate expired UTN-USERFirst-Client root certificate expired Deutsche Telekom Root CA 2 root certificate Swisscom Root CA 2 root certificate * Significant improvements to AES-GCM performance on ARM ++++ mozilla-nspr: - update to version 4.23 * fixed a build failure that was introduced in 4.22 * correctness fix for Win64 socket polling * whitespace in C files was cleaned up and no longer uses tab characters for indenting - update to version 4.22 * added support for the ARC architecture * removed support for the following platforms: OSF1/Tru64, DGUX, IRIX, Symbian, BeOS * correctness and build fixes ++++ qemu: - Update to v4.2.0-rc4: See http://wiki.qemu.org/ChangeLog/4.2 * Update the support documents used for SUSE SLE releases to cover this qemu release ++++ raspberrypi-firmware: - Add custom gpu_mem config for RPi4 (bsc#1158406) ++++ raspberrypi-firmware-config: - Add custom gpu_mem config for RPi4 (bsc#1158406) ++++ yast2: - Add backward compatible hash accessors to Resolvable which solve several crashes (related to bsc#1132650 and bsc#1140037) - 4.2.47 ------------------------------------------------------------------ ------------------ 2019-12-3 - Dec 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fix mainline references fix Patch-mainline: patches.suse/powercap-intel_rapl-add-support-for-CometLake-Mobile patches.suse/powercap-intel_rapl-add-support-for-Cometlake-desktop - commit 68d56a7 - powercap/intel_rapl: add support for Cometlake desktop (jsc#SLE-8184). - powercap/intel_rapl: add support for CometLake Mobile (jsc#SLE-8184). - commit f7448e7 - config: refresh Only update headers. - commit 908f91e - powerpc/pseries: Enable support for ibm,drc-info property (bsc#1157480 ltc#181028). - PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info (bsc#1157480 ltc#181028). - PCI: rpaphp: Annotate and correctly byte swap DRC properties (bsc#1157480 ltc#181028). - PCI: rpaphp: Add drc-info support for hotplug slot registration (bsc#1157480 ltc#181028). - PCI: rpaphp: Don't rely on firmware feature to imply drc-info support (bsc#1157480 ltc#181028). - PCI: rpaphp: Fix up pointer to first drc-info entry (bsc#1157480 ltc#181028). - powerpc/pseries: Add cpu DLPAR support for drc-info property (bsc#1157480 ltc#181028). - powerpc/pseries: Fix drc-info mappings of logical cpus to drc-index (bsc#1157480 ltc#181028). - powerpc/pseries: Fix bad drc_index_start value parsing of drc-info entry (bsc#1157480 ltc#181028). - commit 557da83 - arm64: Update config files. (jsc#SLE-9943 bsc#1158193) Bump CONFIG_NODES_SHIFT from 2 to 6 - commit 0cfadc1 - rpm/kernel-subpackage-spec: Exclude kernel-firmware recommends (bsc#1143959) For reducing the dependency on kernel-firmware in sub packages - commit d950271 - mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (CVE-2019-14901,bsc#1157042). - commit 7889fe2 - mlx5: add parameter to disable enhanced IPoIB (bsc#1142095) - commit 4ea5d32 - livepatch: Selftests of the API for tracking system state changes (bsc#1071995 fate#323487). - supported.conf: - commit 4fff100 - livepatch: Allow to distinguish different version of system state changes (bsc#1071995 fate#323487). - commit 1b157ca - livepatch: Basic API to track system state changes (bsc#1071995 fate#323487). - Refresh patches.suse/livepatch-create-and-include-UAPI-headers.patch. - commit d8150c3 - livepatch: Keep replaced patches until post_patch callback is called (bsc#1071995 fate#323487). - commit 3c51995 - tracing/kprobe: Check whether the non-suffixed symbol is notrace (bsc#1158279). - commit 8be1214 - Linux 5.3.14 (bnc#1151927 5.3.14). - staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error (bnc#1151927 5.3.14). - usb-serial: cp201x: support Mark-10 digital force gauge (bnc#1151927 5.3.14). - USB: serial: option: add support for Foxconn T77W968 LTE modules (bnc#1151927 5.3.14). - USB: serial: option: add support for DW5821e with eSIM support (bnc#1151927 5.3.14). - USB: serial: mos7840: add USB ID to support Moxa UPort 2210 (bnc#1151927 5.3.14). - USBIP: add config dependency for SGL_ALLOC (bnc#1151927 5.3.14). - USB: chaoskey: fix error case of a timeout (bnc#1151927 5.3.14). - usbip: tools: fix fd leakage in the function of read_attr_usbip_status (bnc#1151927 5.3.14). - appledisplay: fix error handling in the scheduled work (bnc#1151927 5.3.14). - media: imon: invalid dereference in imon_touch_event (bnc#1151927 5.3.14). - media: uvcvideo: Fix error path in control parsing failure (bnc#1151927 5.3.14). - media: cxusb: detect cxusb_ctrl_msg error in query (bnc#1151927 5.3.14). - media: usbvision: Fix races among open, close, and disconnect (bnc#1151927 5.3.14). - media: usbvision: Fix invalid accesses after device disconnect (bnc#1151927 5.3.14). - media: mceusb: fix out of bounds read in MCE receiver buffer (bnc#1151927 5.3.14). - media: vivid: Set vid_cap_streaming and vid_out_streaming to true (bnc#1151927 5.3.14). - cpufreq: Add NULL checks to show() and store() methods of cpufreq (bnc#1151927 5.3.14). - futex: Prevent robust futex exit race (bnc#1151927 5.3.14). - x86/entry/32: Fix FIXUP_ESPFIX_STACK with user CR3 (bnc#1151927 5.3.14). - x86/pti/32: Calculate the various PTI cpu_entry_area sizes correctly, make the CPU_ENTRY_AREA_PAGES assert precise (bnc#1151927 5.3.14). - selftests/x86/sigreturn/32: Invalidate DS and ES when abusing the kernel (bnc#1151927 5.3.14). - selftests/x86/mov_ss_trap: Fix the SYSENTER test (bnc#1151927 5.3.14). - x86/entry/32: Fix NMI vs ESPFIX (bnc#1151927 5.3.14). - x86/entry/32: Unwind the ESPFIX stack earlier on exception entry (bnc#1151927 5.3.14). - x86/entry/32: Move FIXUP_FRAME after pushing %fs in SAVE_ALL (bnc#1151927 5.3.14). - x86/entry/32: Use %ss segment where required (bnc#1151927 5.3.14). - x86/entry/32: Fix IRET exception (bnc#1151927 5.3.14). - x86/cpu_entry_area: Add guard page for entry stack on 32bit (bnc#1151927 5.3.14). - x86/pti/32: Size initial_page_table correctly (bnc#1151927 5.3.14). - x86/doublefault/32: Fix stack canaries in the double fault handler (bnc#1151927 5.3.14). - x86/xen/32: Simplify ring check in xen_iret_crit_fixup() (bnc#1151927 5.3.14). - x86/xen/32: Make xen_iret_crit_fixup() independent of frame layout (bnc#1151927 5.3.14). - x86/stackframe/32: Repair 32-bit Xen PV (bnc#1151927 5.3.14). - x86/speculation: Fix redundant MDS mitigation message (bnc#1151927 5.3.14). - x86/speculation: Fix incorrect MDS/TAA mitigation status (bnc#1151927 5.3.14). - x86/insn: Fix awk regexp warnings (bnc#1151927 5.3.14). - Bluetooth: Fix invalid-free in bcsp_close() (bnc#1151927 5.3.14). - ath10k: restore QCA9880-AR1A (v1) detection (bnc#1151927 5.3.14). - ath9k_hw: fix uninitialized variable data (bnc#1151927 5.3.14). - ath10k: Fix HOST capability QMI incompatibility (bnc#1151927 5.3.14). - Revert "dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues" (bnc#1151927 5.3.14). - nbd: prevent memory leak (bnc#1151927 5.3.14). - md/raid10: prevent access of uninitialized resync_pages offset (bnc#1151927 5.3.14). - net: rtnetlink: prevent underflows in do_setvfinfo() (bnc#1151927 5.3.14). - nfc: port100: handle command failure cleanly (bnc#1151927 5.3.14). - net/ipv4: fix sysctl max for fib_multipath_hash_policy (bnc#1151927 5.3.14). - drm/i915/pmu: "Frequency" is reported as accumulated cycles (bnc#1151927 5.3.14). - drm/i915: Don't oops in dumb_create ioctl if we have no crtcs (bnc#1151927 5.3.14). - drm/amdgpu: disable gfxoff on original raven (bnc#1151927 5.3.14). - drm/amdgpu: disable gfxoff when using register read interface (bnc#1151927 5.3.14). - drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs (bnc#1151927 5.3.14). - tools: gpio: Correctly add make dependencies for gpio_utils (bnc#1151927 5.3.14). - fork: fix pidfd_poll()'s return type (bnc#1151927 5.3.14). - ARM: 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary (bnc#1151927 5.3.14). - vhost/vsock: split packets to send using multiple buffers (bnc#1151927 5.3.14). - commit c30f7a5 - Update patches.suse/0001-Revert-Bluetooth-hci_ll-set-operational-frequency-ea.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/0001-USB-serial-mos7720-fix-remote-wakeup.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/0001-USB-serial-mos7840-fix-remote-wakeup.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/0001-b2c2-flexcop-usb-add-sanity-checking.patch (bsc#1146540 CVE-2019-15291 bnc#1151927 5.3.14). - Update patches.suse/0001-virtio_balloon-fix-shrinker-count.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/0001-virtio_console-allocate-inbufs-in-add_port-only-if-i.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/0001-virtio_ring-fix-return-code-on-DMA-mapping-fails.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/ALSA-usb-audio-Fix-NULL-dereference-at-parsing-BADD.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/KVM-PPC-Book3S-HV-Flush-link-stack-on-guest-exit-to-.patch (CVE-2019-18660 bsc#1157038 bsc#1157923 ltc#182612 bnc#1151927 5.3.14). - Update patches.suse/Revert-fs-ocfs2-fix-possible-null-pointer-dereferenc.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/drm-i915-userptr-Try-to-acquire-the-page-lock-around.patch (bnc#1156537 bnc#1151927 5.3.14). - Update patches.suse/gpio-bd70528-Use-correct-unit-for-debounce-times.patch (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608 bnc#1151927 5.3.14). - Update patches.suse/gpio-max77620-Fixup-debounce-delays.patch (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608 bnc#1151927 5.3.14). - Update patches.suse/gve-fix-dma-sync-bug-where-not-all-pages-synced.patch (bsc#1154353 bnc#1151927 5.3.14). - Update patches.suse/ipv6-route-return-if-there-is-no-fib_nh_gw_family.patch (bsc#1154353 bnc#1151927 5.3.14). - Update patches.suse/mdio_bus-Fix-init-if-CONFIG_RESET_CONTROLLER-n.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/media-vivid-Fix-wrong-locking-that-causes-race-condi.patch (CVE-2019-18683,bsc#1155897 bnc#1151927 5.3.14). - Update patches.suse/mlxsw-spectrum_router-Fix-determining-underlay-for-a.patch (bsc#1154488 bnc#1151927 5.3.14). - Update patches.suse/mm-ksm.c-don-t-WARN-if-page-is-still-mapped-in-remove_stable_node.patch (git fixes (mm/ksm bnc#1151927 5.3.14). - Update patches.suse/mm-memory_hotplug-don-t-access-uninitialized-memmaps-in-shrink_zone_span.patch (git fixes (mm/hotplug) bnc#1151927 5.3.14). - Update patches.suse/mm-slub.c-init_on_free-1-should-wipe-freelist-ptr-for-bulk-allocations.patch (git fixes (mm/slub) bnc#1151927 5.3.14). - Update patches.suse/nbd-fix-memory-leak-in-nbd_get_socket.patch (git-fixes bnc#1151927 5.3.14). - Update patches.suse/net-ath10k-Fix-a-NULL-ptr-deref-bug.patch (CVE-2019-15099,bsc#1146368 bnc#1151927 5.3.14). - Update patches.suse/net-mlx4_en-Fix-wrong-limitation-for-number-of-TX-ri.patch (jsc#SLE-8460 bnc#1151927 5.3.14). - Update patches.suse/net-mlx4_en-fix-mlx4-ethtool-N-insertion.patch (jsc#SLE-8460 bnc#1151927 5.3.14). - Update patches.suse/net-mlx5-Fix-auto-group-size-calculation.patch (jsc#SLE-8464 bnc#1151927 5.3.14). - Update patches.suse/net-mlx5-Update-the-list-of-the-PCI-supported-device.patch (jsc#SLE-8464 bnc#1151927 5.3.14). - Update patches.suse/net-mlx5e-Do-not-use-non-EXT-link-modes-in-EXT-mode.patch (jsc#SLE-8464 bnc#1151927 5.3.14). - Update patches.suse/net-mlx5e-Fix-error-flow-cleanup-in-mlx5e_tc_tun_cre.patch (jsc#SLE-8464 bnc#1151927 5.3.14). - Update patches.suse/net-mlx5e-Fix-set-vf-link-state-error-flow.patch (jsc#SLE-8464 bnc#1151927 5.3.14). - Update patches.suse/net-mlxfw-Verify-FSM-error-code-translation-doesn-t-.patch (jsc#SLE-8464 bnc#1151927 5.3.14). - Update patches.suse/net-sched-act_pedit-fix-WARN-in-the-traffic-path.patch (bsc#1154353 bnc#1151927 5.3.14). - Update patches.suse/net-sched-ensure-opts_len-IP_TUNNEL_OPTS_MAX-in-act_.patch (bsc#1154353 bnc#1151927 5.3.14). - Update patches.suse/net-tls-enable-sk_msg-redirect-to-tls-socket-egress.patch (bsc#1154353 bnc#1151927 5.3.14). - Update patches.suse/powerpc-64s-support-nospectre_v2-cmdline-option.patch (bsc#1131107 bnc#1151927 5.3.14). - Update patches.suse/powerpc-book3s64-Fix-link-stack-flush-on-context-swi.patch (CVE-2019-18660 bsc#1157038 bsc#1157923 ltc#182612 bnc#1151927 5.3.14). - Update patches.suse/sfc-Only-cancel-the-PPS-workqueue-if-it-exists.patch (jsc#SLE-8314 bnc#1151927 5.3.14). - Update patches.suse/taprio-don-t-reject-same-mqprio-settings.patch (bsc#1154353 bnc#1151927 5.3.14). - Update patches.suse/usbip-Fix-uninitialized-symbol-nents-in-stub_recv_cm.patch (git-fixes bnc#1151927 5.3.14). - commit 53302d0 - blacklist.conf: 1d200e9d6f63 ("block: Fix writeback throttling W=1 compiler warnings") - commit e82481b - hwrng: omap - Fix RNG wait loop timeout (git-fixes). - commit 76a15d1 - fix mainline references - fix mainline references: patches.suse/0001-Revert-Bluetooth-hci_ll-set-operational-frequency-ea.patch patches.suse/0001-Revert-mfd-syscon-Set-name-of-regmap_config.patch patches.suse/0001-USB-serial-mos7720-fix-remote-wakeup.patch patches.suse/0001-USB-serial-mos7840-fix-remote-wakeup.patch patches.suse/0001-ppdev-fix-PPGETTIME-PPSETTIME-ioctls.patch - commit d4e2479 - series.conf: refresh - update mainline references and resort: patches.suse/of-address-fix-of_pci_range_parser_one-translation-of-dma-addresses.patch patches.suse/of-address-follow-dma-parent-for-dma-coherent.patch patches.suse/of-address-introduce-of_get_next_dma_parent-helper.patch patches.suse/of-address-translate-dma-ranges-for-parent-nodes-missing-dma-ranges.patch patches.suse/of-factor-out-addr-size-cells-parsing.patch patches.suse/of-make-of_dma_get_range-work-on-bus-nodes.patch patches.suse/powerpc-book3s64-hash-Use-secondary-hash-for-bolted-.patch patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch patches.suse/powerpc-papr_scm-Fix-an-off-by-one-check-in-papr_scm.patch patches.suse/powerpc-pseries-Don-t-fail-hash-page-table-insert-fo.patch patches.suse/powerpc-pseries-Don-t-opencode-HPTE_V_BOLTED.patch patches.suse/powerpc-pseries-address-checkpatch-warnings-in-dlpar.patch patches.suse/powerpc-pseries-safely-roll-back-failed-DLPAR-cpu-ad.patch patches.suse/powerpc-security-Fix-wrong-message-when-RFI-Flush-is.patch patches.suse/powerpc-security-book3s64-Report-L1TF-status-in-sysf.patch patches.suse/powerpc-xive-Prevent-page-fault-issues-in-the-machin.patch patches.suse/scsi-lpfc-Add-FA-WWN-Async-Event-reporting.patch patches.suse/scsi-lpfc-Add-FC-AL-support-to-lpe32000-models.patch patches.suse/scsi-lpfc-Add-additional-discovery-log-messages.patch patches.suse/scsi-lpfc-Add-enablement-of-multiple-adapter-dumps.patch patches.suse/scsi-lpfc-Add-log-macros-to-allow-print-by-serverity.patch patches.suse/scsi-lpfc-Add-registration-for-CPU-Offline-Online-ev.patch patches.suse/scsi-lpfc-Change-default-IRQ-model-on-AMD-architectu.patch patches.suse/scsi-lpfc-Clarify-FAWNN-error-message.patch patches.suse/scsi-lpfc-Complete-removal-of-FCoE-T10-PI-support-on.patch patches.suse/scsi-lpfc-Fix-GPF-on-scsi-command-completion.patch patches.suse/scsi-lpfc-Fix-NULL-check-before-mempool_destroy-is-n.patch patches.suse/scsi-lpfc-Fix-NVME-io-abort-failures-causing-hangs.patch patches.suse/scsi-lpfc-Fix-NVMe-ABTS-in-response-to-receiving-an-.patch patches.suse/scsi-lpfc-Fix-SLI3-hba-in-loop-mode-not-discovering-.patch patches.suse/scsi-lpfc-Fix-a-kernel-warning-triggered-by-lpfc_get.patch patches.suse/scsi-lpfc-Fix-a-kernel-warning-triggered-by-lpfc_sli.patch patches.suse/scsi-lpfc-Fix-bad-ndlp-ptr-in-xri-aborted-handling.patch patches.suse/scsi-lpfc-Fix-configuration-of-BB-credit-recovery-in.patch patches.suse/scsi-lpfc-Fix-coverity-errors-on-NULL-pointer-checks.patch patches.suse/scsi-lpfc-Fix-device-recovery-errors-after-PLOGI-fai.patch patches.suse/scsi-lpfc-Fix-discovery-failures-when-target-device-.patch patches.suse/scsi-lpfc-Fix-duplicate-unreg_rpi-error-in-port-offl.patch patches.suse/scsi-lpfc-Fix-dynamic-fw-log-enablement-check.patch patches.suse/scsi-lpfc-Fix-hardlockup-in-lpfc_abort_handler.patch patches.suse/scsi-lpfc-Fix-hdwq-sgl-locks-and-irq-handling.patch patches.suse/scsi-lpfc-Fix-host-hang-at-boot-or-slow-boot.patch patches.suse/scsi-lpfc-Fix-kernel-crash-at-lpfc_nvme_info_show-du.patch patches.suse/scsi-lpfc-Fix-list-corruption-detected-in-lpfc_put_s.patch patches.suse/scsi-lpfc-Fix-list-corruption-in-lpfc_sli_get_iocbq.patch patches.suse/scsi-lpfc-Fix-lockdep-errors-in-sli_ringtx_put.patch patches.suse/scsi-lpfc-Fix-locking-on-mailbox-command-completion.patch patches.suse/scsi-lpfc-Fix-lpfc_cpumask_of_node_init.patch patches.suse/scsi-lpfc-Fix-miss-of-register-read-failure-check.patch patches.suse/scsi-lpfc-Fix-premature-re-enabling-of-interrupts-in.patch patches.suse/scsi-lpfc-Fix-pt2pt-discovery-on-SLI3-HBAs.patch patches.suse/scsi-lpfc-Fix-reporting-of-read-only-fw-error-errors.patch patches.suse/scsi-lpfc-Fix-rpi-release-when-deleting-vport.patch patches.suse/scsi-lpfc-Fix-spinlock_irq-issues-in-lpfc_els_flush_.patch patches.suse/scsi-lpfc-Fix-unexpected-error-messages-during-RSCN-.patch patches.suse/scsi-lpfc-Initialize-cpu_map-for-not-present-cpus.patch patches.suse/scsi-lpfc-Make-FW-logging-dynamically-configurable.patch patches.suse/scsi-lpfc-Make-function-lpfc_defer_pt2pt_acc-static.patch patches.suse/scsi-lpfc-Make-lpfc_debugfs_ras_log_data-static.patch patches.suse/scsi-lpfc-Remove-lock-contention-target-write-path.patch patches.suse/scsi-lpfc-Revise-interrupt-coalescing-for-missing-sc.patch patches.suse/scsi-lpfc-Slight-fast-path-performance-optimizations.patch patches.suse/scsi-lpfc-Sync-with-FC-NVMe-2-SLER-change-to-require.patch patches.suse/scsi-lpfc-Update-async-event-logging.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.4.0.1.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.6.0.0.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.6.0.1.patch patches.suse/scsi-lpfc-Update-lpfc-version-to-12.6.0.2.patch patches.suse/scsi-lpfc-cleanup-remove-unused-fcp_txcmlpq_cnt.patch patches.suse/scsi-lpfc-fix-Coverity-lpfc_cmpl_els_rsp-Null-pointe.patch patches.suse/scsi-lpfc-fix-Coverity-lpfc_get_scsi_buf_s3-Null-poi.patch patches.suse/scsi-lpfc-fix-build-error-of-lpfc_debugfs.c-for-vfre.patch patches.suse/scsi-lpfc-fix-coverity-error-of-dereference-after-nu.patch patches.suse/scsi-lpfc-fix-inlining-of-lpfc_sli4_cleanup_poll_lis.patch patches.suse/scsi-lpfc-fix-lpfc_nvmet_mrq-to-be-bound-by-hdw-queu.patch patches.suse/scsi-lpfc-fix-spelling-error-in-MAGIC_NUMER_xxx.patch patches.suse/scsi-lpfc-lpfc_attr-Fix-Use-plain-integer-as-NULL-po.patch patches.suse/scsi-lpfc-lpfc_nvmet-Fix-Use-plain-integer-as-NULL-p.patch patches.suse/scsi-lpfc-revise-nvme-max-queues-to-be-hdwq-count.patch patches.suse/scsi-megaraid_sas-Unique-names-for-MSI-X-vectors.patch patches.suse/scsi-megaraid_sas-remove-unused-variables-debugBlk-f.patch patches.suse/scsi-mpt3sas-Add-app-owned-flag-support-for-diag-buf.patch patches.suse/scsi-mpt3sas-Bump-mpt3sas-driver-version-to-32.100.0.patch patches.suse/scsi-mpt3sas-Display-message-before-releasing-diag-b.patch patches.suse/scsi-mpt3sas-Fail-release-cmnd-if-diag-buffer-is-rel.patch patches.suse/scsi-mpt3sas-Fix-clear-pending-bit-in-ioctl-status.patch patches.suse/scsi-mpt3sas-Fix-module-parameter-max_msix_vectors.patch patches.suse/scsi-mpt3sas-Free-diag-buffer-without-any-status-che.patch patches.suse/scsi-mpt3sas-Maintain-owner-of-buffer-through-Unique.patch patches.suse/scsi-mpt3sas-Register-trace-buffer-based-on-NVDATA-s.patch patches.suse/scsi-mpt3sas-Reject-NVMe-Encap-cmnds-to-unsupported-.patch patches.suse/scsi-mpt3sas-Reuse-diag-buffer-allocated-at-load-tim.patch patches.suse/scsi-mpt3sas-Use-Component-img-header-to-get-Package.patch patches.suse/scsi-mpt3sas-clear-release-bit-when-buffer-reregiste.patch patches.suse/scsi-qedf-Add-port_id-getter.patch patches.suse/scsi-qla2xxx-Add-error-handling-for-PLOGI-ELS-passth.patch patches.suse/scsi-qla2xxx-Capture-FW-dump-on-MPI-heartbeat-stop-e.patch patches.suse/scsi-qla2xxx-Check-for-MB-timeout-while-capturing-IS.patch patches.suse/scsi-qla2xxx-Do-command-completion-on-abort-timeout.patch patches.suse/scsi-qla2xxx-Dual-FCP-NVMe-target-port-support.patch patches.suse/scsi-qla2xxx-Fix-SRB-leak-on-switch-command-timeout.patch patches.suse/scsi-qla2xxx-Fix-a-dma_pool_free-call.patch patches.suse/scsi-qla2xxx-Fix-device-connect-issues-in-P2P-config.patch patches.suse/scsi-qla2xxx-Fix-double-scsi_done-for-abort-path.patch patches.suse/scsi-qla2xxx-Fix-driver-unload-hang.patch patches.suse/scsi-qla2xxx-Improve-logging-for-scan-thread.patch patches.suse/scsi-qla2xxx-Remove-an-include-directive.patch patches.suse/scsi-qla2xxx-Retry-PLOGI-on-FC-NVMe-PRLI-failure.patch patches.suse/scsi-qla2xxx-Set-remove-flag-for-all-VP.patch patches.suse/scsi-qla2xxx-Update-driver-version-to-10.01.00.20-k.patch patches.suse/scsi-qla2xxx-Update-driver-version-to-10.01.00.21-k.patch patches.suse/scsi-qla2xxx-don-t-use-zero-for-FC4_PRIORITY_NVME.patch patches.suse/scsi-qla2xxx-initialize-fc4_type_priority.patch patches.suse/scsi-qla2xxx-remove-redundant-assignment-to-pointer-.patch patches.suse/scsi-smartpqi-Align-driver-syntax-with-oob.patch patches.suse/scsi-smartpqi-add-inquiry-timeouts.patch patches.suse/scsi-smartpqi-bump-version-to-1.2.10-025.patch patches.suse/scsi-smartpqi-change-TMF-timeout-from-60-to-30-secon.patch patches.suse/scsi-smartpqi-clean-up-indentation-of-a-statement.patch patches.suse/scsi-smartpqi-correct-syntax-issue.patch patches.suse/scsi-smartpqi-fix-LUN-reset-when-fw-bkgnd-thread-is-.patch patches.suse/scsi-smartpqi-fix-call-trace-in-device-discovery.patch patches.suse/scsi-smartpqi-fix-controller-lockup-observed-during-.patch patches.suse/scsi-smartpqi-fix-problem-with-unique-ID-for-physica.patch patches.suse/scsi-smartpqi-remove-set-but-not-used-variable-ctrl_.patch patches.suse/scsi-smartpqi-remove-unused-manifest-constants.patch patches.suse/scsi-target-compare-full-CHAP_A-Algorithm-strings.patch patches.suse/scsi-target-fix-SendTargets-All-string-compares.patch patches.suse/scsi-target-iscsi-CHAP-add-support-for-SHA1-SHA256-a.patch patches.suse/scsi-target-iscsi-rename-some-variables-to-avoid-con.patch patches.suse/scsi-target-iscsi-tie-the-challenge-length-to-the-ha.patch patches.suse/scsi-target-remove-unused-extension-parameters.patch No effect on expanded tree. - commit 1cb26c8 - fix mainline references Fix patch-mainline tag: patches.suse/btrfs-fix-memory-leaks-in-the-test-test_find_first_c.patch patches.suse/btrfs-make-test_find_first_clear_extent_bit-fail-on-.patch - commit 5794053 - NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624). - commit 1203c55 ++++ libssh: - Fix CVE-2019-14889: arbitrary command execution; (bsc#1158095) * Add CVE-2019-14889.patch ++++ systemd: - Import commit dbb1d4734daffa62e0eddecfa4f784c84a9d8e76 1439d72a72 udevd: don't use monitor after manager_exit() 99288dd778 Revert "udevd: fix crash when workers time out after exit is signal caught" 152577d6d0 udevd: fix crash when workers time out after exit is signal caught f854991504 udevd: wait for workers to finish when exiting (bsc#1106383) Changes from the v243-stable (84 commits): e51d9bf9e5 man: add entry about SpeedMeter= aa1fc791c7 udev: silence warning about PROGRAM+= or IMPORT+= rules b9a619bb67 udevadm: ignore EROFS and return earlier 1ec5b9f80c basic: add vmware hypervisor detection from device-tree 7fa7080248 umount: be happy if /proc/swaps doesn't exist [...] 47d0e23d26 udev: fix memleak caused by wrong cleanup function a6fb0542c5 parse_hwdb: fix compatibility with pyparsing 2.4.* cb1d892f17 parse_hwdb: process files in order ++++ salt: - Fix StreamClosedError issue (bsc#1157479) - Added: * fix-batch_async-obsolete-test.patch * fixing-streamclosed-issue.patch ++++ read-only-root-fs: - Update to version 1.0+git20191203.3f7cc07: * Workaround /var being RO during systemd-journal-flush (boo#1156421) ------------------------------------------------------------------ ------------------ 2019-12-2 - Dec 2 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Btrfs: make test_find_first_clear_extent_bit fail on incorrect results (bsc#1158210). - commit e7e7b18 - Btrfs: fix memory leaks in the test test_find_first_clear_extent_bit (bsc#1158210). - commit 04b8200 - Revert "mfd: syscon: Set name of regmap_config" (git-fixes). - commit da59436 - blacklist.conf: specific to SPARC64 - commit 6880b65 - ppdev: fix PPGETTIME/PPSETTIME ioctls (git-fixes). - commit 71fc6dc - USB: serial: mos7840: fix remote wakeup (git-fixes). - commit 6ebc1fd - USB: serial: mos7720: fix remote wakeup (git-fixes). - commit aeee58e - Revert "Bluetooth: hci_ll: set operational frequency earlier" (git-fixes). - commit 8b8f5bf - perf script: Fix invalid LBR/binary mismatch error (git-fixes). - watchdog: aspeed: Fix clock behaviour for ast2600 (git-fixes). - slip: Fix use-after-free Read in slip_open (git-fixes). - net/sched: annotate lockless accesses to qdisc->empty (git-fixes). - kselftest: Fix NULL INSTALL_PATH for TARGETS runlist (git-fixes). - md/raid0: Fix an error message in raid0_make_request() (git-fixes). - io_uring: Fix mm_fault with READ/WRITE_FIXED (git-fixes). - Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()" (git-fixes). - nbd:fix memory leak in nbd_get_socket() (git-fixes). - KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast() (git-fixes). - ARM: dts: stm32: remove OV5640 pinctrl definition on stm32mp157c-ev1 (git-fixes). - Refresh patches.suse/ARM-dts-stm32-change-joystick-pinctrl-definition-on-.patch. - commit c09426f - libnvdimm: Export the target_node attribute for regions and namespaces (bsc#1158071). - commit 9d24c0f - blacklist.conf: add four more entries - commit 49fe688 - drm/mcde: Fix an error handling path in 'mcde_probe()' (git-fixes). - usb: gadget: configfs: Fix missing spin_lock_init() (git-fixes). - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit() (git-fixes). - commit 53a444b ++++ libvirt: - Update to libvirt 5.10.0 - bsc#1157149 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html - Dropped patches: 2552752f-libxl-fix-lock-manager-lock-ordering.patch - Added patches: 0a65cba4-news-fix.patch ++++ python-libvirt-python: - Update to 5.10.0 - Add all new APIs and constants in libvirt 5.10.0 ++++ yast2: - Use 70-yast.conf instead of 30-yast.conf to write YaST settings under /etc/sysctl.d (related to jsc#SLE-9077). - 4.2.46 ------------------------------------------------------------------ ------------------ 2019-11-29 - Nov 29 2019 ------------------- ------------------------------------------------------------------ ++++ cryptsetup: - New version 2.0.6 (jsc#SLE-5911, bsc#1165580): Changes since version 2.0.5 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ * Fix support of larger metadata areas in LUKS2 header. This release properly supports all specified metadata areas, as documented in LUKS2 format description (see docs/on-disk-format-luks2.pdf in archive). Currently, only default metadata area size is used (in format or convert). Later cryptsetup versions will allow increasing this metadata area size. * If AEAD (authenticated encryption) is used, cryptsetup now tries to check if the requested AEAD algorithm with specified key size is available in kernel crypto API. This change avoids formatting a device that cannot be later activated. For this function, the kernel must be compiled with the CONFIG_CRYPTO_USER_API_AEAD option enabled. Note that kernel user crypto API options (CONFIG_CRYPTO_USER_API and CONFIG_CRYPTO_USER_API_SKCIPHER) are already mandatory for LUKS2. * Fix setting of integrity no-journal flag. Now you can store this flag to metadata using --persistent option. * Fix cryptsetup-reencrypt to not keep temporary reencryption headers if interrupted during initial password prompt. * Adds early check to plain and LUKS2 formats to disallow device format if device size is not aligned to requested sector size. Previously it was possible, and the device was rejected to activate by kernel later. * Fix checking of hash algorithms availability for PBKDF early. Previously LUKS2 format allowed non-existent hash algorithm with invalid keyslot preventing the device from activation. * Allow Adiantum cipher construction (a non-authenticated length-preserving fast encryption scheme), so it can be used both for data encryption and keyslot encryption in LUKS1/2 devices. For benchmark, use: [#] cryptsetup benchmark -c xchacha12,aes-adiantum [#] cryptsetup benchmark -c xchacha20,aes-adiantum For LUKS format: [#] cryptsetup luksFormat -c xchacha20,aes-adiantum-plain64 -s 256 The support for Adiantum will be merged in Linux kernel 4.21. For more info see the paper https://eprint.iacr.org/2018/720. ++++ kernel-default: - platform/x86: ISST: Allow additional TRL MSRs (jsc#SLE-10687). - commit 435b3fb - supported.conf: sort - commit ac3011b - Update config files. ppc64 is lats architecture without PRINTK_TIME. Align with the rest. - commit 4fb63b6 - s390: vfio-ap: fix warning reset not completed (jsc#SLE-7524 LTC#178970). - commit fd793bf - Update config files (bsc#1158055 LTC#182629). - commit 1b24df4 - Move upstreamed patches into sorted section Refresh: patches.suse/0001-b2c2-flexcop-usb-add-sanity-checking.patch patches.suse/driver-core-simplify-definitions-of-platform_get_irq.patch patches.suse/drm-amdgpu-Add-DC-feature-mask-to-disable-fractional.patch - commit 71f50c8 - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (CVE-2019-14895 bsc#1157158). - commit d8b66ee - series.conf: refresh - update upstream reference and resort: patches.suse/RDMA-bnxt_re-Fix-stat-push-into-dma-buffer-on-gen-p5-devices.patch No effect on expanded tree. - commit b878e91 - series.conf: refresh - update upstream references and resort patches.suse/dma-direct-avoid-a-forward-declaration-for-phys_to_dma.patch patches.suse/dma-direct-check-for-overflows-on-32-bit-dma-addresses.patch patches.suse/dma-direct-exclude-dma_direct_map_resource-from-the-min_low_pfn-check.patch patches.suse/dma-direct-unify-the-dma_capable-definitions.patch patches.suse/dma-mapping-treat-dev-bus_dma_mask-as-a-dma-limit.patch patches.suse/x86-pci-sta2x11-use-default-dma-address-translation.patch - commit 3b7773d ++++ util-linux: - mount: fall back to device node name if /dev/mapper link not found (bsc#1149911) * Add patch: util-linux-canonicalize-coverity-scan.patch ++++ polkit: - Fix usage of libexecdir instead of prefix/lib where applicable. ++++ util-linux-systemd: - mount: fall back to device node name if /dev/mapper link not found (bsc#1149911) * Add patch: util-linux-canonicalize-coverity-scan.patch ++++ yast2: - Do not crash while reading the product info (related to bsc#1132650 and bsc#1140037). - 4.2.45 ------------------------------------------------------------------ ------------------ 2019-11-28 - Nov 28 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049+git115.c2d8d6fb: * suse: Remove incorrect usage of %_libexecdir (boo#1155785) ++++ kernel-default: - virtio_balloon: fix shrinker count (git-fixes). - commit 923948e - virtio_balloon: fix shrinker scan number of pages (gif-fixes). - commit 217c80e - virtio_ring: fix return code on DMA mapping fails (git-fixes). - commit d775d67 - regulator: core: make regulator_register() EPROBE_DEFER aware (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - regulator: core: Add label to collate of_node_put() statements (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - regulator: core: Add of_node_put() before return (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - commit 48eb6c5 - net/smc: receive pending data after RCV_SHUTDOWN (jsc#SLE-7521 LTC#178954). - net/smc: receive returns without data (jsc#SLE-7521 LTC#178954). - net/smc: fix SMCD link group creation with VLAN id (jsc#SLE-7521 LTC#178954). - commit 83dcb05 - s390: add support for IBM z15 machines (bsc#1156538 LTC#182406). - Update config files. - commit c53f40a - Update patches.suse/RDMA-Fix-goto-target-to-release-the-allocated-memory.patch (jsc#SLE-8449 bsc#1157171 CVE-2019-19077). - commit e1bdb30 - Update patches.suse/nfp-flower-fix-memory-leak-in-nfp_flower_spawn_vnic_.patch (bnc#1151927 5.3.4 bsc#1157045 CVE-2019-19081). - commit e720525 - Update patches.suse/nfp-flower-prevent-memory-leak-in-nfp_flower_spawn_p.patch (bnc#1151927 5.3.4 bsc#1157044 CVE-2019-19080). - commit 8b64c31 - Update patches.suse/RDMA-hfi1-Prevent-memory-leak-in-sdma_init.patch (jsc#SLE-8449 bnc#1151927 5.3.9 bsc#1157191 CVE-2019-19065). - commit 29b1120 - gpio: stubs in headers should be inline (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - commit d6eb08d - s390/cpumsf: Check for CPU Measurement sampling (bsc#1156561 LTC#182407). - commit 02c88d4 - regulator: add missing 'static inline' to a helper's stub (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - commit a58ac0e - series.conf: refresh - update upstream references and resort: patches.suse/ibmvnic-Bound-waits-for-device-queries.patch patches.suse/ibmvnic-Fix-completion-structure-initialization-again.patch patches.suse/ibmvnic-Serialize-device-queries.patch patches.suse/ibmvnic-Terminate-waiting-device-threads-after-loss-.patch - commit 223cb4b - series.conf: cleanup - move unsortable patches out of sorted section patches.suse/CIFS-Fix-SMB2-oplock-break-processing.patch patches.suse/cifs-move-cifsFileInfo_put-logic-into-a-work-queue.patch - update Patch-mainline tag patches.suse/smb3-fix-leak-in-open-on-server-perf-counter.patch - commit 4594952 ++++ rdma-core: - Add Broadcom fixes (bsc#1157891) - bnxt_re-lib-Add-remaining-pci-ids-for-gen-P5-devices.patch - bnxt_re-lib-Recognize-additional-5750x-device-ID-s.patch ++++ libzypp: - Introduce PurgeKernels class (bsc#1155198) Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules. - Add solver jobs for retracted packages and ptfs. Support for ptf packages and retract ed patches. - Do not enforce 'en' being in RequestedLocales (bsc#1155678) If the user decides to have a system without explicit language support he may do so. - Pass correct posttrans script argument (fixes #190) - BuildRequires: libsolv-devel >= 0.7.8. - version 17.17.0 (12) ++++ salt: - Prevent test_mod_del_repo_multiline_values to fail - Read repo info without using interpolation (bsc#1135656) - Requires vs BuildRequires - Limiting M2Crypto to >= SLE15 - Replacing pycrypto with M2Crypto (bsc#1165425) - Fix for log checking in x509 test - Update to 2019.2.2 release - Added: * fix-for-log-checking-in-x509-test.patch * prevent-test_mod_del_repo_multiline_values-to-fail.patch * read-repo-info-without-using-interpolation-bsc-11356.patch - Modified: * async-batch-implementation.patch * add-hold-unhold-functions.patch * adds-the-possibility-to-also-use-downloadonly-in-kwa.patch * decide-if-the-source-should-be-actually-skipped.patch * allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch * add-batch_presence_ping_timeout-and-batch_presence_p.patch * run-salt-master-as-dedicated-salt-user.patch * run-salt-api-as-user-salt-bsc-1064520.patch * fix-unit-test-for-grains-core.patch * add-environment-variable-to-know-if-yum-is-invoked-f.patch * fix-async-batch-multiple-done-events.patch * activate-all-beacons-sources-config-pillar-grains.patch * fix-for-older-mock-module.patch * do-not-break-repo-files-with-multiple-line-values-on.patch * fall-back-to-pymysql.patch * add-missing-fun-for-returns-from-wfunc-executions.patch * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch * add-virt.volume_infos-and-virt.volume_delete.patch * fix-issue-2068-test.patch * switch-firewalld-state-to-use-change_interface.patch * make-aptpkg.list_repos-compatible-on-enabled-disable.patch * fix-ipv6-scope-bsc-1108557.patch * 2019.2.0-pr-54196-backport-173.patch * do-not-make-ansiblegate-to-crash-on-python3-minions.patch * x509-fixes-111.patch * prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch * add-cpe_name-for-osversion-grain-parsing-u-49946.patch * fix-failing-unit-tests-for-batch-async.patch * temporary-fix-extend-the-whitelist-of-allowed-comman.patch * improve-batch_async-to-release-consumed-memory-bsc-1.patch * batch.py-avoid-exception-when-minion-does-not-respon.patch * preserve-already-defined-destructive_tests-and-expen.patch * virt.volume_infos-fix-for-single-vm.patch * move-server_id-deprecation-warning-to-reduce-log-spa.patch * include-aliases-in-the-fqdns-grains.patch * don-t-call-zypper-with-more-than-one-no-refresh.patch * add-custom-suse-capabilities-as-grains.patch * get-os_arch-also-without-rpm-package-installed.patch * add-saltssh-multi-version-support-across-python-inte.patch * accumulated-changes-required-for-yomi-165.patch * use-adler32-algorithm-to-compute-string-checksums.patch * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch * use-current-ioloop-for-the-localclient-instance-of-b.patch * remove-virt.pool_delete-fast-parameter-178.patch * add-multi-file-support-and-globbing-to-the-filetree-.patch * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch * prevent-systemd-run-description-issue-when-running-a.patch * integration-of-msi-authentication-with-azurearm-clou.patch * virt.volume_infos-needs-to-ignore-inactive-pools-174.patch * virt-1.volume_infos-fix-for-single-vm.patch * add-supportconfig-module-for-remote-calls-and-saltss.patch * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch * strip-trailing-from-repo.uri-when-comparing-repos-in.patch * preserving-signature-in-module.run-state-u-50049.patch * fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch * fix-aptpkg-systemd-call-bsc-1143301.patch * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch * remove-unnecessary-yield-causing-badyielderror-bsc-1.patch * debian-info_installed-compatibility-50453.patch * add-standalone-configuration-file-for-enabling-packa.patch * accumulated-changes-from-yomi-167.patch * add-virt.all_capabilities.patch * fix-memory-leak-produced-by-batch-async-find_jobs-me.patch * do-not-report-patches-as-installed-when-not-all-the-.patch * support-config-non-root-permission-issues-fixes-u-50.patch * add-all_versions-parameter-to-include-all-installed-.patch * fixes-cve-2018-15750-cve-2018-15751.patch * fix-bsc-1065792.patch * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch * avoid-traceback-when-http.query-request-cannot-be-pe.patch * restore-default-behaviour-of-pkg-list-return.patch * take-checksums-arg-into-account-for-postgres.datadir.patch * early-feature-support-config.patch * provide-the-missing-features-required-for-yomi-yet-o.patch * implement-network.fqdns-module-function-bsc-1134860-.patch * fix-virt.full_info-176.patch * checking-for-jid-before-returning-data.patch * virt.volume_infos-silence-libvirt-error-message-175.patch * do-not-crash-when-there-are-ipv6-established-connect.patch * fix-for-suse-expanded-support-detection.patch * fix-a-wrong-rebase-in-test_core.py-180.patch * add-ppc64le-as-a-valid-rpm-package-architecture.patch * make-profiles-a-package.patch * bugfix-any-unicode-string-of-length-16-will-raise-ty.patch * fix-git_pillar-merging-across-multiple-__env__-repos.patch * return-the-expected-powerpc-os-arch-bsc-1117995.patch * fix-async-batch-race-conditions.patch * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch - Removed: * fix-syndic-start-issue.patch * prevent-already-reading-continuous-exception-message.patch * virt.pool_running-fix-pool-start.patch * azurefs-gracefully-handle-attributeerror.patch * virt-handle-whitespaces-in-vm-names.patch * mount-fix-extra-t-parameter.patch * try-except-undefineflags-as-this-operation-is-not-su.patch ++++ yast2: - Do not crash when no base product is found (related to bsc#1132650 and bsc#1140037). - 4.2.44 - Using Y2Packager::Resolvable.any? and Y2Packager::Resolvable.find in order to decrease the required memory (bsc#1132650, bsc#1140037). - 4.2.43 - Network: drop support for obsolete network device types (jsc#SLE-7753) - 4.2.42 ++++ zypper: - Introduce purge-kernels command (bsc#1155198) Adds a new zypper command to cleanup all obsolete kernels as configured by the user. - Request root privs for zypper addlocale and removelocale. - Load only target resolvables for removelocale. - Load only target resolvables for zypper rm (bsc#1157377) - Fix broken search by filelist (bsc#1135114 ) - zypper-log: Replace python by a bash script (fixes#304, fixes#306, bsc#1156158) - locales: do not sort out requested locales which are not available (bsc#1155678) - list_patches_by_issue: rewrite table output and add xml output (bsc#1154805) Prevent listing duplicate matches in tables. XML result is provided within the new element. - list-patches: XML add patch and (bsc#1154805) - Fix zypper lp --cve/bugzilla/issue options (bsc#1155298) - Always execute commit when adding/removing locales (fixes bsc#1155205) - man page: fix description of --table-style,-s (bsc#1154804) - Provide reverse search in zypper (fixes #214) This patch adds a new set of switches to zypper to support searching reverse dependencies for a package or a set of packages. - BuildRequires: libzypp-devel >= 17.16.1. - version 1.14.33 ------------------------------------------------------------------ ------------------ 2019-11-27 - Nov 27 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Correct awk pattern in 20_linux_xen (bsc#900418, bsc#1157912) - Correct linux and initrd handling in 20_linux_xen (bsc#1157912) M grub2-efi-xen-cfg-unquote.patch M grub2-efi-xen-chainload.patch M grub2-efi-xen-cmdline.patch M grub2-efi-xen-removable.patch ++++ kernel-default: - powerpc: add link stack flush mitigation in debugfs (CVE-2019-18660 bsc#1157038 bsc#1157923 ltc#182612). - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel (CVE-2019-18660 bsc#1157038 bsc#1157923 ltc#182612). - powerpc/book3s64: Fix link stack flush on context switch (CVE-2019-18660 bsc#1157038 bsc#1157923 ltc#182612). - commit 538ee5a - net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes). - Delete patches.suse/net-ibmvnic-Fix-EOI-when-running-in-XIVE-mode.patch - reverted upstream - blacklist.conf: Add the removed patch and revert. - commit e63bc30 - PCI: Fix missing inline for pci_pr3_present() (git-fixes). - PCI: Add a helper to check Power Resource Requirements _PR3 existence (git-fixes). - commit 071c077 - regulator: provide regulator_bulk_set_supply_names() (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - commit ef060bf - blacklist.conf: no need to watch for android fixes - commit 4abf123 - s390/pkey: fix memory leak within _copy_apqns_from_user() (jsc#SLE-7533 LTC#178844). - commit 3fe4d6e - s390/crypto: Fix unsigned variable compared with zero (jsc#SLE-7545 LTC#179078). - commit d517803 - s390/crypto: Support for SHA3 via CPACF (MSA6) (jsc#SLE-7545 LTC#179078). - Update config files. - supported.conf: Add sha3_256_s390 and sha3_512_s390. - commit 39adadf - update upstream references - move into sorted section: patches.suse/sched-pelt-Fix-update-of-blocked-PELT-ordering.patch - update upstream reference and move into sorted section: patches.suse/sched-cpufreq-Move-the-cfs_rq_util_change-call-to-cpufreq_update_util.patch - update Patch-mainline: patches.suse/sched-core-Further-clarify-sched_class-set_next_task.patch patches.suse/sched-core-Make-pick_next_task_idle-more-consistent.patch patches.suse/sched-core-Optimize-pick_next_task.patch patches.suse/sched-core-Simplify-sched_class-pick_next_task.patch patches.suse/sched-fair-Add-comments-for-group_type-and-balancing-at-SD_NUMA-level.patch patches.suse/sched-fair-Better-document-newidle_balance.patch patches.suse/sched-fair-Clean-up-asym-packing.patch patches.suse/sched-fair-Fix-rework-of-find_idlest_group.patch patches.suse/sched-fair-Optimize-find_idlest_group.patch patches.suse/sched-fair-Remove-meaningless-imbalance-calculation.patch patches.suse/sched-fair-Rename-sg_lb_stats-sum_nr_running-to-sum_h_nr_running.patch patches.suse/sched-fair-Rework-find_idlest_group.patch patches.suse/sched-fair-Rework-load_balance.patch patches.suse/sched-fair-Spread-out-tasks-evenly-when-not-overloaded.patch patches.suse/sched-fair-Use-load-instead-of-runnable-load-in-load_balance.patch patches.suse/sched-fair-Use-load-instead-of-runnable-load-in-wakeup-path.patch patches.suse/sched-fair-Use-mul_u32_u32.patch patches.suse/sched-fair-Use-rq-nr_running-when-balancing-load.patch patches.suse/sched-fair-Use-utilization-to-select-misfit-task.patch patches.suse/sched-fair-util_est-Implement-faster-ramp-up-EWMA-on-utilization-increases.patch patches.suse/sched-pelt-Fix-update-of-blocked-PELT-ordering.patch patches.suse/sched-topology-Don-t-set-SD_BALANCE_WAKE-on-cpuset-domain-relax.patch - commit d845674 - soc/tegra: pmc: Add reset sources and levels on Tegra194 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Add missing IRQ callbacks on Tegra194 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Use lower-case for hexadecimal literals (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - usb: host: xhci-tegra: Correct phy enable sequence (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: tegra186: Add debounce support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: tegra186: Program interrupt route mapping (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: tegra186: Derive register offsets from bank/port (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - memory: tegra: Set DMA mask based on supported address bits (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Fix build error without CONFIG_PM_SLEEP (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Add suspend and resume support on Tegra210 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Share clk and rst register defines with Tegra clock driver (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: clk-super: Fix to enable PLLP branches to CPU (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: clk-dfll: Add suspend and resume support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Use fence_udelay() during PLLU init (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: clk-super: Add restore-context support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: periph: Add restore_context support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Support for OSC context save and restore (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: pll: Save and restore pll context (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: pllout: Save and restore pllout context (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: divider: Save and restore divider rate (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Reimplement SOR clocks on Tegra210 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Reimplement SOR clock on Tegra124 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Rename sor0_lvds to sor0_out (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Move SOR0 implementation to Tegra124 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: tegra: Remove last remains of TEGRA210_CLK_SOR1_SRC (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - clk: Add API to get index of the clock parent (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - dt-bindings: clock: tegra: Rename SOR0_LVDS to SOR0_OUT (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - mfd: max77620: Do not allocate IRQs upfront (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - arm64: kpti: Add NVIDIA's Carmel core to the KPTI whitelist (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Configure deep sleep control settings (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Configure core power request polarity (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Add wake event support on Tegra210 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Support wake events on more Tegra SoCs (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - cpufreq: tegra124: Add suspend and resume support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - ahci: tegra: use regulator_bulk_set_supply_names() (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - phy: tegra: use regulator_bulk_set_supply_names() (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - phy: tegra: xusb: Add vbus override support on Tegra210 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - phy: tegra: xusb: Add vbus override support on Tegra186 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - phy: tegra: xusb: Add usb3 port fake support on Tegra210 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - phy: tegra: xusb: Add XUSB dual mode support on Tegra210 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - iommu/tegra-smmu: Use non-secure register for flushing (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - iommu/tegra-smmu: Fix page tables in > 4 GiB memory (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - iommu/tegra-smmu: Fix client enablement order (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: tegra: Fix CLKREQ dependency programming (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - usb: host: xhci-tegra: Add Tegra194 XHCI support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - xhci: tegra: Parameterize mailbox register addresses (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: tegra186: Implement wake event support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: max77620: Fix interrupt handling (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: max77620: Do not allocate IRQs upfront (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - usb: host: xhci-tegra: use regulator_bulk_set_supply_names() (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - usb: host: xhci-tegra: use devm_platform_ioremap_resource() to simplify code (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - net: stmmac: Support enhanced addressing mode for DWMAC 4.10 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - net: stmmac: Only enable enhanced addressing mode when needed (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: pmc: Fix crashes for hierarchical interrupts (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - soc/tegra: fuse: Add FUSE clock check in tegra_fuse_readl() (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - firmware: tegra: Move BPMP resume to noirq phase (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: bd70528: Use correct unit for debounce times (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: max77620: Fixup debounce delays (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - thermal: tegra: Fix a typo (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - i2c: tegra: Compile PM functions unconditionally (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - arm64: tegra: Add PCIe slot supply information in p2972-0000 platform (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: tegra: Add support to enable slot regulators (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: tegra: Add support to configure sideband pins (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: tegra: Add Tegra194 PCIe support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - phy: tegra: Add PCIe PIPE2UPHY support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: dwc: Add support to enable CDM register check (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: dwc: Export dw_pcie_wait_for_link() API (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: dwc: Add extended configuration space capability search API (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: dwc: Move config space capability search API (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: dwc: Group DBI registers writes requiring unlocking (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: Disable MSI for Tegra root ports (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - PCI: Add #defines for some of PCIe spec r4.0 features (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - pinctrl: tegra: Flush pinctrl writes during resume (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - pinctrl: tegra210: Add Tegra210 pinctrl pm ops (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - pinctrl: tegra: Add suspend and resume support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - net: stmmac: Do not request stmmaceth clock (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - net: stmmac: Make MDIO bus reset optional (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: Add PIO mode support (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: report clk rate errors (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: add support to adjust baud rate (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: DT for Adjusted baud rates (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: add support to use 8 bytes trigger (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: set maximum num of uart ports to 8 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: check for FIFO mode enabled status (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: report error to upper tty layer (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: flush the RX fifo on frame error (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: avoid reg access when clk disabled (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: add support to ignore read (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: protect IER against LCR.DLAB (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - serial: tegra: add internal loopback functionality (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - dmaengine: tegra210-adma: Don't program FIFO threshold (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - dmaengine: tegra-apb: Support per-burst residue granularity (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: pca953x: Drop %s for constant string literals (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: pca953x: Remove explicit comparison with 0 (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: pca953x: Use GENMASK() consistently (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: pca953x: Switch to use device_get_match_data() (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - gpio: Add support for hierarchical IRQ domains (jsc#SLE-9391,jsc#SLE-9388,jsc#SLE-10608). - commit e2e7db7 - s390/qeth: use IQD Multi-Write (jsc#SLE-7795 LTC#179220). - s390/qdio: implement IQD Multi-Write (jsc#SLE-7795 LTC#179220). - s390/qeth: add xmit_more support for IQD devices (jsc#SLE-7795 LTC#179220). - s390/qeth: add BQL support for IQD devices (jsc#SLE-7795 LTC#179220). - s390/qeth: when in TX NAPI mode, use napi_consume_skb() (jsc#SLE-7795 LTC#179220). - s390/qeth: add TX NAPI support for IQD devices (jsc#SLE-7795 LTC#179220). - s390/qeth: collect accurate TX statistics (jsc#SLE-7795 LTC#179220). - s390/qdio: let drivers opt-out from Output Queue scanning (jsc#SLE-7795 LTC#179220). - s390/qdio: enable drivers to poll for Output completions (jsc#SLE-7795 LTC#179220). - commit a827279 - s390/pkey: Add sysfs attributes to emit AES CIPHER key blobs (jsc#SLE-7533 LTC#178844). - s390/zcrypt: fix wrong handling of cca cipher keygenflags (jsc#SLE-7533 LTC#178844). - s390/paes: Prepare paes functions for large key blobs (jsc#SLE-7533 LTC#178844). - s390/pkey: add CCA AES cipher key support (jsc#SLE-7533 LTC#178844). - s390/zcrypt: Add low level functions for CCA AES cipher keys (jsc#SLE-7533 LTC#178844). - s390/zcrypt: extend cca_findcard function and helper (jsc#SLE-7533 LTC#178844). - s390/pkey: pkey cleanup: narrow in-kernel API, fix some variable types (jsc#SLE-7533 LTC#178844). - commit 5c983d1 - of: Make of_dma_get_range() work on bus nodes (jsc#SLE-7772). - of/address: Fix of_pci_range_parser_one translation of DMA addresses (jsc#SLE-7772). - of/address: Translate 'dma-ranges' for parent nodes missing 'dma-ranges' (jsc#SLE-7772). - of: Factor out #{addr,size}-cells parsing (jsc#SLE-7772). - of: address: Follow DMA parent for "dma-coherent" (jsc#SLE-7772). - of/address: Introduce of_get_next_dma_parent() helper (jsc#SLE-7772). - commit 6061577 - ibmvnic: Serialize device queries (bsc#1155689 ltc#182047). - ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047). - ibmvnic: Terminate waiting device threads after loss of service (bsc#1155689 ltc#182047). - ibmvnic: Fix completion structure initialization (bsc#1155689 ltc#182047). - commit 0ff402a - config: refresh - drop SOUNDWIRE from ppc64le/kvmsmall (no longer visible) - update headers - commit 1859c8f - Refresh patches.suse/sched-core-Further-clarify-sched_class-set_next_task.patch. - Refresh patches.suse/sched-core-Make-pick_next_task_idle-more-consistent.patch. - Refresh patches.suse/sched-core-Optimize-pick_next_task.patch. - Refresh patches.suse/sched-core-Simplify-sched_class-pick_next_task.patch. - Refresh patches.suse/sched-fair-Add-comments-for-group_type-and-balancing-at-SD_NUMA-level.patch. - Refresh patches.suse/sched-fair-Better-document-newidle_balance.patch. - Refresh patches.suse/sched-fair-Clean-up-asym-packing.patch. - Refresh patches.suse/sched-fair-Fix-rework-of-find_idlest_group.patch. - Refresh patches.suse/sched-fair-Optimize-find_idlest_group.patch. - Refresh patches.suse/sched-fair-Remove-meaningless-imbalance-calculation.patch. - Refresh patches.suse/sched-fair-Rename-sg_lb_stats-sum_nr_running-to-sum_h_nr_running.patch. - Refresh patches.suse/sched-fair-Rework-find_idlest_group.patch. - Refresh patches.suse/sched-fair-Rework-load_balance.patch. - Refresh patches.suse/sched-fair-Spread-out-tasks-evenly-when-not-overloaded.patch. - Refresh patches.suse/sched-fair-Use-load-instead-of-runnable-load-in-load_balance.patch. - Refresh patches.suse/sched-fair-Use-load-instead-of-runnable-load-in-wakeup-path.patch. - Refresh patches.suse/sched-fair-Use-mul_u32_u32.patch. - Refresh patches.suse/sched-fair-Use-rq-nr_running-when-balancing-load.patch. - Refresh patches.suse/sched-fair-Use-utilization-to-select-misfit-task.patch. - Refresh patches.suse/sched-fair-util_est-Implement-faster-ramp-up-EWMA-on-utilization-increases.patch. - Refresh patches.suse/sched-topology-Don-t-set-SD_BALANCE_WAKE-on-cpuset-domain-relax.patch. - commit 20b4948 - fix Patch-mainline tags fix Patch-mainline: patches.suse/0001-Bluetooth-btusb-fix-PM-leak-in-error-case-of-setup.patch patches.suse/0001-crypto-af_alg-cast-ki_complete-ternary-op-to-int.patch patches.suse/0001-crypto-algif_skcipher-Use-chunksize-instead-of-block.patch patches.suse/0001-crypto-ecdh-fix-big-endian-bug-in-ECC-library.patch patches.suse/0001-crypto-user-fix-memory-leak-in-crypto_report.patch patches.suse/0001-crypto-user-fix-memory-leak-in-crypto_reportstat.patch patches.suse/0001-libbpf-Fix-struct-end-padding-in-btf_dump.patch - commit 03de6a8 - series.conf: cleanup Keep the number of top level section reasonable. - commit b91f28d - ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling (git-fixes). - ALSA: usb-audio: Fix NULL dereference at parsing BADD (git-fixes). - ALSA: usb-audio: Fix Scarlett 6i6 Gen 2 port data (git-fixes). - ALSA: usb-audio: Add skip_validation option (git-fixes). - ALSA: 6fire: Drop the dead code (git-fixes). - ALSA: usb-audio: sound: usb: usb true/false for bool return type (git-fixes). - commit f395c96 - ALSA: docs: Update about the new PCM sync_stop ops (git-fixes). - ALSA: pcm: Add card sync_irq field (git-fixes). - ALSA: pcm: Add the support for sync-stop operation (git-fixes). - ALSA: pcm: Move PCM_RUNTIME_CHECK() macro into local header (git-fixes). - ALSA: docs: Update document about the default PCM ioctl ops (git-fixes). - ALSA: pcm: Allow NULL ioctl ops (git-fixes). - ALSA: docs: Update for managed buffer allocation mode (git-fixes). - ALSA: pcm: Introduce managed buffer allocation mode (git-fixes). - ALSA: timer: Fix the breakage of slave link open (git-fixes). - ALSA: pcm: Yet another missing check of non-cached buffer type (git-fixes). - ALSA: timer: Fix possible race at assigning a timer instance (git-fixes). - ALSA: timer: Make snd_timer_close() returning void (git-fixes). - ALSA: timer: Unify master/slave linking code (git-fixes). - ALSA: timer: Limit max amount of slave instances (git-fixes). - ALSA: docs: Remove snd_dma_pci_data() usage in documentation (git-fixes). - ALSA: pcm: Create proc files only for non-empty preallocations (git-fixes). - ALSA: pcm: Warn if doubly preallocated (git-fixes). - ALSA: docs: Update documentation about SG- and vmalloc-buffers (git-fixes). - ALSA: pcm: Handle special page mapping in the default mmap handler (git-fixes). - ALSA: memalloc: Add vmalloc buffer allocation support (git-fixes). - ALSA: memalloc: Allow NULL device for SNDRV_DMA_TYPE_CONTINUOUS type (git-fixes). - commit a9f5790 - ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC (git-fixes). - ALSA: hda/hdmi - Clear codec->relaxed_resume flag at unbinding (git-fixes). - ALSA: hda - Disable audio component for legacy Nvidia HDMI codecs (git-fixes). - ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes). - ALSA: hda/realtek - Move some alc236 pintbls to fallback table (git-fixes). - ALSA: hda/realtek - Move some alc256 pintbls to fallback table (git-fixes). - ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes). - ALSA: hda - Add DP-MST support for NVIDIA codecs (git-fixes). - ALSA: hda - Add DP-MST support for non-acomp codecs (git-fixes). - ALSA: hda - Add DP-MST jack support (git-fixes). - ALSA: hda - Rename snd_hda_pin_sense to snd_hda_jack_pin_sense (git-fixes). - ALSA: hda - remove forced polling workaround for CFL and CNL (git-fixes). - ALSA: hda: hdmi - remove redundant code comments (git-fixes). - ALSA: hda: hdmi - fix port numbering for ICL and TGL platforms (git-fixes). - ALSA: hda/hdmi - Clean up Intel platform-specific fixup checks (git-fixes). - ALSA: hda/hdmi - implement mst_no_extra_pcms flag (git-fixes). - ALSA: hda: Disable regmap internal locking (git-fixes). - ALSA: hda - Fix pending unsol events at shutdown (git-fixes). - ALSA: hda: Allow HDA to be runtime suspended when dGPU is not bound to a driver (git-fixes). - commit 81f6f50 - media: vivid: Fix wrong locking that causes race conditions on streaming stop (CVE-2019-18683,bsc#1155897). - media: rcar_drif: fix a memory disclosure (CVE-2019-18786,bsc#1156043). - media: usb: fix memory leak in af9005_identify_state (CVE-2019-18809,bsc#1156258). - commit 5b09130 - xen/gntdev: Use select for DMA_SHARED_BUFFER (bsc#1065600). - commit 97a6782 ++++ libgcrypt: - Fix tests in FIPS mode: * Fix tests: basic benchmark bench-slope pubkey t-cv25519 t-secmem * Add patch libgcrypt-fix-tests-fipsmode.patch ++++ pango: - Update to version 1.44.7+11: * Add a test for ellipsis shaping * Use shape flags for ellipsis * test-shape: Cosmetics ++++ libvirt: - spec: Enable 'libvirt' firewalld zone for firewalld >= 0.7.0 boo#1157766 ++++ qemu: - Update to v4.2.0-rc3: See http://wiki.qemu.org/ChangeLog/4.2 * Patches dropped (upstream unless otherwise noted): ati-add-edid-support.patch ati-vga-add-rage128-edid-support.patch ati-vga-fix-ati_read.patch ati-vga-make-i2c-register-and-bits-confi.patch ati-vga-make-less-verbose.patch ati-vga-try-vga-ddc-first.patch Disable-Waddress-of-packed-member-for-GC.patch hdata-vpd-fix-printing-char-0x00.patch target-i386-add-PSCHANGE_NO-bit-for-the-.patch target-i386-Export-TAA_NO-bit-to-guests.patch vbe-add-edid-support.patch vga-add-ati-bios-tables.patch vga-add-atiext-driver.patch vga-make-memcpy_high-public.patch vga-move-modelist-from-bochsvga.c-to-new.patch * Patches added: Enable-cross-compile-prefix-for-C-compil.patch ensure-headers-included-are-compatible-w.patch roms-Makefile-enable-cross-compile-for-b.patch * Add qemu-ui-spice-app package containing ui-spice-app.so * Add qemu-microvm package containing bios-microvm.bin - Add descriptors for the 128k and 256k SeaBios firmware images - For the record, the following issues reported for SUSE SLE15-SP1 are either fixed in this current package, or are otherwise not an issue: bsc#1079730 bsc#1098403 bsc#1111025 bsc#1128106 bsc#1133031 bsc#1134883 bsc#1135210 bsc#1135902 bsc#1136540 bsc#1136778 bsc#1138534 bsc#1140402 bsc#1143794 bsc#1145379 bsc#1144087 bsc#1145427 bsc#1145436 bsc#1145774 bsc#1146873 bsc#1149811 bsc#1152506 bsc#1155812 bsc#1156642 CVE-2018-12207 CVE-2019-5008 CVE-2019-11135 CVE-2019-12068 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-15890, and the following feature requests are satisfied by this package: fate#327410 fate#327764 fate#327796 jsc#SLE-4883 jsc#SLE-6132 jsc#SLE-6237 jsc#SLE-6754 ++++ raspberrypi-firmware: - Load rpi4-genet-overlay to fix the compatible for the network device (jsc#SLE-7771) ++++ raspberrypi-firmware-config: - Load rpi4-genet-overlay to fix the compatible for the network device (jsc#SLE-7771) ++++ raspberrypi-firmware-dt: - Add rpi4-genet-overlay.dts which sets the upstream compatible for the network device. (jsc#SLE-7771) ++++ rebootmgr: - Fix %posttrans script returning an error code ++++ yast2: - Use /etc/login.defs.d/70-yast.defs to write login.defs values that are overridden by YaST (related to bsc#1155735). - 4.2.41 ------------------------------------------------------------------ ------------------ 2019-11-26 - Nov 26 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched/cpufreq: Move the cfs_rq_util_change() call to cpufreq_update_util() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/pelt: Fix update of blocked PELT ordering (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Add comments for group_type and balancing at SD_NUMA level (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix rework of find_idlest_group() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Further clarify sched_class::set_next_task() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use mul_u32_u32() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Simplify sched_class::pick_next_task() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Optimize pick_next_task() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Make pick_next_task_idle() more consistent (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Better document newidle_balance() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair/util_est: Implement faster ramp-up EWMA on utilization increases (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Rework find_idlest_group() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Optimize find_idlest_group() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use load instead of runnable load in wakeup path (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use utilization to select misfit task (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Spread out tasks evenly when not overloaded (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use load instead of runnable load in load_balance() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use rq->nr_running when balancing load (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Rework load_balance() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Remove meaningless imbalance calculation (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Rename sg_lb_stats::sum_nr_running to sum_h_nr_running (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Clean up asym packing (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/topology: Don't set SD_BALANCE_WAKE on cpuset domain relax (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 0c439b5 - arm64: mm: reserve CMA and crashkernel in ZONE_DMA32 (jsc#SLE-7772). - commit 8dd0df2 - cifs: move cifsFileInfo_put logic into a work-queue (bsc#1154355). - commit 3fc1ff0 - CIFS: Fix SMB2 oplock break processing (bsc#1154355). - commit 6ea244c - cifs: add a helper to find an existing readable handle to a file (bsc#1154355). - commit 86876f3 - smb3: fix signing verification of large reads (bsc#1154355). - commit 151844a - cifs: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1154355). - commit bbed94e - cifs: create a helper to find a writeable handle by path name (bsc#1154355). - Refresh patches.suse/smb3-improve-handling-of-share-deleted-and-share-recreated-.patch. - commit b4e2014 - smb3: Incorrect size for netname negotiate context (bsc#1154355). - commit 2e876d6 - cifs: prepare SMB2_Flush to be usable in compounds (bsc#1154355). - commit 94efab3 - libbpf: Fix struct end padding in btf_dump (git-fixes). - commit 3ff85da - crypto: ecdh - fix big endian bug in ECC library (git-fixes). - commit 3ed4e6a - crypto: user - fix memory leak in crypto_reportstat (git-fixes). - commit 11b554d - crypto: user - fix memory leak in crypto_report (git-fixes). - commit 905d0c3 - crypto: af_alg - cast ki_complete ternary op to int (git-fixes). - commit 62b6457 - crypto: algif_skcipher - Use chunksize instead of blocksize (git-fixes). - commit 638ebae - smb3: improve handling of share deleted (and share recreated) (bsc#1154355). - Refresh patches.suse/smb3-fix-leak-in-open-on-server-perf-counter.patch. - commit b021da1 - PCI: brcmstb: add MSI capability (jsc#SLE-7772). - PCI: brcmstb: add Broadcom STB PCIe host controller driver (jsc#SLE-7772). - config: arm64: enable RPi4 PCIe controller - supported.conf: add pcie-brcmstb RPi4's PCIe controller - linux/log2.h: Add roundup/rounddown_pow_two64() family of functions (jsc#SLE-7772). - commit b2ce31d - dma-mapping: treat dev->bus_dma_mask as a DMA limit (jsc#SLE-7772). - dma-direct: exclude dma_direct_map_resource from the min_low_pfn check (jsc#SLE-7772). - dma-direct: avoid a forward declaration for phys_to_dma (jsc#SLE-7772). - dma-direct: unify the dma_capable definitions (jsc#SLE-7772). - x86/PCI: sta2x11: use default DMA address translation (jsc#SLE-7772). - dma-direct: check for overflows on 32 bit DMA addresses (jsc#SLE-7772). - commit 94cc441 - powerpc/book3s64/hash: Use secondary hash for bolted mapping if the primary is full (bsc#1157778 ltc#182520). - powerpc/pseries: Don't fail hash page table insert for bolted mapping (bsc#1157778 ltc#182520). - powerpc/pseries: Don't opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520). - commit b6eca43 - seltests/powerpc: Add a selftest for memcpy_mcsafe (bsc#1157774 ltc#182579). - powerpc/memcpy: Fix stack corruption for smaller sizes (bsc#1157774 ltc#182579). - commit 34c7004 - Delete patches.suse/soundwire-depend-on-ACPI-OF.patch. - Update config files. - blacklist - commit b6ee2ab - PCI: rcar: Use inbound resources for setup (jsc#SLE-7772). - PCI: iproc: Use inbound resources for setup (jsc#SLE-7772). - PCI: xgene: Use inbound resources for setup (jsc#SLE-7772). - PCI: v3-semi: Use inbound resources for setup (jsc#SLE-7772). - PCI: ftpci100: Use inbound resources for setup (jsc#SLE-7772). - PCI: of: Add inbound resource parsing to helpers (jsc#SLE-7772). - Refresh: patches.suse/PCI-mobiveil-Make-mobiveil_host_init-can-be-used-to-.patch - Refresh: patches.suse/PCI-mobiveil-Refactor-Mobiveil-PCIe-Host-Bridge-IP-d.patch - PCI: versatile: Enable COMPILE_TEST (jsc#SLE-7772). - PCI: versatile: Remove usage of PHYS_OFFSET (jsc#SLE-7772). - PCI: versatile: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: xilinx-nwl: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: xilinx: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: xgene: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: v3-semi: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: rockchip: Drop storing driver private outbound resource data (jsc#SLE-7772). - PCI: rockchip: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: mobiveil: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - Refresh patches.suse/PCI-mobiveil-Refactor-Mobiveil-PCIe-Host-Bridge-IP-d.patch. - Refresh: patches.suse/PCI-mobiveil-Make-mobiveil_host_init-can-be-used-to-.patch - PCI: mediatek: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: iproc: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: faraday: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: dwc: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: altera: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: aardvark: Use pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - PCI: Export pci_parse_request_of_pci_ranges() (jsc#SLE-7772). - resource: Add a resource_list_first_type helper (jsc#SLE-7772). - commit 89f0599 - Bluetooth: btusb: fix PM leak in error case of setup (git-fixes). - virtio_console: allocate inbufs in add_port() only if it is needed (git-fixes). - commit 74ff161 - config: arm64: enable options for nvidia jetson tx1 References: jsc#SLE-9391 - commit 380d090 - arm64: mm: Fix unused variable warning in zone_sizes_init (jsc#SLE-7772). - commit 6fb4438 - Delete patches.suse/0041-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch. (jsc#SLE-9870) This patch be replaced by patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch - commit 736d395 - Delete patches.suse/0039-efi-Add-EFI_SECURE_BOOT-bit.patch. (jsc#SLE-9870) This patch be replaced by patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch - commit 06804cf - RDMA/bnxt_re: Fix stat push into dma buffer on gen p5 devices (bsc#1157115) - commit fc79fc5 - ipmi: Fix memory leak in __ipmi_bmc_register (CVE-2019-19046,bsc#1157304). - spi: lpspi: fix memory leak in fsl_lpspi_probe (CVE-2019-19064,bsc#1157300). - spi: gpio: prevent memory leak in spi_gpio_probe (CVE-2019-19070,bsc#1157294). - mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (CVE-2019-19057,bsc#1157193). - mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (CVE-2019-19056,bsc#1157197). - ath10k: fix memory leak (CVE-2019-19078,bsc#1157032). - rtl8xxxu: prevent leaking urb (CVE-2019-19068,bsc#1157307). - rtlwifi: prevent memory leak in rtl_usb_probe (CVE-2019-19063,bsc#1157298). - rsi: release skb if rsi_prepare_beacon fails (CVE-2019-19071,bsc#1157067). - crypto: user - fix memory leak in crypto_reportstat (CVE-2019-19050,bsc#1157336). - crypto: user - fix memory leak in crypto_report (CVE-2019-19062,bsc#1157333). - commit f284309 - efi: Lock down the kernel at the integrity level if booted in secure boot mode (jsc#SLE-9870). - commit d022ad5 - series.conf: cleanup - rename patches.suse/scsi-qla2xxx-fix-wait-condition-in-loop.patch to patches.suse/scsi-qla2xxx-fix-NPIV-tear-down-process.patch (to match mainline commit subject) - update upstream references and move into sorted section: patches.suse/arm64-Fake-the-IminLine-size-on-systems-affected-by-.patch patches.suse/arm64-compat-Workaround-Neoverse-N1-1542419-for-comp.patch patches.suse/arm64-errata-Hide-CTR_EL0.DIC-on-systems-affected-by.patch patches.suse/libertas-fix-a-potential-NULL-pointer-dereference.patch patches.suse/net-ath10k-Fix-a-NULL-ptr-deref-bug.patch patches.suse/scsi-qla2xxx-fix-NPIV-tear-down-process.patch - move out of "almost mainline" section (the patch has been effectively rejected in this form): patches.suse/ibmveth-Update-ethtool-settings-to-reflect-virtual-p.patch No effect on expanded tree. - commit ab5c717 - series.conf: refresh - update upstream references and resort: patches.suse/0001-arm64-mm-use-arm64_dma_phys_limit-instead-of-calling.patch patches.suse/0002-arm64-rename-variables-used-to-calculate-ZONE_DMA32-.patch patches.suse/0003-arm64-use-both-ZONE_DMA-and-ZONE_DMA32.patch patches.suse/0004-mm-refresh-ZONE_DMA-and-ZONE_DMA32-comments-in-enum-.patch patches.suse/Bluetooth-hci_bcm-Fix-RTS-handling-during-startup.patch patches.suse/net-bcmgenet-Add-BCM2711-support.patch patches.suse/net-bcmgenet-Add-RGMII_RXID-support.patch patches.suse/net-bcmgenet-Add-a-shutdown-callback.patch patches.suse/net-bcmgenet-Avoid-touching-non-existent-interrupt.patch patches.suse/net-bcmgenet-Fix-error-handling-on-IRQ-retrieval.patch patches.suse/net-bcmgenet-Generate-a-random-MAC-if-none-is-valid.patch patches.suse/net-bcmgenet-Refactor-register-access-in-bcmgenet_mi.patch No effect on expanded tree. - commit 6d8a72c - efi: Lock down the kernel if booted in secure boot mode (jsc#SLE-9870). - Update config files. (jsc#SLE-9870) - commit 7f8d57d - efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode (jsc#SLE-9870). - commit 4d3145f - security: lockdown: expose a hook to lock the kernel down (jsc#SLE-9870). - commit d2adcd5 ++++ libgcrypt: - Fix test dsa-rfc6979 in FIPS mode: * Disable tests in elliptic curves with 192 bits which are not recommended in FIPS mode * Add patch libgcrypt-dsa-rfc6979-test-fix.patch ++++ raspberrypi-firmware: - Enable rpi4-cma dt overlay to properly setup CMA on that platform (SLE-7771) - Enable rpi4-pcie-ib-size-fix dt overlay to properly setup PCIe on that platform (SLE-7771) - Update to 6e4a7232c (2019-11-19): * firmware: platform: Differentiate between boostable and turbo clocks * firmware: arm_dt: Set WL_ON and BT_ON from .dtb * firmware: Fixup chosing of bit depth in legacy graphics See: raspberrypi/linux#3331 * firmware: vec: Setup WideScreen Signalling outside of copy protection See: https://www.raspberrypi.org/forums/viewtopic.php?f=28&t=256489 * firmware: Add global reset mailbox * firmware: 2711: De-couple start.elf clock setup from the bootloader * firmware: scaler: Correct defines for SCALER_POS0_START_Y_[MASK|SHIFT] (HVS4) * firmware: platform: Fix missing HDMI PHY power down bit * firmware: Reduce voltage as part of DVFS * firmware: arm-loader: Inherit 2711 mac-address from the bootloader See: http://git/vc4/vc4/merge_requests/687 * firmware: arm_loader: Respect all required frequencies when throttling * firmware: Fixup vcgencmd display_power return values ++++ raspberrypi-firmware-config: - Enable rpi4-cma dt overlay to properly setup CMA on that platform (SLE-7771) - Enable rpi4-pcie-ib-size-fix dt overlay to properly setup PCIe on that platform (SLE-7771) - Update to 6e4a7232c (2019-11-19): * firmware: platform: Differentiate between boostable and turbo clocks * firmware: arm_dt: Set WL_ON and BT_ON from .dtb * firmware: Fixup chosing of bit depth in legacy graphics See: raspberrypi/linux#3331 * firmware: vec: Setup WideScreen Signalling outside of copy protection See: https://www.raspberrypi.org/forums/viewtopic.php?f=28&t=256489 * firmware: Add global reset mailbox * firmware: 2711: De-couple start.elf clock setup from the bootloader * firmware: scaler: Correct defines for SCALER_POS0_START_Y_[MASK|SHIFT] (HVS4) * firmware: platform: Fix missing HDMI PHY power down bit * firmware: Reduce voltage as part of DVFS * firmware: arm-loader: Inherit 2711 mac-address from the bootloader See: http://git/vc4/vc4/merge_requests/687 * firmware: arm_loader: Respect all required frequencies when throttling * firmware: Fixup vcgencmd display_power return values ++++ raspberrypi-firmware-dt: - Add rpi4-cma-overlay.dts, which properly configures CMA on the RPi4 (SLE-7771) - Add rpi4-pcie-ib-size-fix-overlay.dts, which fixes RPi4 PCIe's dma-ranges (SLE-7771) ++++ yast2: - add is_wsl function to detect wsl (boo#1154962) - 4.2.40 ------------------------------------------------------------------ ------------------ 2019-11-25 - Nov 25 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - perf/x86/intel: Support PEBS output to PT (jsc#SLE-8896). - perf: Allow normal events to output AUX data (jsc#SLE-8896). - commit bac2bbc - update patch references Update Patch-mainline: patches.suse/bdi-Add-bdi-id.patch patches.suse/fs-fs-writeback.c-fix-kernel-doc-warning.patch patches.suse/memcg-only-record-foreign-writebacks-with-dirty-pages-when-memcg-is-not-disabled.patch patches.suse/mm-debug.c-PageAnon-is-true-for-PageKsm-pages.patch patches.suse/mm-debug.c-__dump_page-prints-an-extra-line.patch patches.suse/mm-hmm-fix-hmm_range_fault-s-handling-of-swapped-out-pages.patch patches.suse/mm-memcontrol-update-lruvec-counters-in-mem_cgroup_move_account.patch patches.suse/mm-memory_hotplug-don-t-access-uninitialized-memmaps-in-shrink_pgdat_span.patch patches.suse/mm-memory_hotplug-fix-updating-the-node-span.patch patches.suse/mm-move-mem_cgroup_uncharge-out-of-__page_cache_release.patch patches.suse/mm-shrinker-make-shrinker-not-depend-on-memcg-kmem.patch patches.suse/mm-slab.c-fix-kernel-doc-warning-for-__ksize.patch patches.suse/mm-thp-extract-split_queue_-into-a-struct.patch patches.suse/mm-thp-make-deferred-split-shrinker-memcg-aware.patch patches.suse/writeback-Generalize-and-expose-wb_completion.patch patches.suse/writeback-Separate-out-wb_get_lookup-from-wb_get_create.patch patches.suse/writeback-fix-use-after-free-in-finish_writeback_work.patch patches.suse/writeback-memcg-Implement-cgroup_writeback_by_id.patch patches.suse/writeback-memcg-Implement-foreign-dirty-flushing.patch - commit c99b532 - Update patch reference for mlx5 driver fix (CVE-2019-19047 bsc#1157715) - commit 9e3d31d - Update patch reference for vbox driver fix (CVE-2019-19048 bsc#1157720) - commit a46881b - mm/memory_hotplug: fix updating the node span (git fixes (mm/memcontrol)). - fs/fs-writeback.c: fix kernel-doc warning (git fixes (mm/memcontrol)). - memcg: only record foreign writebacks with dirty pages when memcg is not disabled (git fixes (mm/memcontrol)). - writeback: fix use-after-free in finish_writeback_work() (git fixes (mm/memcontrol)). - commit cdafbd8 - powerpc/bpf: Fix tail call implementation (bsc#1157698). - commit 68da2db - writeback, memcg: Implement cgroup_writeback_by_id() (git fixes (mm/memcontrol)). - writeback: Separate out wb_get_lookup() from wb_get_create() (git fixes (mm/memcontrol)). - bdi: Add bdi->id (git fixes (mm/memcontrol)). - writeback: Generalize and expose wb_completion (git fixes (mm/memcontrol)). - commit 14fbce3 - mm/ksm.c: don't WARN if page is still mapped in remove_stable_node() (git fixes (mm/ksm). - commit 89108e1 - mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span() (git fixes (mm/hotplug)). - commit 990c666 - mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes (mm/debug)). - mm/debug.c: __dump_page() prints an extra line (git fixes (mm/debug)). - commit c8d910e - mm/memcontrol: update lruvec counters in mem_cgroup_move_account (git fixes (mm/memcontrol)). - mm: thp: make deferred split shrinker memcg aware (git fixes (mm/memcontrol)). - mm: shrinker: make shrinker not depend on memcg kmem (git fixes (mm/memcontrol)). - mm: move mem_cgroup_uncharge out of __page_cache_release() (git fixes (mm/memcontrol)). - mm: thp: extract split_queue_* into a struct (git fixes (mm/memcontrol)). - writeback, memcg: Implement foreign dirty flushing (git fixes (mm/memcontrol)). - commit 0f63fa2 - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span() (git fixes (mm/hotplug)). - commit 3e5e1ed - mm/slab.c: fix kernel-doc warning for __ksize() (git fixes (mm/slab)). - commit 5cc4ee9 - mm/hmm: fix hmm_range_fault()'s handling of swapped out pages (git fixes (mm/hmm)). - commit c8ec9ab - drm/i915/userptr: Try to acquire the page lock around set_page_dirty() (bnc#1156537). - commit 60d22de - net-ipv6: IPV6_TRANSPARENT - check NET_RAW prior to NET_ADMIN (bsc#1154353). - sfc: Only cancel the PPS workqueue if it exists (jsc#SLE-8314). - net-sysfs: fix netdev_queue_add_kobject() breakage (bsc#1154353). - net/mlxfw: Verify FSM error code translation doesn't exceed array size (jsc#SLE-8464). - net/mlx5: Update the list of the PCI supported devices (jsc#SLE-8464). - net/mlx5: Fix auto group size calculation (jsc#SLE-8464). - net/mlx5e: Add missing capability bit check for IP-in-IP (jsc#SLE-8464). - net/mlx5e: Do not use non-EXT link modes in EXT mode (jsc#SLE-8464). - net/mlx5e: Fix set vf link state error flow (jsc#SLE-8464). - net/mlx5: DR, Limit STE hash table enlarge based on bytemask (jsc#SLE-8464). - net/mlx5: DR, Skip rehash for tables with byte mask zero (jsc#SLE-8464). - net/mlx5: DR, Fix invalid EQ vector number on CQ creation (jsc#SLE-8464). - net/mlx5e: Reorder mirrer action parsing to check for encap first (jsc#SLE-8464). - net/mlx5e: Fix ingress rate configuration for representors (jsc#SLE-8464). - net/mlx5e: Fix error flow cleanup in mlx5e_tc_tun_create_header_ipv4/6 (jsc#SLE-8464). - ipv6/route: return if there is no fib_nh_gw_family (bsc#1154353). - net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject (bsc#1154353). - net: hns3: fix a wrong reset interrupt status mask (bsc#1154353). - net/sched: act_pedit: fix WARN() in the traffic path (bsc#1154353). - net: phylink: fix link mode modification in PHY mode (bsc#1154353). - net: phylink: update documentation on create and destroy (bsc#1154353). - taprio: don't reject same mqprio settings (bsc#1154353). - net/tls: enable sk_msg redirect to tls socket egress (bsc#1154353). - gve: fix dma sync bug where not all pages synced (bsc#1154353). - net/mlx4_en: Fix wrong limitation for number of TX rings (jsc#SLE-8460). - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key (bsc#1154353). - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel (bsc#1154488). - net/mlx4_en: fix mlx4 ethtool -N insertion (jsc#SLE-8460). - net: hns3: cleanup of stray struct hns3_link_mode_mapping (bsc#1154353). - net: hns3: fix ETS bandwidth validation bug (bsc#1154353). - net: hns3: reallocate SSU' buffer size when pfc_en changes (bsc#1154353). - net: hns3: add compatible handling for MAC VLAN switch parameter configuration (bsc#1154353). - RDMA/hns: Correct the value of srq_desc_size (jsc#SLE-8449). - RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (jsc#SLE-8449). - ixgbe: need_wakeup flag might not be set for Tx (jsc#SLE-7979 jsc#SLE-7981). - i40e: need_wakeup flag might not be set for Tx (jsc#SLE-8025). - igb/igc: use ktime accessors for skb->tstamp (jsc#SLE-7967 jsc#SLE-8010 jsc#SLE-7966). - i40e: Fix for ethtool -m issue on X722 NIC (jsc#SLE-8025). - iavf: initialize ITRN registers with correct values (jsc#SLE-7940). - ice: fix potential infinite loop because loop counter being too small (jsc#SLE-7926). - net: hns3: add compatible handling for command HCLGE_OPC_PF_RST_DONE (bsc#1154353). - net/mlx5e: Use correct enum to determine uplink port (jsc#SLE-8464). - net/mlx5: DR, Fix memory leak during rule creation (jsc#SLE-8464). - net/mlx5: DR, Fix memory leak in modify action destroy (jsc#SLE-8464). - net/mlx5e: Fix eswitch debug print of max fdb flow (jsc#SLE-8464). - bridge: ebtables: don't crash when using dnat target in output chains (bsc#1154353). - mlx4_core: fix wrong comment about the reason of subtract one from the max_cqes (jsc#SLE-8460). - net: hns3: Use the correct style for SPDX License Identifier (bsc#1154353). - taprio: fix panic while hw offload sched list swap (bsc#1154353). - net: sched: taprio: fix -Wmissing-prototypes warnings (bsc#1154353). - net: update net_dim documentation after rename (bsc#1154353). - net: taprio: Fix returning EINVAL when configuring without flags (bsc#1154353). - taprio: Add support for hardware offloading (bsc#1154353). - taprio: remove unused variable 'entry_list_policy' (bsc#1154353). - commit 3090b61 - Linux 5.3.13 (bnc#1151927 5.3.13). - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault (bnc#1151927 5.3.13). - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() (bnc#1151927 5.3.13). - block, bfq: deschedule empty bfq_queues not referred by any process (bnc#1151927 5.3.13). - mm/memory_hotplug: fix updating the node span (bnc#1151927 5.3.13). - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span() (bnc#1151927 5.3.13). - fbdev: Ditch fb_edid_add_monspecs (bnc#1151927 5.3.13). - commit 0c2740a - driver core: simplify definitions of platform_get_irq* (jsc#SLE-7772). - mm: refresh ZONE_DMA and ZONE_DMA32 comments in 'enum zone_type' (jsc#SLE-7772). - arm64: use both ZONE_DMA and ZONE_DMA32 (jsc#SLE-7772). Enable CONFIG_ZONE_DMA and CONFIG_BOUNCE - arm64: rename variables used to calculate ZONE_DMA32's size (jsc#SLE-7772). - arm64: mm: use arm64_dma_phys_limit instead of calling max_zone_dma_phys() (jsc#SLE-7772). - net: bcmgenet: Add RGMII_RXID support (jsc#SLE-7772). - net: bcmgenet: Refactor register access in bcmgenet_mii_config (jsc#SLE-7772). - net: bcmgenet: Add BCM2711 support (jsc#SLE-7772). - net: bcmgenet: Fix error handling on IRQ retrieval (jsc#SLE-7772). - net: bcmgenet: Avoid touching non-existent interrupt (jsc#SLE-7772). - Bluetooth: hci_bcm: Fix RTS handling during startup (jsc#SLE-7772). - net: bcmgenet: Add a shutdown callback (jsc#SLE-7772). - net: bcmgenet: Generate a random MAC if none is valid (jsc#SLE-7772). - clocksource/drivers/sh_mtu2: Do not loop using platform_get_irq_by_name() (jsc#SLE-7772). - net: bcmgenet: reapply manual settings to the PHY (jsc#SLE-7772). - Revert "net: bcmgenet: soft reset 40nm EPHYs before MAC init" (jsc#SLE-7772). - net: bcmgenet: use RGMII loopback for MAC reset (jsc#SLE-7772). - iommu/ipmmu-vmsa: Only call platform_get_irq() when interrupt is mandatory (jsc#SLE-7772). - iommu/rockchip: Don't use platform_get_irq to implicitly count irqs (jsc#SLE-7772). - mmc: sdhci-iproc: fix spurious interrupts on Multiblock reads with bcm2711 (jsc#SLE-7772). - mmc: sh_mmcif: Use platform_get_irq_optional() for optional interrupt (jsc#SLE-7772). - mmc: renesas_sdhi: Do not use platform_get_irq() to count interrupts (jsc#SLE-7772). - platform/x86: intel_punit_ipc: Avoid error message when retrieving IRQ (jsc#SLE-7772). - tty: serial: imx: Use platform_get_irq_optional() for optional IRQs (jsc#SLE-7772). - serial: sh-sci: Use platform_get_irq_optional() for optional interrupts (jsc#SLE-7772). - clk: bcm2835: Mark PLLD_PER as CRITICAL (jsc#SLE-7772). - clk: bcm2835: Add BCM2711_CLOCK_EMMC2 support (jsc#SLE-7772). - clk: bcm2835: Introduce SoC specific clock registration (jsc#SLE-7772). - dt-bindings: bcm2835-cprman: Add bcm2711 support (jsc#SLE-7772). - pinctrl: bcm2835: Pass irqchip when adding gpiochip (jsc#SLE-7772). - pinctrl: bcm2835: Add support for BCM2711 pull-up functionality (jsc#SLE-7772). - bluetooth: hci_bcm: Give more time to come out of reset (jsc#SLE-7772). - bluetooth: bcm: Add support for loading firmware for BCM4345C5 (jsc#SLE-7772). - Bluetooth: hci_bcm: Fix -Wunused-const-variable warnings (jsc#SLE-7772). - net: bcmgenet: use devm_platform_ioremap_resource() to simplify code (jsc#SLE-7772). - driver core: platform: Export platform_get_irq_optional() (jsc#SLE-7772). - driver core: platform: Introduce platform_get_irq_optional() (jsc#SLE-7772). - driver core: platform: Add an error message to platform_get_irq*() (jsc#SLE-7772). - mmc: bcm2835: Take SWIOTLB memory size limitation into account (jsc#SLE-7772). - mmc: Remove dev_err() usage after platform_get_irq() (jsc#SLE-7772). - mmc: sdhci-iproc: Add support for emmc2 of the BCM2711 (jsc#SLE-7772). - commit 24df065 - config: disable SECURITY_DMESG_RESTRICT (bsc#1157066) Enabling this option which restricts access to dmesg was not intentional and happened accidentally as part of a commit aiming to enable features which were enabled in SLE. We might restrict dmesg in the future if there is a consensus but for now the proper action is to revert this accidental change which only affected some architectures anyway. - commit 8898c88 - bpf, offload: Unlock on error in bpf_offload_dev_create() (bsc#1155518). - commit dc0b929 ++++ rdma-core: - Update to rdma-core v26.1 (jsc#SLE-8388, jsc#SLE-8394, jsc#SLE-8463, jsc#SLE-8399, jsc#SLE-8254, jsc#SLE-9840, jsc#SLE-9763, jsc#SLE-9925, jsc#SLE-9846, jsc#SLE-9913, jsc#SLE-9729, jsc#SLE-8666) ++++ NetworkManager: - Update to version 1.20.8: + Fix handling of system CA certificates in the ifcfg parser. + Handle ReachableTime and RetransTimer from IPv6 Router Advertisements. + Fixed setting of MTU according to its parent device for some device types. + Various fixes for the initramfs configuration genertor. ++++ raspberrypi-firmware: - If booting RPi in arm64 mode or not will be set by u-boot through ubootconfig.txt. This allows to build u-boot for RPi3/4 with 32-bit. ++++ raspberrypi-firmware-config: - If booting RPi in arm64 mode or not will be set by u-boot through ubootconfig.txt. This allows to build u-boot for RPi3/4 with 32-bit. ++++ u-boot-rpiarm64: - set boot option to arm64 in ubootconfig.txt. This allows us to theoretically build U-Boot for RPi3/4 with 32 bit. - RPi3 revert ubootconfig.txt changes to fix tumbleweed update path ++++ yast2: - bsc#1155735, bsc#1157541: - Read /usr/etc/login.defs. - Write login.defs configuration to /etc/login.defs.d/. - 4.2.39 ------------------------------------------------------------------ ------------------ 2019-11-24 - Nov 24 2019 ------------------- ------------------------------------------------------------------ ++++ harfbuzz: - update to 2.6.4: + small bug fixes and build fixes ------------------------------------------------------------------ ------------------ 2019-11-22 - Nov 22 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: refresh Just unify the headers. - commit f54dfa4 - Refresh patches.suse/btrfs-fix-log-context-list-corruption-after-rename-e.patch. Update upstream status. - commit 9923f87 - Linux 5.3.12 (bnc#1151927 5.3.12). - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros (bnc#1151927 5.3.12). - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present (bnc#1151927 5.3.12). - x86/quirks: Disable HPET on Intel Coffe Lake platforms (bnc#1151927 5.3.12). - net/smc: fix fastopen for non-blocking connect() (bnc#1151927 5.3.12). - net: gemini: add missed free_netdev (bnc#1151927 5.3.12). - ax88172a: fix information leak on short answers (bnc#1151927 5.3.12). - slcan: Fix memory leak in error path (bnc#1151927 5.3.12). - slip: Fix memory leak in slip_open error path (bnc#1151927 5.3.12). - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules (bnc#1151927 5.3.12). - dpaa2-eth: free already allocated channels on probe defer (bnc#1151927 5.3.12). - net/smc: fix refcount non-blocking connect() -part 2 (bnc#1151927 5.3.12). - mlxsw: core: Enable devlink reload only on probe (bnc#1151927 5.3.12). - devlink: Add method for time-stamp on reporter's dump (bnc#1151927 5.3.12). - tcp: remove redundant new line from tcp_event_sk_skb (bnc#1151927 5.3.12). - devlink: disallow reload operation during device cleanup (bnc#1151927 5.3.12). - mm/page_io.c: do not free shared swap slots (bnc#1151927 5.3.12). - mm/memory_hotplug: fix try_offline_node() (bnc#1151927 5.3.12). - mm: slub: really fix slab walking for init_on_free (bnc#1151927 5.3.12). - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() (bnc#1151927 5.3.12). - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bnc#1151927 5.3.12). - mm: mempolicy: fix the wrong return value and potential pages leak of mbind (bnc#1151927 5.3.12). - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing (bnc#1151927 5.3.12). - Input: ff-memless - kill timer in destroy() (bnc#1151927 5.3.12). - io_uring: ensure registered buffer import returns the IO length (bnc#1151927 5.3.12). - drm/i915: update rawclk also on resume (bnc#1151927 5.3.12). - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either (bnc#1151927 5.3.12). - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable (bnc#1151927 5.3.12). - IB/hfi1: TID RDMA WRITE should not return IB_WC_RNR_RETRY_EXC_ERR (bnc#1151927 5.3.12). - IB/hfi1: Calculate flow weight based on QP MTU for TID RDMA (bnc#1151927 5.3.12). - IB/hfi1: Ensure r_tid_ack is valid before building TID RDMA ACK packet (bnc#1151927 5.3.12). - IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bnc#1151927 5.3.12). - Input: synaptics-rmi4 - clear IRQ enables for F54 (bnc#1151927 5.3.12). - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) (bnc#1151927 5.3.12). - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver (bnc#1151927 5.3.12). - KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved (bnc#1151927 5.3.12). - cgroup: freezer: call cgroup_enter_frozen() with preemption disabled in ptrace_stop() (bnc#1151927 5.3.12). - scsi: core: Handle drivers which set sg_tablesize to zero (bnc#1151927 5.3.12). - commit 5f76c3b - Update patches.suse/0003-Revert-drm-i915-ehl-Update-MOCS-table-for-EHL.patch (bsc#1152489 bnc#1151927 5.3.12). - Update patches.suse/ALSA-usb-audio-Fix-incorrect-NULL-check-in-create_ya.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/ALSA-usb-audio-Fix-incorrect-size-check-for-processi.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/ALSA-usb-audio-Fix-missing-error-check-at-mixer-reso.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/ALSA-usb-audio-not-submit-urb-for-stopped-endpoint.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/IB-hfi1-Use-a-common-pad-buffer-for-9B-and-16B-packe.patch (jsc#SLE-8449 bnc#1151927 5.3.12). - Update patches.suse/Input-synaptics-rmi4-fix-video-buffer-size.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/btrfs-fix-log-context-list-corruption-after-rename-e.patch (bsc#1156494 bnc#1151927 5.3.12). - Update patches.suse/ipmr-Fix-skb-headroom-in-ipmr_get_route.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/mmc-sdhci-of-at91-fix-quirk2-overwrite.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/net-ethernet-dwmac-sun8i-Use-the-correct-function-in.patch (git-fixes bnc#1151927 5.3.12). - Update patches.suse/ntp-y2038-Remove-incorrect-time_t-truncation.patch (git-fixes bnc#1151927 5.3.12). - commit 4df5d22 ++++ Mesa: - Update to version 19.2.6 * fixes build on PPC * couple of additional stable patches ++++ mozilla-nspr: - Use FAT LTO objects in order to provide proper static library ++++ yast2: - bnc#1157532 - do not modify /etc/sysctl.conf in inst-sys as it is on r/o filesystem - 4.2.38 ------------------------------------------------------------------ ------------------ 2019-11-21 - Nov 21 2019 ------------------- ------------------------------------------------------------------ ++++ glibc: - prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204]) ++++ kernel-default: - Add crypto modules required by tcrypt (FIPS) References: bsc#1153192 - commit 465a0e6 ++++ Mesa: - Update to version 19.2.5 * There's a little bit over everything in here, with anv and radeonsi standing out as the two biggest components getting changes, but core mesa, core gallium, llvmpipe, nir, egl, i965, tgsi, st/mesa, spirv, and the Intel compiler also fixes in this release. - supersedes u_call-shmget-with-permission-0600-instead-of-0777.patch ++++ libsolv: - support conda constrains dependencies - bump version to 0.7.9 ++++ openssh: - Make sure ssh-keygen runs if SSHD_AUTO_KEYGEN variable is unset or contains an unrecognized value (bsc#1157176). ++++ supportutils: - Addition to version 3.1.6 + Strip trailing commas from process names #64 (bsc#1156837) + Dynamically select compression method (bsc#1145233) + Updated detailed unit information fix in systemd.txt (bsc#1023308) + Fixed supportconig.conf man page with order placement + Include IPv6 routes (bsc#1089877) ++++ yast2: - Linuxrc: Ensure the new opened SCR instace is closed when reading the /etc/install.inf file (bsc#1122493, bsc#1157476) - 4.2.37 - Ensure /etc/install.inf is not read from the target system but from the local one. (bsc#1122493, bsc#1157476) - 4.2.36 ------------------------------------------------------------------ ------------------ 2019-11-20 - Nov 20 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Clear broken ghost entry in patch git-13-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch which breaks (lib)readline (bsc#1157278) ++++ ignition: - Update to version 2.0.1+git20191112.a924dd7: * tests: remove unused partitions, dead code * internal,tests: abolish syscall package * vendor: include golang.org/x/sys/unix * providers: add ibmcloud - turn off SELinux by default ++++ kernel-default: - Refresh patches.suse/scsi-sr-wait-for-the-medium-to-become-ready.patch. Fix refleak on -ENXIO. - commit c02819b - mdio_bus: Fix init if CONFIG_RESET_CONTROLLER=n (git-fixes). - opp: Reinitialize the list_kref before adding the static OPPs again (git-fixes). - commit 61e3e2f - lib: Remove select of inexistant GENERIC_IO (git-fixes). - opp: Don't decrement uninitialized list_kref (git-fixes). - opp: Not all power-domains are scalable (git-fixes). - commit 85c2a10 - software node: Initialize the return value in software_node_to_swnode() (git-fixes). - commit e35cf03 - selftests: mlxsw: Adjust test to recent changes (git-fixes). - selftests: bpf: Skip write only files in debugfs (git-fixes). - selftests/bpf: fix race in flow dissector tests (git-fixes). - commit 7648c5c - riscv: fp: add missing __user pointer annotations (git-fixes). - riscv: init: merge split string literals in preprocessor directive (git-fixes). - riscv: tlbflush: remove confusing comment on local_flush_tlb_all() (git-fixes). - commit d38ab66 - ntp/y2038: Remove incorrect time_t truncation (git-fixes). - NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error (git-fixes). - commit 0b6da77 - ipmr: Fix skb headroom in ipmr_get_route() (git-fixes). - mdio_bus: Fix PTR_ERR applied after initialization to constant (git-fixes). - net: ethernet: dwmac-sun8i: Use the correct function in exit path (git-fixes). - idr: Fix idr_get_next_ul race with idr_remove (git-fixes). - commit b4c1f6c - i2c: core: fix use after free in of_i2c_notify (git-fixes). - commit d2cbfd2 - arm64: hibernate: check pgd table allocation (git-fixes). - arm64: cpufeature: Treat ID_AA64ZFR0_EL1 as RAZ when SVE is not enabled (git-fixes). - ARM: aspeed: ast2500 is ARMv6K (git-fixes). - ARM: 8896/1: VDSO: Don't leak kernel addresses (git-fixes). - ARM: ux500: add missing of_node_put() (git-fixes). - commit cb4b4ca - Update patch reference for nl80211 fix (CVE-2019-19055 bsc#1157319) - commit f616ca4 - Update patch reference for can driver fix (CVE-2019-19052 bsc#1157324) - commit 02e7eba - x86/resctrl: Fix potential lockdep warning (bsc#1152489). - x86/resctrl: Prevent NULL pointer dereference when reading mondata (bsc#1152489). - commit c754fb9 ++++ u-boot-rpiarm64: - enable build for one U-Boot image for RPi3/4 (rpiarm64) implements (jsc#59185) Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.10 * Patches added: 0014-fdt-fix-bcm283x-dm-pre-reloc-defini.patch 0015-arm-dts-bcm283x-Rename-U-Boot-file.patch 0016-drivers-bcm283x-Set-pre-location-fl.patch 0017-pinctrl-bcm283x-Add-compatible-for-.patch 0018-rpi-push-fw_dtb_pointer-in-the-.dat.patch 0019-ARM-bcm283x-Move-BCM283x_BASE-to-a-.patch 0020-ARM-bcm283x-Set-rpi_bcm283x_base-at.patch 0021-ARM-bcm283x-Set-memory-map-at-run-t.patch 0022-ARM-defconfig-add-unified-config-fo.patch - RPi3 delete text base hack in spec file ++++ xfsprogs: - Remove the xfs_scrub_all script from the package, as it is unused and it induces a dependency to python (bsc#1157438). ++++ yast2: - Do not try to find licenses in the installation medium when they have been already downloaded from SCC (bsc#1153326). - 4.2.35 ------------------------------------------------------------------ ------------------ 2019-11-19 - Nov 19 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Update to version 2.62.3: + Use `poll()` in `g_spawn_sync()` rather than `select()`, which is subject to FD limits. + Fix undefined behaviour with `g_utf8_find_prev_char()`. + Bugs fixed: glgo#GNOME/GLib#954, glgo#GNOME/GLib#1318, glgo#GNOME/GLib#1897, glgo#GNOME/GLib#1903, glgo#GNOME/GLib#1916, glgo#GNOME/GLib#1917, glgo#GNOME/GLib!1174, glgo#GNOME/GLib!1184, glgo#GNOME/GLib!1194, glgo#GNOME/GLib!1203, glgo#GNOME/GLib!1207, glgo#GNOME/GLib!1215, glgo#GNOME/GLib!1219, glgo#GNOME/GLib!1222, glgo#GNOME/GLib!1228. ++++ kernel-default: - Update patch reference for another iio driver fix (CVE-2019-19061 bsc#1157192) - commit 75969fc - Update s390 patch reference for cpu idle time calculation (bsc#1156773) - commit 71d745b - Update patch reference for amdgpu fix (CVE-2019-19067 bsc#1157180) - commit 294533e - Update patch reference for iio driver fix (CVE-2019-19060 bsc#1157178) - commit 572806f - Update patch reference for of-unittest fix (CVE-2019-19049 bsc#1157173) - commit 6bfcd8f - Update patch reference for ieee802154 security fix (CVE-2019-19075 bsc#1157162) - commit 0855aff - tracing: Have error path in predicate_parse() free its allocated memory (bsc#1157069 CVE-2019-19072). - commit 387f713 - iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (CVE-2019-19058,bsc#1157145). - commit cb8333d - ath9k: release allocated buffer if timed out (CVE-2019-19074,bsc#1157143). - commit 98c32c1 - Revert "drm/etnaviv: fix dumping of iommuv2 (bsc#1152472)" This reverts commit 48b3bfdd21261e7df15f5aebe2ccb1cc61521bd0. ATM the backported patch doesn't build on arm64. - commit c35e5f9 - Drop scsi-qla2xxx-Fix-memory-leak-when-sending-I-O-fails.patch This patch has introduces an double free. Upstream has dropped it from the scsi-queue before it hit mainline. So let's drop it as well. - commit 44fa42b ++++ kernel-firmware: - Update to version 20191118 (git commit e8a0f4c93147): * rtl_nic: add firmware rtl8168fp-3 * linux-firmware: Update NXP Management Complex firmware to version 10.18.0 ++++ permissions: - fix invalid free() when permfiles points to argv (bsc#1157198, changed 0007-chkstat-fix-privesc-CVE-2019-3690.patch) ++++ qemu: - Expose pschange-mc-no "feature", indicating CPU does not have the page size change machine check vulnerability (CVE-2018-12207 bsc#1155812) target-i386-add-PSCHANGE_NO-bit-for-the-.patch - Expose taa-no "feature", indicating CPU does not have the TSX Async Abort vulnerability. (CVE-2019-11135 bsc#1152506) target-i386-Export-TAA_NO-bit-to-guests.patch Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ++++ u-boot-rpiarm64: - Don't constrain multibuild in openSUSE:Factory:PowerPC and openSUSE:Factory:RISCV - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.10 * Patch added to fix boo#1145646: 0013-arm-arm11-allow-unaligned-memory-ac.patch ------------------------------------------------------------------ ------------------ 2019-11-18 - Nov 18 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Merged in latest upstream (2.1.0), including more fixes for iscsiuio, and cleanup/bug-fixes of new CHAP code. This replaces open-iscsi-2.0.878-suse.tar.bz2 with open-iscsi-2.1.0-suse.tar.bz2, and it resets open-iscsi-SUSE-latest.diff.bz2 with fixes after 2.1.0-suse. Also, updated the Summary lines in the spec file that started with "iSCSI ...", since rpmlint didn't like them starting with a non-capital letter, and updated the version number for iscsiuio to match the code. ++++ kernel-default: - ath9k_htc: release allocated buffer if timed out (CVE-2019-19073,bsc#1157070). - commit 08bd2bd - Update patch reference for fastrpc bug fix (CVE-2019-19069 bsc#1157064) - commit 69da730 - Update patch reference for amdgpu security fix (CVE-2019-19083 bsc#1157049) - commit 7f52050 - drm/amd/display: prevent memory leak (CVE-2019-19082,bsc#1157046). - commit fca18a5 - Revert "drm/i915/ehl: Update MOCS table for EHL" (bsc#1152489) - commit 76a5ebd - drm/i915/gvt: fix dropping obj reference twice (bsc#1152489) - commit 4f5c644 - drm/etnaviv: fix dumping of iommuv2 (bsc#1152472) - commit 48b3bfd ------------------------------------------------------------------ ------------------ 2019-11-17 - Nov 17 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-firmware: - Update to version 20191113 (git commit c62c3c26a5e7): * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * amdgpu: update navi14 vcn firmware * amdgpu: update navi10 vcn firmware ------------------------------------------------------------------ ------------------ 2019-11-16 - Nov 16 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes). - Input: synaptics-rmi4 - fix video buffer size (git-fixes). - commit 22c351b ------------------------------------------------------------------ ------------------ 2019-11-15 - Nov 15 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: usb-audio: Fix incorrect size check for processing/extension units (git-fixes). - ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk() (git-fixes). - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes). - ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes). - ALSA: hda: hdmi - fix pin setup on Tigerlake (git-fixes). - ALSA: hda: Add Cometlake-S PCI ID (git-fixes). - ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes). - commit 8e17c40 - powerpc/xive: Prevent page fault issues in the machine crash handler (bsc#1156882 ltc#182435). - commit 7d95bd5 ++++ p11-kit: - support loading NSS attribute CKA_NSS_MOZILLA_CA_POLICY so Firefox detects built in certificates (boo#1154871, 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch, 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch) ++++ qemu: - Update to v4.1.1, a stable, bug-fix-only release * Besides incorporating the following fixes we already carried, it includes about the same number of other, similar type fixes which we hadn't yet incorporated. * Patches dropped (subsumed by stable update): block-Add-bdrv_co_get_self_request.patch block-create-Do-not-abort-if-a-block-dri.patch block-file-posix-Let-post-EOF-fallocate-.patch block-file-posix-Reduce-xfsctl-use.patch block-io-refactor-padding.patch blockjob-update-nodes-head-while-removin.patch block-Make-wait-mark-serialising-request.patch block-nfs-tear-down-aio-before-nfs_close.patch coroutine-Add-qemu_co_mutex_assert_locke.patch curl-Check-completion-in-curl_multi_do.patch curl-Handle-success-in-multi_check_compl.patch curl-Keep-pointer-to-the-CURLState-in-CU.patch curl-Keep-socket-until-the-end-of-curl_s.patch curl-Pass-CURLSocket-to-curl_multi_do.patch curl-Report-only-ready-sockets.patch hw-arm-boot.c-Set-NSACR.-CP11-CP10-for-N.patch hw-core-loader-Fix-possible-crash-in-rom.patch make-release-pull-in-edk2-submodules-so-.patch memory-Provide-an-equality-function-for-.patch mirror-Keep-mirror_top_bs-drained-after-.patch pr-manager-Fix-invalid-g_free-crash-bug.patch qcow2-bitmap-Fix-uint64_t-left-shift-ove.patch qcow2-Fix-corruption-bug-in-qcow2_detect.patch qcow2-Fix-QCOW2_COMPRESSED_SECTOR_MASK.patch qcow2-Fix-the-calculation-of-the-maximum.patch roms-Makefile.edk2-don-t-pull-in-submodu.patch s390-PCI-fix-IOMMU-region-init.patch s390x-tcg-Fix-VERIM-with-32-64-bit-eleme.patch target-alpha-fix-tlb_fill-trap_arg2-valu.patch target-arm-Don-t-abort-on-M-profile-exce.patch target-arm-Free-TCG-temps-in-trans_VMOV_.patch util-iov-introduce-qemu_iovec_init_exten.patch vhost-Fix-memory-region-section-comparis.patch vpc-Return-0-from-vpc_co_create-on-succe.patch Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ++++ raspberrypi-firmware: - config changes for RPi3: * delete upstream-aux-interrupt as not present anymore * set arm_control for RPi3 only * add RPi3 overlays ++++ raspberrypi-firmware-config: - config changes for RPi3: * delete upstream-aux-interrupt as not present anymore * set arm_control for RPi3 only * add RPi3 overlays ++++ rpm: - Backport lang_package -r fixes from Factory [bnc#1156300] modified: rpm-suse_macros ++++ yast2: - Fix crash in upgrade caused by wrong parameter to snapper (bsc#1156819) - 4.2.34 ------------------------------------------------------------------ ------------------ 2019-11-14 - Nov 14 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Add log level trace - Separate handling of log reopen events and terminal resize events ++++ curl: - Fix segfault in zypper ref: [bsc#1156481] * remove_handle: clear expire timers after multi_done() * Add patch curl-expire-clear.patch ++++ irqbalance: - Revert previous changes for kernel 5.3+ - remove 0001-Revert-remove-affinity_hint-infrastructure.patch - remove set-numa-node.patch - remove 0001-Revert-Types-clean-out-unused-variables-from-irq_inf.patch ++++ kernel-default: - Refresh patches.suse/bdev-add-open_finish.patch. - commit 687caa9 - supported.conf: drop dax_pmem_compat This module is no longer built (jsc#SLE-10690). - commit 359a9f7 - Btrfs: remove unnecessary condition in btrfs_clone() to avoid too much nesting (bsc#1156782). - commit 4154585 - Btrfs: fix ENOSPC errors, leading to transaction aborts, when cloning extents (bsc#1156782). - commit 6466273 - Btrfs: factor out extent dropping code from hole punch handler (bsc#1156782). - commit 037e1c6 - scsi: virtio_scsi: unplug LUNs when events missed (bsc#1156419,jsc#SLE-8281). - scsi: fcoe: fix null-ptr-deref Read in fc_release_transport (bsc#1156419,jsc#SLE-8281). - scsi: ufs-hisi: use devm_platform_ioremap_resource() to (bsc#1156419,jsc#SLE-8281). - scsi: ufshcd: use devm_platform_ioremap_resource() to (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: use devm_platform_ioremap_resource() to (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Use kmemdup in ufshcd_read_string_desc() (bsc#1156419,jsc#SLE-8281). - scsi: arm64: dts: qcom: sdm845: Specify UFS device-reset GPIO (bsc#1156419,jsc#SLE-8281). - scsi: ufs-qcom: Implement device_reset vops (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Introduce vops for resetting device (bsc#1156419,jsc#SLE-8281). - scsi: sd: Improve unaligned completion resid message (bsc#1156419,jsc#SLE-8281). - scsi: fnic: fix msix interrupt allocation (bsc#1156419,jsc#SLE-8281). - scsi: fnic: print port speed only at driver init or speed (bsc#1156419,jsc#SLE-8281). - commit fdbb6dd - scsi: core: fix dh and multipathing for SCSI hosts without request batching (bsc#1156419,jsc#SLE-8281). - scsi: core: fix missing .cleanup_rq for SCSI hosts without request batching (bsc#1156419,jsc#SLE-8281). - commit add131d - scsi: ufs: remove set but not used variable 'val' (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: remove set but not used variable 'irq_value' (bsc#1156419,jsc#SLE-8281). - scsi: ufs: fix broken hba->outstanding_tasks (bsc#1156419,jsc#SLE-8281). - scsi: fcoe: remove redundant call to skb_transport_header (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Disable local LCC in .link_startup_notify() in Cadence UFS (bsc#1156419,jsc#SLE-8281). - scsi: bfa: remove redundant assignment to variable error (bsc#1156419,jsc#SLE-8281). - scsi: ufs-qcom: Make structure ufs_hba_qcom_vops constant (bsc#1156419,jsc#SLE-8281). - scsi: fnic: remove redundant assignment of variable rc (bsc#1156419,jsc#SLE-8281). - scsi: use __u{8,16,32,64} instead of uint{8,16,32,64}_t in uapi headers (bsc#1156419,jsc#SLE-8281). - scsi: esas2r: Prefer pcie_capability_read_word() (bsc#1156419,jsc#SLE-8281). - scsi: sym53c8xx_2: remove redundant assignment to retv (bsc#1156419,jsc#SLE-8281). - scsi: pmcraid: Fix a typo - pcmraid --> pmcraid (bsc#1156419,jsc#SLE-8281). - commit 6f40ae3 - Update config files: disable CONFIG_DEV_DAX_PMEM_COMPAT (jsc#SLE-10690) - commit 56d1ae7 - scsi: lpfc: Update lpfc version to 12.6.0.2 (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: revise nvme max queues to be hdwq count (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Initialize cpu_map for not present cpus (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix inlining of lpfc_sli4_cleanup_poll_list() (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix: Coverity: lpfc_get_scsi_buf_s3(): Null (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix lpfc_cpumask_of_node_init() (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix a kernel warning triggered by (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.6.0.1 (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Add enablement of multiple adapter dumps (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Change default IRQ model on AMD architectures (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Add registration for CPU Offline/Online events (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Clarify FAWNN error message (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Sync with FC-NVMe-2 SLER change to require Conf (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix dynamic fw log enablement check (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix unexpected error messages during RSCN (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix configuration of BB credit recovery in (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix duplicate unreg_rpi error in port offline (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Make lpfc_debugfs_ras_log_data static (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix NULL check before mempool_destroy is not (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix spelling error in MAGIC_NUMER_xxx (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix build error of lpfc_debugfs.c for (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: lpfc_nvmet: Fix Use plain integer as NULL pointer (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: lpfc_attr: Fix Use plain integer as NULL pointer (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.6.0.0 (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Add additional discovery log messages (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Add FC-AL support to lpe32000 models (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Add FA-WWN Async Event reporting (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Add log macros to allow print by serverity or (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Make FW logging dynamically configurable (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Revise interrupt coalescing for missing scenarios (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Remove lock contention target write path (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Slight fast-path performance optimizations (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix coverity error of dereference after null (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix hardlockup in lpfc_abort_handler (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix bad ndlp ptr in xri aborted handling (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix lockdep errors in sli_ringtx_put (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: Fix reporting of read-only fw error errors (bsc#1156632,jsc#SLE-8654). - scsi: lpfc: fix lpfc_nvmet_mrq to be bound by hdw queue count (bsc#1156632,jsc#SLE-8654). - scsi: megaraid_sas: remove unused variables 'debugBlk','fusion' (bsc#1156632,jsc#SLE-10720). - scsi: megaraid_sas: Unique names for MSI-X vectors (bsc#1156632,jsc#SLE-10720). - scsi: smartpqi: bump version to 1.2.10-025 (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: Align driver syntax with oob (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: remove unused manifest constants (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: fix problem with unique ID for physical (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: correct syntax issue (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: change TMF timeout from 60 to 30 seconds (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: fix LUN reset when fw bkgnd thread is hung (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add inquiry timeouts (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: fix call trace in device discovery (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: fix controller lockup observed during force (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: remove set but not used variable 'ctrl_info' (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: clean up indentation of a statement (bsc#1156632,jsc#SLE-8633). - scsi: mpt3sas: Bump mpt3sas driver version to 32.100.00.00 (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Fix module parameter max_msix_vectors (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Use Component img header to get Package ver (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Fail release cmnd if diag buffer is released (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Add app owned flag support for diag buffer (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Reuse diag buffer allocated at load time (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: clear release bit when buffer reregistered (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Maintain owner of buffer through UniqueID (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Free diag buffer without any status check (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Fix clear pending bit in ioctl status (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Display message before releasing diag buffer (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Register trace buffer based on NVDATA settings (bsc#1156632,jsc#SLE-10717). - scsi: bnx2fc: Handle scope bits when array returns BUSY or (jsc#SLE-9696). - scsi: bnx2fc: remove set but not used variables (jsc#SLE-9696). - scsi: bnx2fc: remove set but not used variable 'fh' (jsc#SLE-9696). - scsi: smartpqi: bump version to 1.2.8-026 (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: update copyright (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add new pci ids (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: correct REGNEWD return status (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add gigabyte controller (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: correct hang when deleting 32 lds (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add bay identifier (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add sysfs entries (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add module param to hide vsep (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add pci ids for fiberhome controller (bsc#1156632,jsc#SLE-8633). - scsi: smartpqi: add module param for exposure order (bsc#1156632,jsc#SLE-8633). - scsi: mpt3sas: Introduce module parameter to override queue depth (bsc#1156632,jsc#SLE-10717). - scsi: csiostor: Prefer pcie_capability_read_word() (jsc#SLE-9687). - scsi: megaraid_sas: Introduce module parameter for default queue depth (bsc#1156632,jsc#SLE-10720). - scsi: mpt3sas: Update driver version to 31.100.00.00 (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Run SAS DEVICE STATUS CHANGE EVENT from ISR (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Reduce the performance drop (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Handle fault during HBA initialization (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Add sysfs to know supported features (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Support MEMORY MOVE Tool box command (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Allow ioctls to blocked access status NVMe (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Enumerate SES of a managed PCIe switch (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Update MPI headers to 2.6.8 spec (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Gracefully handle online firmware update (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: memset request frame before reusing (bsc#1156632,jsc#SLE-10717). - scsi: mpt3sas: Add support for PCIe Lane margin (bsc#1156632,jsc#SLE-10717). - scsi: pm80xx: remove redundant assignments to variable rc (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Consolidate internal abort calls in LU reset operation (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: replace "%p" with "%pK" (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Remove some unnecessary code (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Modify return type of debugfs functions (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Drop free_irq() when devm_request_irq() failed (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Drop SMP resp frame DMA mapping (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Drop kmap_atomic() in SMP command completion (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Make slot buf minimum allocation of PAGE_SIZE (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Don't bother clearing status buffer IU in task prep (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Fix out of bound at debug_I_T_nexus_reset() (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Snapshot AXI and RAS register at debugfs (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Snapshot HW cache of IOST and ITCT at debugfs (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Fix pointer usage error in show debugfs IOST/ITCT (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Drop hisi_sas_hw.get_free_slot (bsc#1156419,jsc#SLE-8281). - scsi: hisi_sas: Make max IPTT count equal for all hw revisions (bsc#1156419,jsc#SLE-8281). - scsi: ncr53c8xx: Mark expected switch fall-through (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Configure clock in .hce_enable_notify() in Cadence UFS (bsc#1156419,jsc#SLE-8281). - scsi: core: Complain if scsi_target_block() fails (bsc#1156419,jsc#SLE-8281). - scsi: core: Make scsi_internal_device_unblock_nowait() reject invalid new_state (bsc#1156419,jsc#SLE-8281). - scsi: ufs: revamp string descriptor reading (bsc#1156419,jsc#SLE-8281). - scsi: wd33c93: Mark expected switch fall-through (bsc#1156419,jsc#SLE-8281). - scsi: sun3_scsi: Mark expected switch fall-throughs (bsc#1156419,jsc#SLE-8281). - scsi: qlogicpti: Mark expected switch fall-throughs (bsc#1156419,jsc#SLE-8281). - scsi: ibmvfc: Mark expected switch fall-throughs (bsc#1156419,jsc#SLE-8281). - scsi: megaraid_sas: Fix a compilation warning (bsc#1156419,jsc#SLE-8281). - scsi: megaraid_sas: Make a bunch of functions static (bsc#1156419,jsc#SLE-8281). - scsi: mpt3sas: support target smid for [abort|query] task (bsc#1156419,jsc#SLE-8281). - scsi: ibmvscsi_tgt: Mark expected switch fall-throughs (bsc#1156419,jsc#SLE-8281). - scsi: mpt3sas: clean up a couple sizeof() uses (bsc#1156419,jsc#SLE-8281). - scsi: scsi_debugfs: Use for_each_set_bit to simplify code (bsc#1156419,jsc#SLE-8281). - scsi: fdomain_isa: use CFG1_IRQ_MASK (bsc#1156419,jsc#SLE-8281). - scsi: fdomain: use BSTAT_{MSG|CMD|IO} in fdomain_work() (bsc#1156419,jsc#SLE-8281). - scsi: fdomain: use BCTL_RST in fdomain_reset() (bsc#1156419,jsc#SLE-8281). - scsi: aic94xx: Remove unnecessary null check (bsc#1156419,jsc#SLE-8281). - scsi: ufs: change msleep to usleep_range (bsc#1156419,jsc#SLE-8281). - scsi: virtio_scsi: implement request batching (bsc#1156419,jsc#SLE-8281). - scsi: core: add support for request batching (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Add history of fatal events (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Do not reset error history during host reset (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Add fatal and auto-hibern8 error history (bsc#1156419,jsc#SLE-8281). - scsi: ufs: Change names related to error history (bsc#1156419,jsc#SLE-8281). - commit 9419833 - powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041). - commit 4c13792 - arm64: Enable CONFIG_IR_GPIO_CIR (boo#1156748) - commit f832bd8 - Refresh patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch. Add upstream metadata. - commit eb3a775 - powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107). - commit f4d03f9 - powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700 ltc#182459). - powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (bsc#1156700 ltc#182459). - commit ce23e84 - series.conf: cleanup Move queued patches into "almost mainline" section. - commit b0c29ce ++++ Mesa: - u_call-shmget-with-permission-0600-instead-of-0777.patch * CVE-2019-5068 (bsc#1156015) - Update to version 19.2.4 * This is an emergency release, to fix a critical bug found in the 19.2.3 release which causes incomplete rendering on all mesa drivers. This release contains a single patch to fix that bug. ++++ libvirt: - libxl: Fix lock manager lock ordering 2552752f-libxl-fix-lock-manager-lock-ordering.patch bsc#1145774 ------------------------------------------------------------------ ------------------ 2019-11-13 - Nov 13 2019 ------------------- ------------------------------------------------------------------ ++++ glibc: - GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch ++++ kernel-default: - arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space (jsc#SLE-10259). - arm64: Fake the IminLine size on systems affected by Neoverse-N1 [#1542419] (jsc#SLE-10259). - arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 (jsc#SLE-10259). Update arm64 configs (eneable ARM64_ERRATUM_1542419). - commit ecac0a4 - scsi: qla2xxx: don't use zero for FC4_PRIORITY_NVME (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: initialize fc4_type_priority (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix a dma_pool_free() call (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove an include directive (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Update driver version to 10.01.00.21-k (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix device connect issues in P2P configuration (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix memory leak when sending I/O fails (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix double scsi_done for abort path (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix driver unload hang (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix SRB leak on switch command timeout (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Do command completion on abort timeout (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit e0be784 - Refresh series.conf - commit 043b271 - config: disable TSX by default The reasons for leaving TSX enabled by default in SLE15-SP2 do not apply to openSUSE so let's use the safer default as we do in Tumbleweed. - commit 07d6fe1 - hv_netvsc: Fix error handling in netvsc_set_features() (fate#323887). - commit 2074f53 - config: leave TSX enabled by default This is to preserve the behaviour of previous SLE versions. Users who wnat to disable TSX can use "tsx=off" on command line. - commit f1407d4 - Update patch references for i915 security fixes (CVE-2019-0154 bsc#1135966 CVE-2019-0155 bsc#1135967) - commit 697e88e - Linux 5.3.11 (bnc#1151927 5.3.11). - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bnc#1151927 5.3.11). - Documentation: Add ITLB_MULTIHIT documentation (bnc#1151927 5.3.11). - kvm: x86: mmu: Recovery of shattered NX large pages (bnc#1151927 5.3.11). - kvm: Add helper function for creating VM worker threads (bnc#1151927 5.3.11). - kvm: mmu: ITLB_MULTIHIT mitigation (bnc#1151927 5.3.11). - cpu/speculation: Uninline and export CPU mitigations helpers (bnc#1151927 5.3.11). - x86/cpu: Add Tremont to the cpu vulnerability whitelist (bnc#1151927 5.3.11). - x86/bugs: Add ITLB_MULTIHIT bug infrastructure (bnc#1151927 5.3.11). - x86/tsx: Add config options to set tsx=on|off|auto (bnc#1151927 5.3.11). - Update config files. Set CONFIG_X86_INTEL_TSX_MODE_OFF=y (the default). - x86/speculation/taa: Add documentation for TSX Async Abort (bnc#1151927 5.3.11). - x86/tsx: Add "auto" option to the tsx= cmdline parameter (bnc#1151927 5.3.11). - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (bnc#1151927 5.3.11). - x86/speculation/taa: Add sysfs reporting for TSX Async Abort (bnc#1151927 5.3.11). - x86/speculation/taa: Add mitigation for TSX Async Abort (bnc#1151927 5.3.11). - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default (bnc#1151927 5.3.11). - x86/cpu: Add a helper function x86_read_arch_cap_msr() (bnc#1151927 5.3.11). - x86/msr: Add the IA32_TSX_CTRL MSR (bnc#1151927 5.3.11). - drm/i915/cmdparser: Fix jump whitelist clearing (bnc#1151927 5.3.11). - drm/i915/gen8+: Add RC6 CTX corruption WA (bnc#1151927 5.3.11). - drm/i915: Lower RM timeout to avoid DSI hard hangs (bnc#1151927 5.3.11). - drm/i915/cmdparser: Ignore Length operands during command matching (bnc#1151927 5.3.11). - drm/i915/cmdparser: Add support for backward jumps (bnc#1151927 5.3.11). - drm/i915/cmdparser: Use explicit goto for error paths (bnc#1151927 5.3.11). - drm/i915: Add gen9 BCS cmdparsing (bnc#1151927 5.3.11). - drm/i915: Allow parsing of unsized batches (bnc#1151927 5.3.11). - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bnc#1151927 5.3.11). - drm/i915: Add support for mandatory cmdparsing (bnc#1151927 5.3.11). - drm/i915: Remove Master tables from cmdparser (bnc#1151927 5.3.11). - drm/i915: Disable Secure Batches for gen6+ (bnc#1151927 5.3.11). - drm/i915: Rename gen7 cmdparser tables (bnc#1151927 5.3.11). - ARM: dts: stm32: change joystick pinctrl definition on stm32mp157c-ev1 (bnc#1151927 5.3.11). - ARM: sunxi: Fix CPU powerdown on A83T (bnc#1151927 5.3.11). - ARM: dts: imx6-logicpd: Re-enable SNVS power key (bnc#1151927 5.3.11). - iio: srf04: fix wrong limitation in distance measuring (bnc#1151927 5.3.11). - intel_th: pci: Add Jasper Lake PCH support (bnc#1151927 5.3.11). - intel_th: pci: Add Comet Lake PCH support (bnc#1151927 5.3.11). - x86/dumpstack/64: Don't evaluate exception stacks before setup (bnc#1151927 5.3.11). - x86/apic/32: Avoid bogus LDR warnings (bnc#1151927 5.3.11). - timekeeping/vsyscall: Update VDSO data unconditionally (bnc#1151927 5.3.11). - perf tools: Fix time sorting (bnc#1151927 5.3.11). - SMB3: Fix persistent handles reconnect (bnc#1151927 5.3.11). - btrfs: save i_size to avoid double evaluation of i_size_read in compress_file_range (bnc#1151927 5.3.11). - btrfs: tree-checker: Fix wrong check on max devid (bnc#1151927 5.3.11). - btrfs: Consider system chunk array size for new SYSTEM chunks (bnc#1151927 5.3.11). - qede: fix NULL pointer deref in __qede_remove() (bnc#1151927 5.3.11). - net: fix data-race in neigh_event_send() (bnc#1151927 5.3.11). - vsock/virtio: fix sock refcnt holding during the shutdown (bnc#1151927 5.3.11). - net: ethernet: octeon_mgmt: Account for second possible VLAN header (bnc#1151927 5.3.11). - ipv4: Fix table id reference in fib_sync_down_addr (bnc#1151927 5.3.11). - ipv6: fixes rt6_probe() and fib6_nh->last_probe init (bnc#1151927 5.3.11). - net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bnc#1151927 5.3.11). - net: usb: qmi_wwan: add support for DW5821e with eSIM support (bnc#1151927 5.3.11). - CDC-NCM: handle incomplete transfer of MTU (bnc#1151927 5.3.11). - NFC: st21nfca: fix double free (bnc#1151927 5.3.11). - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets (bnc#1151927 5.3.11). - netfilter: ipset: Fix an error code in ip_set_sockfn_get() (bnc#1151927 5.3.11). - netfilter: nf_tables: Align nft_expr private data to 64-bit (bnc#1151927 5.3.11). - net/smc: fix ethernet interface refcounting (bnc#1151927 5.3.11). - selftests/tls: add test for concurrent recv and send (bnc#1151927 5.3.11). - net/tls: add a TX lock (bnc#1151927 5.3.11). - net/tls: don't pay attention to sk_write_pending when pushing partial records (bnc#1151927 5.3.11). - net: mscc: ocelot: fix NULL pointer on LAG slave removal (bnc#1151927 5.3.11). - net: mscc: ocelot: don't handle netdev events for other netdevs (bnc#1151927 5.3.11). - NFC: fdp: fix incorrect free object (bnc#1151927 5.3.11). - net: prevent load/store tearing on sk->sk_stamp (bnc#1151927 5.3.11). - net: qualcomm: rmnet: Fix potential UAF when unregistering (bnc#1151927 5.3.11). - net/tls: fix sk_msg trim on fallback to copy mode (bnc#1151927 5.3.11). - net: sched: prevent duplicate flower rules from tcf_proto destroy race (bnc#1151927 5.3.11). - bonding: fix state transition issue in link monitoring (bnc#1151927 5.3.11). - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead (bnc#1151927 5.3.11). - blkcg: make blkcg_print_stat() print stats only for online blkgs (bnc#1151927 5.3.11). - ceph: don't allow copy_file_range when stripe_count != 1 (bnc#1151927 5.3.11). - ceph: don't try to handle hashed dentries in non-O_CREAT atomic_open (bnc#1151927 5.3.11). - ceph: add missing check in d_revalidate snapdir handling (bnc#1151927 5.3.11). - ceph: fix RCU case handling in ceph_d_revalidate() (bnc#1151927 5.3.11). - ceph: fix use-after-free in __ceph_remove_cap() (bnc#1151927 5.3.11). - arm64: Do not mask out PTE_RDONLY in pte_same() (bnc#1151927 5.3.11). - cpufreq: intel_pstate: Fix invalid EPB setting (bnc#1151927 5.3.11). - drm/radeon: fix si_enable_smc_cac() failed issue (bnc#1151927 5.3.11). - clk: imx8m: Use SYS_PLL1_800M as intermediate parent of CLK_ARM (bnc#1151927 5.3.11). - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges (bnc#1151927 5.3.11). - mm: slab: make page_cgroup_ino() to recognize non-compound slab pages properly (bnc#1151927 5.3.11). - dump_stack: avoid the livelock of the dump_lock (bnc#1151927 5.3.11). - mm/khugepaged: fix might_sleep() warn with CONFIG_HIGHPTE=y (bnc#1151927 5.3.11). - mm, vmstat: hide /proc/pagetypeinfo from normal users (bnc#1151927 5.3.11). - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (bnc#1151927 5.3.11). - mm: thp: handle page cache THP correctly in PageTransCompoundMap (bnc#1151927 5.3.11). - mm: memcontrol: fix NULL-ptr deref in percpu stats flush (bnc#1151927 5.3.11). - clone3: validate stack arguments (bnc#1151927 5.3.11). - tools: gpio: Use !building_out_of_srctree to determine srctree (bnc#1151927 5.3.11). - usbip: Fix free of unallocated memory in vhci tx (bnc#1151927 5.3.11). - usbip: tools: Fix read_usb_vudc_device() error path handling (bnc#1151927 5.3.11). - USB: ldusb: use unsigned size format specifiers (bnc#1151927 5.3.11). - USB: Skip endpoints with 0 maxpacket length (bnc#1151927 5.3.11). - usb: dwc3: remove the call trace of USBx_GFLADJ (bnc#1151927 5.3.11). - usb: gadget: configfs: fix concurrent issue between composite APIs (bnc#1151927 5.3.11). - usb: gadget: composite: Fix possible double free memory bug (bnc#1151927 5.3.11). - usb: fsl: Check memory resource before releasing it (bnc#1151927 5.3.11). - scsi: sd: define variable dif as unsigned int instead of bool (bnc#1151927 5.3.11). - scsi: lpfc: Honor module parameter lpfc_use_adisc (bnc#1151927 5.3.11). - scsi: ufs-bsg: Wake the device before sending raw upiu commands (bnc#1151927 5.3.11). - powerpc/32s: fix allow/prevent_user_access() when crossing segment boundaries (bnc#1151927 5.3.11). - gve: Fixes DMA synchronization (bnc#1151927 5.3.11). - iwlwifi: pcie: 0x2720 is qu and 0x30DC is not (bnc#1151927 5.3.11). - iwlwifi: pcie: fix all 9460 entries for qnj (bnc#1151927 5.3.11). - iwlwifi: pcie: fix PCI ID 0x2720 configs that should be soc (bnc#1151927 5.3.11). - net: ethernet: arc: add the missed clk_disable_unprepare (bnc#1151927 5.3.11). - hv_netvsc: Fix error handling in netvsc_attach() (bnc#1151927 5.3.11). - net: mscc: ocelot: refuse to overwrite the port's native vlan (bnc#1151927 5.3.11). - net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link is up (bnc#1151927 5.3.11). - selftests/bpf: More compatible nc options in test_tc_edt (bnc#1151927 5.3.11). - net: phy: smsc: LAN8740: add PHY_RST_AFTER_CLK_EN flag (bnc#1151927 5.3.11). - net: stmmac: Fix the problem of tso_xmit (bnc#1151927 5.3.11). - NFSv4: Don't allow a cached open with a revoked delegation (bnc#1151927 5.3.11). - nvme-multipath: fix possible io hang after ctrl reconnect (bnc#1151927 5.3.11). - sched/topology: Allow sched_asym_cpucapacity to be disabled (bnc#1151927 5.3.11). - sched/topology: Don't try to build empty sched domains (bnc#1151927 5.3.11). - perf/x86/uncore: Fix event group support (bnc#1151927 5.3.11). - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) (bnc#1151927 5.3.11). - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity (bnc#1151927 5.3.11). - x86, efi: Never relocate kernel below lowest acceptable address (bnc#1151927 5.3.11). - efi: libstub/arm: Account for firmware reserved memory at the base of RAM (bnc#1151927 5.3.11). - arm64: apply ARM64_ERRATUM_843419 workaround for Brahma-B53 core (bnc#1151927 5.3.11). - arm64: Brahma-B53 is SSB and spectre v2 safe (bnc#1151927 5.3.11). - arm64: apply ARM64_ERRATUM_845719 workaround for Brahma-B53 core (bnc#1151927 5.3.11). - arm64: cpufeature: Enable Qualcomm Falkor errata 1009 for Kryo (bnc#1151927 5.3.11). - dc.c:use kzalloc without test (bnc#1151927 5.3.11). - drm/amd/display: Passive DP->HDMI dongle detection fix (bnc#1151927 5.3.11). - drm/amd/display: add 50us buffer as WA for pstate switch in active (bnc#1151927 5.3.11). - drm/amd/display: do not synchronize "drr" displays (bnc#1151927 5.3.11). - drm/amdgpu: If amdgpu_ib_schedule fails return back the error (bnc#1151927 5.3.11). - drm/sched: Set error to s_fence if HW job submission failed (bnc#1151927 5.3.11). - drm/amdgpu/sdma5: do not execute 0-sized IBs (v2) (bnc#1151927 5.3.11). - dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config (bnc#1151927 5.3.11). - dmaengine: xilinx_dma: Fix 64-bit simple AXIDMA transfer (bnc#1151927 5.3.11). - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bnc#1151927 5.3.11). - ARC:: Enable on-board SPI NOR flash IC (bnc#1151927 5.3.11). - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() (bnc#1151927 5.3.11). - HID: google: add magnemite/masterball USB ids (bnc#1151927 5.3.11). - arm64: errata: Update stale comment (bnc#1151927 5.3.11). - soundwire: bus: set initial value to port_status (bnc#1151927 5.3.11). - configfs: fix a deadlock in configfs_symlink() (bnc#1151927 5.3.11). - usbip: Implement SG support to vhci-hcd and stub driver (bnc#1151927 5.3.11). - perf map: Use zalloc for map_groups (bnc#1151927 5.3.11). - commit 8a2e23a - mm, meminit: recalculate pcpu batch and high limits after init completes (bnc#1155628). Update to upstream version (and update metadata). - commit 8d03909 - Update patches.suse/ALSA-bebob-fix-to-detect-configured-source-of-sampli.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-hda-ca0132-Fix-possible-workqueue-stall.patch (bsc#1155836 bnc#1151927 5.3.11). - Update patches.suse/ALSA-timer-Fix-incorrectly-assigned-timer-instance.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-Clean-up-check_input_term.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-Fix-copy-paste-error-in-the-validator.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-Fix-possible-NULL-dereference-at-crea.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-More-validations-of-descriptor-units.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-Remove-superfluous-bLength-checks.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-Simplify-parse_audio_unit.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-Unify-the-release-of-usb_mixer_elem_i.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ALSA-usb-audio-remove-some-dead-code.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ASoC-SOF-Intel-hda-stream-fix-the-CONFIG_-prefix-mis.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ASoC-rsnd-dma-fix-SSI9-4-5-6-7-busif-dma-address.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/HID-wacom-generic-Treat-serial-number-and-related-fi.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/IB-core-Use-rdma_read_gid_l2_fields-to-compare-GID-L.patch (jsc#SLE-8449 bnc#1151927 5.3.11). - Update patches.suse/RDMA-hns-Prevent-memory-leaks-of-eq-buf_list.patch (jsc#SLE-8449 bnc#1151927 5.3.11). - Update patches.suse/RDMA-iw_cxgb4-Avoid-freeing-skb-twice-in-arp-failure.patch (jsc#SLE-8392 bnc#1151927 5.3.11). - Update patches.suse/RDMA-mlx5-Clear-old-rate-limit-when-closing-QP.patch (jsc#SLE-8446 bnc#1151927 5.3.11). - Update patches.suse/RDMA-nldev-Skip-counter-if-port-doesn-t-match.patch (jsc#SLE-8449 bnc#1151927 5.3.11). - Update patches.suse/RDMA-qedr-Fix-reported-firmware-version.patch (jsc#SLE-8215 bnc#1151927 5.3.11). - Update patches.suse/RDMA-siw-free-siw_base_qp-in-kref-release-routine.patch (jsc#SLE-8381 bnc#1151927 5.3.11). - Update patches.suse/RDMA-uverbs-Prevent-potential-underflow.patch (jsc#SLE-8449 bnc#1151927 5.3.11). - Update patches.suse/SUNRPC-Destroy-the-back-channel-when-we-destroy-the-.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/SUNRPC-The-RDMA-back-channel-mustn-t-disappear-while.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/SUNRPC-The-TCP-back-channel-mustn-t-disappear-while-.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/bonding-fix-unexpected-IFF_BONDING-bit-unset.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/bonding-fix-using-uninitialized-mode_lock.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/bonding-use-dynamic-lockdep-key-instead-of-subclass.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/bpf-Fix-use-after-free-in-bpf_get_prog_name.patch (bsc#1155518 bnc#1151927 5.3.11). - Update patches.suse/bpf-Fix-use-after-free-in-subprog-s-jited-symbol-rem.patch (bsc#1155518 bnc#1151927 5.3.11). - Update patches.suse/bpf-lwtunnel-Fix-reroute-supplying-invalid-dst.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/can-c_can-c_can_poll-only-read-status-register-after.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-dev-add-missing-of_node_put-after-calling-of_get.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-flexcan-disable-completely-the-ECC-mechanism.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-gs_usb-gs_can_open-prevent-memory-leak.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-mcba_usb-fix-use-after-free-on-disconnect.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-peak_usb-fix-a-potential-out-of-sync-while-decod.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-peak_usb-fix-slab-info-leak.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-rx-offload-can_rx_offload_queue_sorted-fix-error.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/can-usb_8dev-fix-use-after-free-on-disconnect.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/dmaengine-sprd-Fix-the-link-list-pointer-register-co.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/dmaengine-sprd-Fix-the-possible-memory-leak-issue.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/drm-v3d-Fix-memory-leak-in-v3d_submit_cl_ioctl.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/e1000-fix-memory-leaks.patch (jsc#SLE-8100 bnc#1151927 5.3.11). - Update patches.suse/efi-tpm-Return-EINVAL-when-determining-tpm-final-eve.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/fjes-Handle-workqueue-allocation-failure.patch (CVE-2019-16231,bsc#1150466 bnc#1151927 5.3.11). - Update patches.suse/hwmon-ina3221-Fix-read-timeout-issue.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/igb-Fix-constant-media-auto-sense-switching-when-no-.patch (jsc#SLE-7967 jsc#SLE-8010 bnc#1151927 5.3.11). - Update patches.suse/iio-adc-stm32-adc-fix-stopping-dma.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/iio-imu-adis16480-make-sure-provided-frequency-is-po.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/iio-imu-inv_mpu6050-fix-no-data-on-MPU6050.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/intel_th-gth-Fix-the-window-switching-sequence.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/ipvs-don-t-ignore-errors-in-case-refcounting-ip_vs-m.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/ipvs-move-old_secure_tcp-into-struct-netns_ipvs.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/iw_cxgb4-fix-ECN-check-on-the-passive-accept.patch (jsc#SLE-8392 bnc#1151927 5.3.11). - Update patches.suse/kvm-x86-powerpc-do-not-allow-clearing-largepages-debugfs-entry (bsc#1117665 bnc#1151927 5.3.11). - Update patches.suse/macsec-fix-refcnt-leak-in-module-exit-routine.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/mm-filemap.c-don-t-initiate-writeback-if-mapping-has-no-dirty-pages.patch (bnc#1155780 (VM/FS functional and performance backports) bnc#1151927 5.3.11). - Update patches.suse/mm-meminit-Recalculate-pcpu-batch-and-high-limits-after-init-completes.patch (bnc#1155628 bnc#1151927 5.3.11). - Update patches.suse/mt76-dma-fix-buffer-unmap-with-non-linear-skbs.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/net-hisilicon-Fix-Trying-to-free-already-free-IRQ.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/net-ibmvnic-unlock-rtnl_lock-in-reset-so-linkwatch_e.patch (bsc#1152457 ltc#174432 bnc#1151927 5.3.11). - Update patches.suse/net-mlx5-fix-memory-leak-in-mlx5_fw_fatal_reporter_d.patch (jsc#SLE-8464 bnc#1151927 5.3.11). - Update patches.suse/net-mlx5-prevent-memory-leak-in-mlx5_fpga_conn_creat.patch (jsc#SLE-8464 bnc#1151927 5.3.11). - Update patches.suse/net-mlx5e-TX-Fix-consumer-index-of-error-cqe-dump.patch (jsc#SLE-8464 bnc#1151927 5.3.11). - Update patches.suse/net-mlx5e-Tx-Fix-assumption-of-single-WQEBB-of-NOP-i.patch (jsc#SLE-8464 bnc#1151927 5.3.11). - Update patches.suse/net-mlx5e-kTLS-Release-reference-on-DUMPed-fragments.patch (jsc#SLE-8464 bnc#1151927 5.3.11). - Update patches.suse/net-openvswitch-free-vport-unless-register_netdevice.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/netfilter-nf_flow_table-set-timeout-before-insertion.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/netfilter-nft_payload-fix-missing-check-for-matching.patch (bsc#1154353 bnc#1151927 5.3.11). - Update patches.suse/nfc-netlink-fix-double-device-reference-drop.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/pinctrl-cherryview-Fix-irq_valid_mask-calculation.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/pinctrl-intel-Avoid-potential-glitches-if-pin-is-in-.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/r8169-fix-page-read-in-r8168g_mdio_read.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/scsi-lpfc-Check-queue-pointer-before-use.patch (bsc#1154242 bnc#1151927 5.3.11). - Update patches.suse/scsi-qla2xxx-Initialized-mailbox-to-prevent-driver-l.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.11). - Update patches.suse/scsi-qla2xxx-fixup-incorrect-usage-of-host_byte.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.11). - Update patches.suse/scsi-qla2xxx-stop-timer-in-shutdown-path.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.11). - Update patches.suse/soundwire-depend-on-ACPI-OF.patch (bsc#1148868 bnc#1151927 5.3.11). - Update patches.suse/soundwire-depend-on-ACPI.patch (bsc#1148868 bnc#1151927 5.3.11). - Update patches.suse/usb-dwc3-gadget-fix-race-when-disabling-ep-with-canc.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/usb-dwc3-pci-prevent-memory-leak-in-dwc3_pci_probe.patch (git-fixes, CVE-2019-18813, bsc#1156278 bnc#1151927 5.3.11). - Update patches.suse/usb-dwc3-select-CONFIG_REGMAP_MMIO.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/usb-gadget-udc-atmel-Fix-interrupt-storm-in-FIFO-mod.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/virt_wifi-fix-refcnt-leak-in-module-exit-routine.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/wimax-i2400-Fix-memory-leak-in-i2400m_op_rfkill_sw_t.patch (git-fixes bnc#1151927 5.3.11). - Update patches.suse/xsk-Fix-registration-of-Rx-only-sockets.patch (bsc#1154353 bnc#1151927 5.3.11). - commit 334001e - Linux 5.3.10 (bnc#1151927 5.3.10). - selftests: net: reuseport_dualstack: fix uninitalized parameter (bnc#1151927 5.3.10). - rxrpc: Fix handling of last subpacket of jumbo packet (bnc#1151927 5.3.10). - net/mlx5: Fix flow counter list auto bits struct (bnc#1151927 5.3.10). - net/smc: fix refcounting for non-blocking connect() (bnc#1151927 5.3.10). - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() (bnc#1151927 5.3.10). - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (bnc#1151927 5.3.10). - selftests: fib_tests: add more tests for metric update (bnc#1151927 5.3.10). - net/smc: keep vlan_id for SMC-R in smc_listen_work() (bnc#1151927 5.3.10). - net/smc: fix closing of fallback SMC sockets (bnc#1151927 5.3.10). - perf kmem: Fix memory leak in compact_gfp_flags() (bnc#1151927 5.3.10). - perf c2c: Fix memory leak in build_cl_output() (bnc#1151927 5.3.10). - perf tools: Fix resource leak of closedir() on the error paths (bnc#1151927 5.3.10). - irqchip/sifive-plic: Skip contexts except supervisor in plic_init() (bnc#1151927 5.3.10). - irqchip/gic-v3-its: Use the exact ITSList for VMOVP (bnc#1151927 5.3.10). - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bnc#1151927 5.3.10). - CIFS: Fix retry mid list corruption on reconnects (bnc#1151927 5.3.10). - MIPS: bmips: mark exception vectors as char arrays (bnc#1151927 5.3.10). - nbd: handle racing with error'ed out commands (bnc#1151927 5.3.10). - nbd: protect cmd->status with cmd->lock (bnc#1151927 5.3.10). - scsi: hpsa: add missing hunks in reset-patch (bnc#1151927 5.3.10). - scsi: target: core: Do not overwrite CDB byte 1 (bnc#1151927 5.3.10). - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE (bnc#1151927 5.3.10). - scsi: sni_53c710: fix compilation error (bnc#1151927 5.3.10). - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions (bnc#1151927 5.3.10). - arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay (bnc#1151927 5.3.10). - arm64: dts: allwinner: a64: Drop PMU node (bnc#1151927 5.3.10). - arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay (bnc#1151927 5.3.10). - ARM: dts: bcm2837-rpi-cm3: Avoid leds-gpio probing issue (bnc#1151927 5.3.10). - ARM: davinci: dm365: Fix McBSP dma_slave_map entry (bnc#1151927 5.3.10). - arm64: dts: rockchip: Fix usb-c on Hugsun X99 TV Box (bnc#1151927 5.3.10). - arm64: dts: rockchip: fix RockPro64 sdmmc settings (bnc#1151927 5.3.10). - arm64: dts: rockchip: fix RockPro64 sdhci settings (bnc#1151927 5.3.10). - arm64: dts: rockchip: fix RockPro64 vdd-log regulator settings (bnc#1151927 5.3.10). - arm64: dts: rockchip: fix Rockpro64 RK808 interrupt line (bnc#1151927 5.3.10). - arm64: dts: imx8mm: Use correct clock for usdhc's ipg clk (bnc#1151927 5.3.10). - arm64: dts: imx8mq: Use correct clock for usdhc's ipg clk (bnc#1151927 5.3.10). - ARM: dts: imx7s: Correct GPT's ipg clock source (bnc#1151927 5.3.10). - ARM: dts: vf610-zii-scu4-aib: Specify 'i2c-mux-idle-disconnect' (bnc#1151927 5.3.10). - ARM: dts: imx6q-logicpd: Re-Enable SNVS power key (bnc#1151927 5.3.10). - arm64: dts: lx2160a: Correct CPU core idle state name (bnc#1151927 5.3.10). - arm64: dts: zii-ultra: fix ARM regulator states (bnc#1151927 5.3.10). - ARM: dts: Use level interrupt for omap4 & 5 wlcore (bnc#1151927 5.3.10). - ARM: dts: am3874-iceboard: Fix 'i2c-mux-idle-disconnect' usage (bnc#1151927 5.3.10). - ARM: dts: logicpd-torpedo-som: Remove twl_keypad (bnc#1151927 5.3.10). - arm64: dts: Fix gpio to pinmux mapping (bnc#1151927 5.3.10). - selftests: kvm: fix sync_regs_test with newer gccs (bnc#1151927 5.3.10). - selftests: kvm: vmx_set_nested_state_test: don't check for VMX support twice (bnc#1151927 5.3.10). - of: unittest: fix memory leak in unittest_data_add (bnc#1151927 5.3.10). - tracing: Fix "gfp_t" format for synthetic events (bnc#1151927 5.3.10). - ARM: 8926/1: v7m: remove register save to stack before svc (bnc#1151927 5.3.10). - ARM: 8914/1: NOMMU: Fix exc_ret for XIP (bnc#1151927 5.3.10). - ARM: 8908/1: add __always_inline to functions called from __get_user_check() (bnc#1151927 5.3.10). - ARM: mm: fix alignment handler faults under memory pressure (bnc#1151927 5.3.10). - selftests/powerpc: Fix compile error on tlbie_test due to newer gcc (bnc#1151927 5.3.10). - selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue (bnc#1151927 5.3.10). - arm64: dts: ti: k3-am65-main: Fix gic-its node unit-address (bnc#1151927 5.3.10). - commit c4dc2d2 - Update patches.suse/8250-men-mcb-fix-error-checking-when-get_num_ports-r.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ALSA-hda-Add-Tigerlake-Jasperlake-PCI-ID.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-Intel-sof-rt5682-add-a-check-for-devm_clk_get.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-SOF-Intel-hda-Disable-DMI-L1-entry-during-captu.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-SOF-Intel-hda-fix-warnings-during-FW-load.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-SOF-Intel-initialise-and-verify-FW-crash-dump-d.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-SOF-control-return-true-when-kcontrol-values-ch.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-SOF-loader-fix-kernel-oops-on-firmware-boot-fai.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-SOF-topology-fix-parse-fail-issue-for-byte-bool.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-intel-bytcr_rt5651-add-null-check-to-support_bu.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-intel-sof_rt5682-add-remove-function-to-disable.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-msm8916-wcd-digital-add-missing-MIX2-path-for-R.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-pcm3168a-The-codec-does-not-support-S32_LE.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-rt5682-add-NULL-handler-to-set_jack-function.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-samsung-arndale-Add-missing-OF-node-dereferenci.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-simple_card_utils.h-Fix-potential-multiple-rede.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-topology-Fix-a-signedness-bug-in-soc_tplg_dapm_.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-wm8994-Do-not-register-inapplicable-controls-fo.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoC-wm_adsp-Don-t-generate-kcontrols-without-READ-f.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/ASoc-rockchip-i2s-Fix-RPM-imbalance.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/cxgb4-fix-panic-when-attaching-to-ULD-fail.patch (jsc#SLE-8389 bnc#1151927 5.3.10). - Update patches.suse/cxgb4-request-the-TX-CIDX-updates-to-status-page.patch (jsc#SLE-8389 bnc#1151927 5.3.10). - Update patches.suse/dccp-do-not-leak-jiffies-on-the-wire.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/drm-amdgpu-fix-error-handling-in-amdgpu_bo_list_crea.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/drm-amdgpu-fix-potential-VM-faults.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/drm-komeda-Don-t-flush-inactive-pipes.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/erspan-fix-the-tun_info-options_len-check-for-erspan.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/i2c-aspeed-fix-master-pending-state-handling.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/i2c-mt65xx-fix-NULL-ptr-dereference.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/i2c-stm32f7-fix-a-race-in-slave-mode-with-arbitratio.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/i2c-stm32f7-fix-first-byte-to-send-in-slave-mode.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/i2c-stm32f7-remove-warning-when-compiling-with-W-1.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/inet-stop-leaking-jiffies-on-the-wire.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/ipv4-fix-IPSKB_FRAG_PMTU-handling-with-fragmentation.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/ipv4-fix-route-update-on-metric-change.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/keys-Fix-memory-leak-in-copy_net_ns.patch (bsc#1154353 git-fixes bnc#1151927 5.3.10). - Update patches.suse/mlxsw-core-Unpublish-devlink-parameters-during-reloa.patch (bsc#1154488 bnc#1151927 5.3.10). - Update patches.suse/net-Zeroing-the-structure-ethtool_wolinfo-in-ethtool.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-add-READ_ONCE-annotation-in-__skb_wait_for_more_.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-add-skb_queue_empty_lockless.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-annotate-accesses-to-sk-sk_incoming_cpu.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-annotate-lockless-accesses-to-sk-sk_napi_id.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-bcmgenet-don-t-set-phydev-link-from-MAC.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-bcmgenet-reset-40nm-EPHY-on-energy-detect.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-dsa-b53-Do-not-clear-existing-mirrored-port-mask.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-dsa-bcm_sf2-Fix-IMP-setup-for-port-different-tha.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-dsa-fix-switch-tree-list.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-ensure-correct-skb-tstamp-in-various-fragmenters.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-fix-sk_page_frag-recursion-from-memory-reclaim.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-flow_dissector-switch-to-siphash.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-hisilicon-Fix-ping-latency-when-deal-with-high-t.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-hns3-fix-mis-counting-IRQ-vector-numbers-issue.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-mlx4_core-Dynamically-set-guaranteed-amount-of-c.patch (jsc#SLE-8460 bnc#1151927 5.3.10). - Update patches.suse/net-mlx5-Fix-rtable-reference-leak.patch (jsc#SLE-8464 bnc#1151927 5.3.10). - Update patches.suse/net-mlx5e-Determine-source-port-properly-for-vlan-pu.patch (jsc#SLE-8464 bnc#1151927 5.3.10). - Update patches.suse/net-mlx5e-Fix-ethtool-self-test-link-speed.patch (jsc#SLE-8464 bnc#1151927 5.3.10). - Update patches.suse/net-mlx5e-Fix-handling-of-compressed-CQEs-in-case-of.patch (jsc#SLE-8464 bnc#1151927 5.3.10). - Update patches.suse/net-mlx5e-Initialize-on-stack-link-modes-bitmap.patch (jsc#SLE-8464 bnc#1151927 5.3.10). - Update patches.suse/net-mlx5e-Remove-incorrect-match-criteria-assignment.patch (jsc#SLE-8464 bnc#1151927 5.3.10). - Update patches.suse/net-netem-correct-the-parent-s-backlog-when-corrupte.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-netem-fix-error-path-for-corrupted-GSO-frames.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-phy-bcm7xxx-define-soft_reset-for-40nm-EPHY.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-phylink-Fix-phylink_dbg-macro.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-reorder-struct-net-fields-to-avoid-false-sharing.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-rtnetlink-fix-a-typo-fbd-fdb.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-usb-lan78xx-Connect-PHY-before-registering-MAC.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/net-use-skb_queue_empty_lockless-in-busy-poll-contex.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/net-use-skb_queue_empty_lockless-in-poll-handlers.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/netns-fix-GFP-flags-in-rtnl_net_notifyid.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/pinctrl-intel-Allocate-IRQ-chip-dynamic.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/pinctrl-ns2-Fix-off-by-one-bugs-in-ns2_pinmux_enable.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/pinctrl-stmfx-fix-null-pointer-on-remove.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/platform-x86-pmc_atom-Add-Siemens-SIMATIC-IPC227E-to.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/r8152-add-device-id-for-Lenovo-ThinkPad-USB-C-Dock-G.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/r8169-fix-wrong-PHY-ID-issue-with-RTL8168dp.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/regulator-da9062-fix-suspend_enable-disable-preparat.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/regulator-of-fix-suspend-min-max-voltage-parsing.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/regulator-pfuze100-regulator-Variable-val-in-pfuze10.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/regulator-ti-abb-Fix-timeout-in-ti_abb_wait_txdone-t.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/scsi-qla2xxx-fix-a-potential-NULL-pointer-dereferenc.patch (bsc#1150457 CVE-2019-16233 bnc#1151927 5.3.10). - Update patches.suse/udp-fix-data-race-in-udp_set_dev_scratch.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/udp-use-skb_queue_empty_lockless.patch (bsc#1154353 bnc#1151927 5.3.10). - Update patches.suse/usb-gadget-udc-core-Fix-segfault-if-udc_bind_to_driv.patch (git-fixes bnc#1151927 5.3.10). - Update patches.suse/vxlan-check-tun_info-options_len-properly.patch (bsc#1154353 bnc#1151927 5.3.10). - commit db35794 - refresh config files - commit 18453ef - series.conf: cleanup - move submitted and accepted patch into "almost mainline" section - commit 8e9e103 ++++ Mesa: - Update _contraints, Mesa-drivers needs 7GB of disk to build safely. ++++ libjpeg-turbo: - security update [bsc#1156402] - modified patches % libjpeg-turbo-CVE-2019-2201.patch (use upstream one) ++++ libselinux: - Added Use-Python-distutils-to-install-SELinux.patch to use Python's distutils instead of building and installing python bindings manually ++++ nvme-cli: - Update nvme-cli to upstream version 1.9 (jsc#SLE-8339) * Tag release: v1.9 * Regen docs * nvme: UUIDs for Vendor-Specific Information * nvme: add Persistent Memory Region (PMR) registers * get-lba-status: add Get LBA Status command * Added openSUSE Leap to README.md * id-ctrl: add 1.4 features to OAES * Update packaging state in Arch Linux * Fix code block style in the first section * nvme-cli: nvmf auto-connect scripts * nvme-cli: add --quiet option * nvme-cli: Expand --device argument processing * nvme-cli: Add routine to search for controller with specific attributes * nvme-cli: Add routine to compare ctrl_list_item to connect args * nvme-cli: extend ctrl_list_item for connect attributes * nvme-cli: Refactor to create a get_nvme_ctrl_info routine * nvme-cli: allow discover to address discovery controller by persistent name * nvme-cli: support persistent connections to a discovery controller * nvme-cli: ignore arguments that pass in "none" * nvme-print: show new CMBLOC bit fields added in NVMe 1.4 * nvme: add support for Namespace Granularity * nvme: sanitize enhancements * nvme-cli: Update manpages to reflect discovery particulars * nvme-cli: mask out invalid options during discovery * nvme-cli: do not use 'queue_size' and 'nr_io_queues' for discovery controller * nvme: Enhanced Command Retry * id-ctrl: add an indicator for get lba status capability * nvme: change format default namespace id * lnvm: introduce alias geometry for id-ns for lnvm * lnvm: introduce chunk-log command for chunk info * lnvm: make data_len to sizeof() instead of magic number * nvme-vendor: fix c99 declarations in vendor plugins * [NVMe-CLI] Add support for larger data sizes needed to get DUI data. * [Log] Memblaze add more log infomation for S.M.A.R.T. * nvme: add Verify command * doc: add extension plugins' command format * doc: make description not only for PCIe * lnvm: cast identity structure to (void *) directly * lnvm: do not print 0 when the arg is not given * lnvm: remove redundant whitespace in lnvm_init() * nvme: clean up goto labels without whitespace * format: check BLKRRPART failure * [NVMe-CLI] Add support for SN730 to WDC plugin commmands * Add verbose capability to get DUI function to improve debug * nvme-print: Show value for Transport SGL Data Block Descriptor support * [NVMe-CLI] WDC: Add support for 64 bit data addresses in Get DUI Data functions * nvme-cli: Fix more endianness issues * nvme-cli: Restore RHEL 7 compatibility * nvme-cli: Restore support for older gcc versions * nvme-print: add JSON for NVMe 1.4 NPWG, NPWA, NPDG, NPDA and NOWS fields * fabrics: Return errno mapped for fabrics error status * fabrics: return error when discovery retry exhausted * nvme: Return errno mapped for nvme error status * nvme-status: Introduce nvme status module to map errno * nvme: Return negative error value for internal errors * fabrics: Do not return in the middle of the subcommand * nvme: Do not return in the middle of the subcommand * nvme-cli: Report the NVMe 1.4 NPWG, NPWA, NPDG, NPDA and NOWS fields * Introduce NVMe 1.4 Identify Namespace fields in struct nvme_id_ns * nvme-cli: Skip properties that are not supported * nvme-cli: Rework the code for getting and setting NVMf properties * Avoid using arrays with a variable length * wdc: Fix endianness bugs * virtium: Fix an endianness issue * lightnvm: Fix an endianness issue * virtium: Declare local symbols static * seagate: Declare local functions static * huawei: Declare local functions static * Use NULL instead of 0 where a pointer is expected * Remove superfluous casts * NVMe-Cli Shannon Plugin-add support for shannon systems. * nvme: fix coding style issue * nvme-print: fix json object memory leak * fabrics: Fix memory leak of subsys list * nvme: update description for "nvme list" command * nvme: update list-ns nsid option * nvme-print: add pretty print for estimated sanitize time * add namespace to json output of nvme list * add free call for json object for commands show-regs * add newline for command show-regs * nvme-cli: remove unnecessary initialize of local var * nvme-cli: don't try to disconnect for ctrl with pcie transport * Fix sprintf truncate * Spin documentation * doc: fixup 3rd party man page * fix json print for list-subsys command * Add Virtium plugin extension document * Add Virtium plugin extension * nvme.h: Fix typos in status code values * nvme-cli: remove unused NVME_AER_NOTICE_* * nvme-cli: add kernel-doc comment for struct telemetry_log_page_hdr * respin documentation * Add a note to format on device naming conventions * remove non-portable compile-time check * nvme-cli: use uniform if .. else format * nvme-cli: use uniform if .. else format * nvme-cli: use uniform if .. else format * nvme-cli: remove trailing space * nvme-cli: code cleanup adjust if statement * nvme-cli: cmbloc code cleanup * nvme-print: remove Virtual Management support from ONCS * nvme-cli: cleanup comments for telemetry log structure * nvme-print: update self-test log to include 'aborted due to sanitize' * DOC: Move to DocBook 5 when using asciidoctor * nvme-cli: add missing endianness conversions for telemetry log page * property: Fit print size for a property * property: Remove unnecessary wrapper function * property: Introduce inline function to check 64bit reg * Add Disable IO flag to wdc_dump_dui_data function * list-ctrl: Do not return directly without freeing fd * create-ns: Do not return directly without freeing fd * format: Do not return directly without freeing fd * Reorder primary commands * nvme-cli: add identify secondary controller list * spec, make: Add discovery.conf to the package files list * spec, Makefile: add /etc/nvme files to package files * sanitize: Print nvme status in case ret > 0 * get-telemtry-log: Print nvme status in case err > 0 * print: Add const to return type of string * print: Introduce show_nvme_status to print nvme status * nvme: fix minor type in id-ctrl human readable output * ioctl: Fix wrong return case of get_property * ioctl: Fix double-free in a loop of get_property * nvme-cli: Increase size of ONTAP namespace path variable * Fix passing CFLAGS on the make command line. * Regen docs * nvme-cli: fix typo, removing the duplicate 'are' * Revert "plugin: Return EINVAL instead of ENOTTY" * Use 0x prefix for all hex values of id-ctrl output * plugin: Return EINVAL instead of ENOTTY * Fix Failure to read 0xCA Log Page on SN200 Device [NVMe-CLI] Fix Incorrect Data Formats with the 0xCA and 0xD0 Log Pages * nvme: Close a fd leaked * Release for new stable fixes * nvme-cli: Revert stop-on-failure with connect-all * Fix NSID for command effects log * Fix output size for error log raw binary dump * Release version 1.8 * Regen documentation * nvme-cli: add netapp ontapdevices man page * nvme-cli: add netapp ontapdevices command * tests: Update print to print() for python3 * nvme: Simplify virt-mgmt options to lowercase * nvme: Simplify description for virt-mgmt * nvme: Unify min(), max() macro as a common one * nvme: Use ARRAY_SIZE() macro in common.h * ioctl: Free memory if get_property for fabrics failed * doc: Update show-regs document with output-format * nvme: Support raw_binary and json format for show-regs * Print timestamp as a date and time string * Fix format block size usage * Fix possible memory leak on get-internal-log * doc: Add missing commands to main document entry * doc: Update nvme-disconnect by describing options * doc: Update nvme-connect-all by describing options * doc: Update nvme-connect by describing options * doc: Update nvme-discover by describing options * fabrics: Return negative errno to check remove_ctrl() is failed * fabrics: Return negative errno when asprintf() fails * Fix possible NULL pointer dereferences * Add reporting of Virtual Management support to id-ctrl * WDC Plugins vs-internal-log command unsupported on SN340. * wdc: Additional device capabilities check * WDC plugin Change vs-internal-log Command to Save Partial E6 Log Data. * nvme: print I/O error to stderr * Add FreeBSD installation instructions * Sort operating systems alphabetically * Fix markdown indentation issues * nvme-print: Fix evaluation of ctratt on pretty print * wdc: Add data area extraction for DUI command * Generate new documentation * wdc: Add command to extract NAND statistics * NVMe-CLI WDC Plugin - add support for additional SN840 device ID. * nvme-cli: align all the macros * wdc: Update file parameter checking * wdc: Update device capabilities for clear pcie corr * nvme-cli: fix fc trtype string * Add new docs to repository * Regen documentation * wdc: Add drive resize command * wdc: Add clear assert dump status command * wdc: Add get drive status command * wdc: Add device unit info log extraction * nvme-cli: minor cleanup for submit_io() * Fix print format specifiers * Regen docs * nvme-cli: fix compilation with uint64_t cast * Adding a helper to format command to enable the user to specify desired block size and have nvme-cli determine the correct LBAF and add format helper to nvme-create-ns command * Fix CFLAGS parameter * Fix compilation with GCC-8 * generate new documentation * wdc: Add additional device for vs-internal-log * wdc: Change device capability checking - Drop patches merged with upstream: * 0001-nvme-cli-Increase-size-of-ONTAP-namespace-path-varia.patch * 0002-nvme-cli-fix-typo-removing-the-duplicate-are.patch * 0003-nvme-vendor-fix-c99-declarations-in-vendor-plugins.patch * 0100-nvme_fc-add-auto-connect-scripts.patch ++++ python-PyYAML: - Update in SLE-15 (bsc#1140565) ------------------------------------------------------------------ ------------------ 2019-11-12 - Nov 12 2019 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - export correct p11kit trust attributes so Firefox detects built in certificates (boo#1154871). Courtesy of Fedora. ++++ kdump: - add kdump-savedump-search-also-for-vmlinux.xz.patch (bnc#1155921) ++++ kernel-default: - Btrfs: fix log context list corruption after rename exchange operation (bsc#1156494). - commit 73bdb1d - Linux 5.3.9 (bnc#1151927 5.3.9). - Revert "nvme: allow 64-bit results in passthru commands" (bnc#1151927 5.3.9). - scsi: target: cxgbit: Fix cxgbit_fw4_ack() (bnc#1151927 5.3.9). - s390/idle: fix cpu idle time calculation (bnc#1151927 5.3.9). - s390/unwind: fix mixing regs and sp (bnc#1151927 5.3.9). - s390/cmm: fix information leak in cmm_timeout_handler() (bnc#1151927 5.3.9). - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() (bnc#1151927 5.3.9). - io_uring: ensure we clear io_kiocb->result before each issue (bnc#1151927 5.3.9). - um-ubd: Entrust re-queue to the upper layers (bnc#1151927 5.3.9). - arm64: cpufeature: Enable Qualcomm Falkor/Kryo errata 1003 (bnc#1151927 5.3.9). - arm64: Ensure VM_WRITE|VM_SHARED ptes are clean by default (bnc#1151927 5.3.9). - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bnc#1151927 5.3.9). - drm/amdgpu: Fix SDMA hang when performing VKexample test (bnc#1151927 5.3.9). - iommu/vt-d: Fix panic after kexec -p for kdump (bnc#1151927 5.3.9). - fuse: truncate pending writes on O_TRUNC (bnc#1151927 5.3.9). - fuse: flush dirty data/metadata before non-truncate setattr (bnc#1151927 5.3.9). - ARC: perf: Accommodate big-endian CPU (bnc#1151927 5.3.9). - perf/aux: Fix tracking of auxiliary trace buffer allocation (bnc#1151927 5.3.9). - perf annotate: Fix multiple memory and file descriptor leaks (bnc#1151927 5.3.9). - net: usb: sr9800: fix uninitialized local variable (bnc#1151927 5.3.9). - io_uring: fix up O_NONBLOCK handling for sockets (bnc#1151927 5.3.9). - dm snapshot: rework COW throttling to fix deadlock (bnc#1151927 5.3.9). - dm snapshot: introduce account_start_copy() and account_end_copy() (bnc#1151927 5.3.9). - serial/sifive: select SERIAL_EARLYCON (bnc#1151927 5.3.9). - perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp (bnc#1151927 5.3.9). - perf/core: Fix corner case in perf_rotate_context() (bnc#1151927 5.3.9). - perf/core: Rework memory accounting in perf_mmap() (bnc#1151927 5.3.9). - perf annotate: Don't return -1 for error when doing BPF disassembly (bnc#1151927 5.3.9). - perf annotate: Return appropriate error code for allocation failures (bnc#1151927 5.3.9). - perf annotate: Fix arch specific ->init() failure errors (bnc#1151927 5.3.9). - perf annotate: Propagate the symbol__annotate() error return (bnc#1151927 5.3.9). - perf annotate: Fix the signedness of failure returns (bnc#1151927 5.3.9). - perf annotate: Propagate perf_env__arch() error (bnc#1151927 5.3.9). - perf tools: Propagate get_cpuid() error (bnc#1151927 5.3.9). - perf jevents: Fix period for Intel fixed counters (bnc#1151927 5.3.9). - perf script brstackinsn: Fix recovery from LBR/binary mismatch (bnc#1151927 5.3.9). - perf map: Fix overlapped map handling (bnc#1151927 5.3.9). - perf tests: Avoid raising SEGV using an obvious NULL dereference (bnc#1151927 5.3.9). - libsubcmd: Make _FORTIFY_SOURCE defines dependent on the feature (bnc#1151927 5.3.9). - efi/x86: Do not clean dummy variable in kexec path (bnc#1151927 5.3.9). - efi/cper: Fix endianness of PCIe class code (bnc#1151927 5.3.9). - riscv: Correct the handling of unexpected ebreak in do_trap_break() (bnc#1151927 5.3.9). - riscv: avoid sending a SIGTRAP to a user thread trapped in WARN() (bnc#1151927 5.3.9). - riscv: avoid kernel hangs when trapped in BUG() (bnc#1151927 5.3.9). - MIPS: fw: sni: Fix out of bounds init of o32 stack (bnc#1151927 5.3.9). - MIPS: include: Mark __xchg as __always_inline (bnc#1151927 5.3.9). - MIPS: include: Mark __cmpxchg as __always_inline (bnc#1151927 5.3.9). - x86/xen: Return from panic notifier (bnc#1151927 5.3.9). - s390/uaccess: avoid (false positive) compiler warnings (bnc#1151927 5.3.9). - s390/cio: fix virtio-ccw DMA without PV (bnc#1151927 5.3.9). - NFSv4: Fix leak of clp->cl_acceptor string (bnc#1151927 5.3.9). - nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request (bnc#1151927 5.3.9). - fs: cifs: mute -Wunused-const-variable message (bnc#1151927 5.3.9). - nbd: fix possible sysfs duplicate warning (bnc#1151927 5.3.9). - btrfs: silence maybe-uninitialized warning in clone_range (bnc#1151927 5.3.9). - arm64: armv8_deprecated: Checking return value for memory allocation (bnc#1151927 5.3.9). - arm64: vdso32: Don't use KBUILD_CPPFLAGS unconditionally (bnc#1151927 5.3.9). - arm64: Default to building compat vDSO with clang when CONFIG_CC_IS_CLANG (bnc#1151927 5.3.9). - arm64: vdso32: Detect binutils support for dmb ishld (bnc#1151927 5.3.9). - arm64: vdso32: Fix broken compat vDSO build warnings (bnc#1151927 5.3.9). - arm64: ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 #1542419 (bnc#1151927 5.3.9). - arm64: Fix incorrect irqflag restore for priority masking for compat (bnc#1151927 5.3.9). - arm64: cpufeature: Effectively expose FRINT capability to userspace (bnc#1151927 5.3.9). - selftests/kselftest/runner.sh: Add 45 second timeout per test (bnc#1151927 5.3.9). - kselftest: exclude failed TARGETS from runlist (bnc#1151927 5.3.9). - fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc() (bnc#1151927 5.3.9). - fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry() (bnc#1151927 5.3.9). - ocfs2: clear zero in unaligned direct IO (bnc#1151927 5.3.9). - Btrfs: fix inode cache block reserve leak on failure to allocate data space (bnc#1151927 5.3.9). - Refresh patches.suse/0001-btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - s390/pci: fix MSI message data (bnc#1151927 5.3.9). - arm64: dts: qcom: Add Asus NovaGo TP370QL (bnc#1151927 5.3.9). - arm64: dts: qcom: Add HP Envy x2 (bnc#1151927 5.3.9). - arm64: dts: qcom: Add Lenovo Miix 630 (bnc#1151927 5.3.9). - commit 613af05 - Update patches.suse/0001-btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch (bsc#1155179 bnc#1151927 5.3.9). - Update patches.suse/0001-thunderbolt-Correct-path-indices-for-PCIe-tunnel.patch (jsc#SLE-8714 bnc#1151927 5.3.9). - Update patches.suse/0001-thunderbolt-Use-32-bit-writes-when-writing-ring-prod.patch (jsc#SLE-8714 bnc#1151927 5.3.9). - Update patches.suse/ALSA-bebob-Fix-prototype-of-helper-function-to-retur.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ALSA-hda-realtek-Add-support-for-ALC623.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ALSA-hda-realtek-Fix-2-front-mics-of-codec-0x623.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ALSA-timer-Fix-mutex-deadlock-at-releasing-card.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ALSA-usb-audio-Add-DSD-support-for-Gustard-U16-X26-U.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ALSA-usb-audio-DSD-auto-detection-for-Playback-Desig.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ALSA-usb-audio-Update-DSD-support-quirks-for-Oppo-an.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/HID-Fix-assumption-that-devices-have-inputs.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/HID-fix-error-message-in-hid_open_report.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/HID-i2c-hid-add-Trekstor-Primebook-C11B-to-descripto.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/HID-logitech-hidpp-do-all-FF-cleanup-in-hidpp_ff_des.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/HID-logitech-hidpp-rework-device-validation.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/HID-logitech-hidpp-split-g920_get_config.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/IB-hfi1-Avoid-excessive-retry-for-TID-RDMA-READ-requ.patch (jsc#SLE-8449 bnc#1151927 5.3.9). - Update patches.suse/NFC-pn533-fix-use-after-free-and-memleaks.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/RDMA-cm-Fix-memory-leak-in-cm_add-remove_one.patch (jsc#SLE-8449 bnc#1151927 5.3.9). - Update patches.suse/RDMA-core-Fix-an-error-handling-path-in-res_get_comm.patch (jsc#SLE-8449 bnc#1151927 5.3.9). - Update patches.suse/RDMA-hfi1-Prevent-memory-leak-in-sdma_init.patch (jsc#SLE-8449 bnc#1151927 5.3.9). - Update patches.suse/RDMA-iw_cxgb4-fix-SRQ-access-from-dump_qp.patch (jsc#SLE-8392 bnc#1151927 5.3.9). - Update patches.suse/RDMA-iwcm-Fix-a-lock-inversion-issue.patch (jsc#SLE-8449 bnc#1151927 5.3.9). - Update patches.suse/RDMA-mlx5-Add-missing-synchronize_srcu-for-MW-cases.patch (jsc#SLE-8446 bnc#1151927 5.3.9). - Update patches.suse/RDMA-mlx5-Do-not-allow-rereg-of-a-ODP-MR.patch (jsc#SLE-8446 bnc#1151927 5.3.9). - Update patches.suse/RDMA-mlx5-Order-num_pending_prefetch-properly-with-s.patch (jsc#SLE-8446 bnc#1151927 5.3.9). - Update patches.suse/RDMA-mlx5-Use-irq-xarray-locking-for-mkey_table.patch (jsc#SLE-8446 bnc#1151927 5.3.9). - Update patches.suse/RDMA-nldev-Reshuffle-the-code-to-avoid-need-to-rebin.patch (jsc#SLE-8449 bnc#1151927 5.3.9). - Update patches.suse/RDMA-siw-Fix-serialization-issue-in-write_space.patch (jsc#SLE-8381 bnc#1151927 5.3.9). - Update patches.suse/Revert-ALSA-hda-Flush-interrupts-on-disabling.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/SUNRPC-fix-race-to-sk_err-after-xs_error_report.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/UAS-Revert-commit-3ae62a42090f-UAS-fix-alignment-of-.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/USB-gadget-Reject-endpoints-with-0-maxpacket-value.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/USB-ldusb-fix-control-message-timeout.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/USB-ldusb-fix-ring-buffer-locking.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/USB-legousbtower-fix-a-signedness-bug-in-tower_probe.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/USB-serial-whiteheat-fix-line-speed-endianness.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/USB-serial-whiteheat-fix-potential-slab-corruption.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/ath10k-fix-latency-issue-for-QCA988x.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/batman-adv-Avoid-free-alloc-race-when-handling-OGM-b.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/bonding-fix-potential-NULL-deref-in-bond_update_slav.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/dmaengine-cppi41-Fix-cppi41_dma_prep_slave_sg-when-i.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/dmaengine-imx-sdma-fix-size-check-for-sdma-script_nu.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/dmaengine-qcom-bam_dma-Fix-resource-leak.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/dmaengine-tegra210-adma-fix-transfer-failure.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/drm-amdgpu-fix-memory-leak.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/drm-amdgpu-gfx10-update-gfx-golden-settings.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/drm-amdgpu-gmc10-properly-set-BANK_SELECT-and-FRAGME.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/drm-amdgpu-powerplay-vega10-allow-undervolting-in-p7.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/drm-i915-Fix-PCH-reference-clock-for-FDI-on-HSW-BDW.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/gpio-max77620-Use-correct-unit-for-debounce-times.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/iio-adc-meson_saradc-Fix-memory-allocation-order.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/iio-fix-center-temperature-of-bmc150-accel-core.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/iio-imu-adis16400-fix-memory-leak.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/iio-imu-adis16400-release-allocated-memory-on-failur.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/iio-imu-st_lsm6dsx-fix-waitime-for-st_lsm6dsx-i2c-co.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/iwlwifi-exclude-GEO-SAR-support-for-3168.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/llc-fix-sk_buff-leak-in-llc_conn_service.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/llc-fix-sk_buff-leak-in-llc_sap_state_process.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/misc-fastrpc-prevent-memory-leak-in-fastrpc_dma_buf_.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/msft-hv-1953-HID-hyperv-Use-in-place-iterator-API-in-the-channel-.patch (fate#323887 bnc#1151927 5.3.9). - Update patches.suse/nbd-verify-socket-is-supported-during-setup.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/net-ath6kl-Fix-a-NULL-ptr-deref-bug.patch (CVE-2019-15098,bsc#1146378,CVE-2019-15290,bsc#1146543 bnc#1151927 5.3.9). - Update patches.suse/net-sched-sch_sfb-don-t-call-qdisc_put-while-holding.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/netfilter-conntrack-avoid-possible-false-sharing.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/nl80211-fix-validation-of-mesh-path-nexthop.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/powerpc-powernv-Fix-CPU-idle-to-be-called-with-IRQs-.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/rtlwifi-Fix-potential-overflow-on-P2P-code.patch (bsc#1154372 CVE-2019-17666 bnc#1151927 5.3.9). - Update patches.suse/rtlwifi-rtl_pci-Fix-problem-of-too-small-skb-len.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/rtw88-Fix-misuse-of-GENMASK-macro.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/rxrpc-Fix-call-ref-leak.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/rxrpc-Fix-trace-after-put-looking-at-the-put-peer-re.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/rxrpc-rxrpc_peer-needs-to-hold-a-ref-on-the-rxrpc_lo.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/sch_netem-fix-rcu-splat-in-netem_enqueue.patch (bsc#1154353 bnc#1151927 5.3.9). - Update patches.suse/sched-fair-Fix-Wunused-but-set-variable-warnings.patch (bnc#1155798 (CPU scheduler functional and performance backports) bnc#1151927 5.3.9). - Update patches.suse/sched-fair-Fix-low-cpu-usage-with-high-throttling-by-removing-expiration-of-cpu-local-slices.patch (bnc#1155798 (CPU scheduler functional and performance backports) bnc#1151927 5.3.9). - Update patches.suse/sched-fair-Scale-bandwidth-quota-and-period-without-losing-quota-period-ratio-precision.patch (git fixes (sched) bnc#1151927 5.3.9). - Update patches.suse/sched-vtime-Fix-guest-system-mis-accounting-on-task-switch.patch (git fixes (cputime accounting) bnc#1151927 5.3.9). - Update patches.suse/scsi-qla2xxx-Fix-partial-flash-write-of-MBI.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.9). - Update patches.suse/serial-8250_omap-Fix-gpio-check-for-auto-RTS-CTS.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/serial-mctrl_gpio-Check-for-NULL-pointer.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/staging-rtl8188eu-fix-null-dereference-when-kzalloc-.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/tracing-Initialize-iter-seq-after-zeroing-in-tracing.patch (bsc#1151508 bnc#1151927 5.3.9). - Update patches.suse/tty-n_hdlc-fix-build-on-SPARC.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/tty-serial-owl-Fix-the-link-time-qualifier-of-owl_ua.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/tty-serial-rda-Fix-the-link-time-qualifier-of-rda_ua.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/usb-storage-Revert-commit-747668dbc061-usb-storage-S.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/usb-xhci-fix-Immediate-Data-Transfer-endianness.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/usb-xhci-fix-__le32-__le64-accessors-in-debugfs-code.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/virt-vbox-fix-memory-leak-in-hgcm_call_preprocess_li.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/virtio_ring-fix-stalls-for-packed-rings.patch (git-fixes bnc#1151927 5.3.9). - Update patches.suse/x86-cpu-add-comet-lake-to-the-intel-cpu-models-header.patch (jsc#SLE-7935 bnc#1151927 5.3.9). - Update patches.suse/xhci-Fix-use-after-free-regression-in-xhci-clear-hub.patch (git-fixes bnc#1151927 5.3.9). - commit d0f752b - nvme: Move ctrl sqsize to generic space (bsc#1156419,jsc#SLE-8281). - nvme: Add ctrl attributes for queue_count and sqsize (bsc#1156419,jsc#SLE-8281). - commit 20e4a40 - nvmet-tcp: remove superflous check on request sgl (bsc#1156419,jsc#SLE-8281). - commit 19797e4 - nvmet: change ppl to lpp (bsc#1156419,jsc#SLE-8281). - commit 00bb531 - blk-mq: apply normal plugging for HDD (bsc#1156419,jsc#SLE-8281). - commit 1007f9a - iocost: bump up default latency targets for hard disks (bsc#1156419,jsc#SLE-8281). - iocost: improve nr_lagging handling (bsc#1156419,jsc#SLE-8281). - iocost: better trace vrate changes (bsc#1156419,jsc#SLE-8281). - commit 6d144e8 - block: t10-pi: fix -Wswitch warning (bsc#1156419,jsc#SLE-8281). - block, bfq: increase update frequency of inject limit (bsc#1156419,jsc#SLE-8281). - block, bfq: reduce upper bound for inject limit to max_rq_in_driver+1 (bsc#1156419,jsc#SLE-8281). - block, bfq: update inject limit only after injection occurred (bsc#1156419,jsc#SLE-8281). - commit 11db1c7 - mmc: queue: Fix bigger segments usage (bsc#1156419,jsc#SLE-8281). - dma-mapping: fix filename references (bsc#1156419,jsc#SLE-8281). - iommu/dma: add a new dma_map_ops of get_merge_boundary() (bsc#1156419,jsc#SLE-8281). - dma-mapping: introduce dma_get_merge_boundary() (bsc#1156419,jsc#SLE-8281). - mmc: queue: use bigger segments if DMA MAP layer can merge the segments (bsc#1156419,jsc#SLE-8281). - block: add a helper function to merge the segments (bsc#1156419,jsc#SLE-8281). - commit 0574516 - nvmet: fix a wrong error status returned in error log page (bsc#1156419,jsc#SLE-8281). - nvme: send discovery log page change events to userspace (bsc#1156419,jsc#SLE-8281). - nvme: add uevent variables for controller devices (bsc#1156419,jsc#SLE-8281). - nvme: enable aen regardless of the presence of I/O queues (bsc#1156419,jsc#SLE-8281). - nvme-fabrics: allow discovery subsystems accept a kato (bsc#1156419,jsc#SLE-8281). - nvmet: Use PTR_ERR_OR_ZERO() in nvmet_init_discovery() (bsc#1156419,jsc#SLE-8281). - nvme: Remove redundant assignment of cq vector (bsc#1156419,jsc#SLE-8281). - nvme: Assign subsys instance from first ctrl (bsc#1156419,jsc#SLE-8281). - nvme: tcp: remove redundant assignment to variable ret (bsc#1156419,jsc#SLE-8281). - nvme: include admin_q sync with nvme_sync_queues (bsc#1156419,jsc#SLE-8281). - nvme: Treat discovery subsystems as unique subsystems (bsc#1156419,jsc#SLE-8281). - nvme: fix ns removal hang when failing to revalidate due to a transient error (bsc#1156419,jsc#SLE-8281). - nvme: make nvme_report_ns_ids propagate error back (bsc#1156419,jsc#SLE-8281). - nvme: make nvme_identify_ns propagate errors back (bsc#1156419,jsc#SLE-8281). - nvme: pass status to nvme_error_status (bsc#1156419,jsc#SLE-8281). - nvme-fc: Fail transport errors with NVME_SC_HOST_PATH (bsc#1156419,jsc#SLE-8281). - nvme-tcp: fail command with NVME_SC_HOST_PATH_ERROR send failed (bsc#1156419,jsc#SLE-8281). - nvme: fail cancelled commands with NVME_SC_HOST_PATH_ERROR (bsc#1156419,jsc#SLE-8281). - commit b7d6f8e - block: also check RQF_STATS in blk_mq_need_time_stamp() (bsc#1156419,jsc#SLE-8281). - commit 8e18ffe - bfq: Fix bfq linkage error (bsc#1156419,jsc#SLE-8281). - block: bypass blk_set_runtime_active for uninitialized q->dev (bsc#1156419,jsc#SLE-8281). - commit c4398cc - iocost_monitor: Report debt (bsc#1156419,jsc#SLE-8281). - iocost_monitor: Report more info with higher accuracy (bsc#1156419,jsc#SLE-8281). - iocost_monitor: Always use strings for json values (bsc#1156419,jsc#SLE-8281). - commit 5643f67 - blk-iocost: Don't let merges push vtime into the future (bsc#1156419,jsc#SLE-8281). - blk-iocost: Account force-charged overage in absolute vtime (bsc#1156419,jsc#SLE-8281). - commit 5e399b3 - bfq: Add per-device weight (bsc#1156419,jsc#SLE-8281). - bfq: Extract bfq_group_set_weight from bfq_io_set_weight_legacy (bsc#1156419,jsc#SLE-8281). - bfq: Fix the missing barrier in __bfq_entity_update_weight_prio (bsc#1156419,jsc#SLE-8281). - commit c8fb944 - series.conf: refresh - update upstream references and move: patches.suse/soundwire-depend-on-ACPI-OF.patch patches.suse/soundwire-depend-on-ACPI.patch - commit db2a325 - update upstream references - update Patch-mainline: patches.suse/mm-gup-fix-a-misnamed-write-argument-and-a-related-bug.patch patches.suse/sched-Fix-pick_next_task-vs-change-pattern-race.patch - commit f1c7235 - move patches.suse/stacktrace-Don-t-skip-first-entry-on-noncurrent-task.patch into sorted section - commit 2b73785 ++++ rdma-core: - Add libefa1 to baselibs.conf - Fix baselibs.conf ++++ libgcrypt: - CMAC AES and TDES FIPS self-tests: * CMAC AES self test missing [bsc#1155339] * CMAC TDES self test missing [bsc#1155338] - Add libgcrypt-CMAC-AES-TDES-selftest.patch ++++ libjpeg-turbo: - security update - added patches CVE-2019-2201 [bsc#1156402] + libjpeg-turbo-CVE-2019-2201.patch ++++ libsolv: - support arch<->noarch package changes when creating patch conflicts from the updateinfo data - support for SOLVER_BLACKLIST jobs that block the installation of matched packages unless they are directly selected by an SOLVER_INSTALL job - libsolv now also parses the patch status in the updateinfo parser - new solvable_matchessolvable() function - bump version to 0.7.8 ++++ systemd: - Import commit 0b715187a87907e18edf98eab9d0a50fced4a424 9dbdbc2f10 logind: fix (again) the race that might happen when logind restores VT (bsc#1101591 bsc#1140081) c848bec110 libblkid: open device in nonblock mode. (bsc#1084671) b70ad6c927 resolved: check for IP in certificate when using DoT with GnuTLS (bsc#1155539 CVE-2018-21029) bbedf3d557 resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS eb732c2e29 resolved: fix connection failures with TLS 1.3 and GnuTLS 4e45084ac5 shared/install: failing with -ELOOP can be due to the use of an alias in install_error() 2e297f0d87 shared/install: fix error codes returned by install_context_apply() dd29d70d32 man: alias names can't be used with enable command ++++ libvirt: - spec: Forcibly remove '--listen' option from LIBVIRTD_ARGS in /etc/sysconfig/libvirtd since it is incompatible with socket activation. Also add '--timeout' option for consistency with upstream. boo#1156161 ++++ read-only-root-fs: - Update to version 1.0+git20191112.42add9e: * Add RequiresMountsFor=/etc override for systemd-udevd.service ++++ u-boot-rpiarm64: - Build bootable u-boot.itb for u-boot-rock-pi-4-rk3399 ------------------------------------------------------------------ ------------------ 2019-11-11 - Nov 11 2019 ------------------- ------------------------------------------------------------------ ++++ cni-plugins: - Update to version 0.8.3: * Enhancements: * static: prioritize the input sources for IPs (#400). * tuning: send gratuitous ARP in case of MAC address update (#403). * bandwidth: use uint64 for Bandwidth value (#389). * ptp: only override DNS conf if DNS settings provided (#388). * loopback: When prevResults are not supplied to loopback plugin, create results to return (#383). * loopback support CNI CHECK and result cache (#374). * Better input validation: * vlan: add MTU validation to loadNetConf (#405). * macvlan: add MTU validation to loadNetConf (#404). * bridge: check vlan id when loading net conf (#394). * Bugfixes: * bugfix: defer after err check, or it may panic (#391). * portmap: Fix dual-stack support (#379). * firewall: don't return error in DEL if prevResult is not found (#390). * bump up libcni back to v0.7.1 (#377). * Tests: * integration: fix ip address collision in integration tests (#409). * testutils: newNS() works in a rootless user namespace (#401). * Bump Go version (#386). * Cleanup netns after test suite (#375). * Docs: * contributing doc: revise test script name to run (#396). * contributing doc: describe cnitool installation (#397). ++++ e2fsprogs: - resize2fs-Make-minimum-size-estimates-more-reliable.patch: resize2fs: Make minimum size estimates more reliable for mounted fs (bsc#1154295) ++++ growpart-generator: - Use %{_systemdgeneratordir} macro ++++ kernel-default: - arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP used by machiattobin and mark omap-rng as supported - commit 97cc63c - block: fix elevator_get_by_features() (bsc#1156419,jsc#SLE-8281). - commit 178e768 - iocost: don't nest spin_lock_irq in ioc_weight_write() (bsc#1156419,jsc#SLE-8281). - nvme-tcp: Initialize sk->sk_ll_usec only with NET_RX_BUSY_POLL (bsc#1156419,jsc#SLE-8281). - blkcg: Fix multiple bugs in blkcg_activate_policy() (bsc#1156419,jsc#SLE-8281). - block: don't release queue's sysfs lock during switching elevator (bsc#1156419,jsc#SLE-8281). - block: fix race between switching elevator and removing queues (bsc#1156419,jsc#SLE-8281). - blk-iocost: Fix incorrect operation order during iocg free (bsc#1156419,jsc#SLE-8281). - commit e443933 - sd: Set ELEVATOR_F_ZBD_SEQ_WRITE for ZBC disks (bsc#1156419,jsc#SLE-8281). - block: Set ELEVATOR_F_ZBD_SEQ_WRITE for nullblk zoned disks (bsc#1156419,jsc#SLE-8281). - block: Delay default elevator initializatio (bsc#1156419,jsc#SLE-8281). - commit 71cd228 - block: Improve default elevator selection (bsc#1156419,jsc#SLE-8281). - block: Introduce elevator features (bsc#1156419,jsc#SLE-8281). - block: Change elevator_init_mq() to always succeed (bsc#1156419,jsc#SLE-8281). - commit 2d709aa - block: Cleanup elevator_init_mq() use (bsc#1156419,jsc#SLE-8281). - commit f9e5dd5 - Documentation:kernel-per-CPU-kthreads.txt: Remove reference to elevator= (bsc#1156419,jsc#SLE-8281). - Documenation: switching-sched: Remove notes about elevator argument (bsc#1156419,jsc#SLE-8281). - block: elevator.c: Remove now unused elevator= argument (bsc#1156419,jsc#SLE-8281). - commit 4c19565 - nvme-rdma: Use rq_dma_dir macro (bsc#1156419,jsc#SLE-8281). - nvme-fc: Use rq_dma_dir macro (bsc#1156419,jsc#SLE-8281). - nvme-pci: Tidy up nvme_unmap_data (bsc#1156419,jsc#SLE-8281). - commit f389b9a - nvme: make fabrics command run on a separate request queue (bsc#1156419,jsc#SLE-8281). - Update patches.suse/nvme-rdma-Fix-max_hw_sectors-calculation.patch (bsc#1156419,jsc#SLE-8281). - commit 6ad508a - nvme-pci: Support shared tags across queues for Apple 2018 controllers (bsc#1156419,jsc#SLE-8281). - nvme-pci: Add support for Apple 2018+ models (bsc#1156419,jsc#SLE-8281). - nvme-pci: Add support for variable IO SQ element size (bsc#1156419,jsc#SLE-8281). - nvme-pci: Pass the queue to SQ_SIZE/CQ_SIZE macros (bsc#1156419,jsc#SLE-8281). - nvme: trace bio completion (bsc#1156419,jsc#SLE-8281). - commit ab59099 - nvmet-tcp: Add TOS for tcp transport (bsc#1156419,jsc#SLE-8281). - nvme-tcp: Add TOS for tcp transport (bsc#1156419,jsc#SLE-8281). - nvme-tcp: Use struct nvme_ctrl directly (bsc#1156419,jsc#SLE-8281). - nvme-rdma: Add TOS for rdma transport (bsc#1156419,jsc#SLE-8281). - nvme-fabrics: Add type of service (TOS) configuration (bsc#1156419,jsc#SLE-8281). - nvmet-tcp: fix possible memory leak (bsc#1156419,jsc#SLE-8281). - nvmet-tcp: fix possible NULL deref (bsc#1156419,jsc#SLE-8281). - nvmet: trace: parse Get LBA Status command in detail (bsc#1156419,jsc#SLE-8281). - nvme: trace: parse Get LBA Status command in detail (bsc#1156419,jsc#SLE-8281). - nvme: trace: support for Get LBA Status opcode parsed (bsc#1156419,jsc#SLE-8281). - nvme: add Get LBA Status command opcode (bsc#1156419,jsc#SLE-8281). - commit 51901f2 - nvme-tcp: support simple polling (bsc#1156419,jsc#SLE-8281). - nvme: tcp: selects CRYPTO_CRC32C for nvme-tcp (bsc#1156419,jsc#SLE-8281). - nvme: don't pass cap to nvme_disable_ctrl (bsc#1156419,jsc#SLE-8281). - nvme: move sqsize setting to the core (bsc#1156419,jsc#SLE-8281). - nvme-pci: set ctrl sqsize to the device q_depth (bsc#1156419,jsc#SLE-8281). - nvme: have nvme_init_identify set ctrl->cap (bsc#1156419,jsc#SLE-8281). - nvme-tcp: Use protocol specific operations while reading socket (bsc#1156419,jsc#SLE-8281). - nvme-tcp: cleanup nvme_tcp_recv_pdu (bsc#1156419,jsc#SLE-8281). - commit bda85fb - block: centralize PI remapping logic to the block layer (bsc#1156419,jsc#SLE-8281). - block: use symbolic constants for t10_pi type (bsc#1156419,jsc#SLE-8281). - commit e299de5 - block: elevator.c: Remove now unused elevator= argument (bsc#1156055). - commit 95954cd - blkcg: add missing NULL check in ioc_cpd_alloc() (bsc#1156419,jsc#SLE-8281). - blkcg: fix missing free on error path of blk_iocost_init() (bsc#1156419,jsc#SLE-8281). - blkcg: blk-iocost: predeclare used structs (bsc#1156419,jsc#SLE-8281). - blkcg: add tools/cgroup/iocost_coef_gen.py (bsc#1156419,jsc#SLE-8281). - blkcg: add tools/cgroup/iocost_monitor.py (bsc#1156419,jsc#SLE-8281). - blkcg: implement blk-iocost (bsc#1156419,jsc#SLE-8281). - update config files (add BLK_CGROUP_IOCOST=y, BLK_RQ_ALLOC_TIME=y) - blk-mq: add optional request->alloc_time_ns (bsc#1156419,jsc#SLE-8281). - blkcg: s/RQ_QOS_CGROUP/RQ_QOS_LATENCY/ (bsc#1156419,jsc#SLE-8281). - block/rq_qos: implement rq_qos_ops->queue_depth_changed() (bsc#1156419,jsc#SLE-8281). - block/rq_qos: add rq_qos_merge() (bsc#1156419,jsc#SLE-8281). - blkcg: separate blkcg_conf_get_disk() out of blkg_conf_prep() (bsc#1156419,jsc#SLE-8281). - blkcg: make ->cpd_init_fn() optional (bsc#1156419,jsc#SLE-8281). - blkcg: pass @q and @blkcg into blkcg_pol_alloc_pd_fn() (bsc#1156419,jsc#SLE-8281). - block: split .sysfs_lock into two locks (bsc#1156419,jsc#SLE-8281). - block: add helper for checking if queue is registered (bsc#1156419,jsc#SLE-8281). - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue (bsc#1156419,jsc#SLE-8281). - block: don't hold q->sysfs_lock in elevator_init_mq (bsc#1156419,jsc#SLE-8281). - block: Remove blk_mq_register_dev() (bsc#1156419,jsc#SLE-8281). - block: move same page handling from __bio_add_pc_page to the callers (bsc#1156419,jsc#SLE-8281). - block: create a bio_try_merge_pc_page helper (bsc#1156419,jsc#SLE-8281). - block: improve the gap check in __bio_add_pc_page (bsc#1156419,jsc#SLE-8281). - block: sed-opal: Removed duplicate OPAL_METHOD_LENGTH definition (bsc#1156419,jsc#SLE-8281). - block: sed-opal: Remove always false conditional statement (bsc#1156419,jsc#SLE-8281). - block: sed-opal: Add/remove spaces (bsc#1156419,jsc#SLE-8281). - block: remove struct request_queue queue_head (bsc#1156419,jsc#SLE-8281). - block: annotate refault stalls from IO submission (bsc#1156419,jsc#SLE-8281). - block: stop exporting bio_map_kern (bsc#1156419,jsc#SLE-8281). - lightnvm: pblk: use kvmalloc for metadata (bsc#1156419,jsc#SLE-8281). - lightnvm: move metadata mapping to lower level driver (bsc#1156419,jsc#SLE-8281). - lightnvm: remove nvm_submit_io_sync_fn (bsc#1156419,jsc#SLE-8281). - commit e17d5ba - Update patch reference for ASoC SOF fix (CVE-2019-18812, bsc#1156277) - commit 34489e1 - ASoC: SOF: Intel: hda-stream: fix the CONFIG_ prefix missing (git-fixes). - commit 0996041 - blk-mq: balance mapping between present CPUs and queues (bsc#1156419,jsc#SLE-8281). - null_blk: implement REQ_OP_ZONE_RESET_ALL (bsc#1156419,jsc#SLE-8281). - scsi: implement REQ_OP_ZONE_RESET_ALL (bsc#1156419,jsc#SLE-8281). - blk-zoned: implement REQ_OP_ZONE_RESET_ALL (bsc#1156419,jsc#SLE-8281). - block: add req op to reset all zones and flag (bsc#1156419,jsc#SLE-8281). - block: Fix a comment in blk_cleanup_queue() (bsc#1156419,jsc#SLE-8281). - block: Fix spelling in the header above blkg_lookup() (bsc#1156419,jsc#SLE-8281). - block: Improve physical block alignment of split bios (bsc#1156419,jsc#SLE-8281). - block: Simplify blk_bio_segment_split() (bsc#1156419,jsc#SLE-8281). - block: Simplify bvec_split_segs() (bsc#1156419,jsc#SLE-8281). - block: Document the bio splitting functions (bsc#1156419,jsc#SLE-8281). - block: Declare several function pointer arguments 'const' (bsc#1156419,jsc#SLE-8281). - blk-mq: remove blk_mq_complete_request_sync (bsc#1156419,jsc#SLE-8281). - nvme: wait until all completed request's complete fn is called (bsc#1156419,jsc#SLE-8281). - nvme: don't abort completed request in nvme_cancel_request (bsc#1156419,jsc#SLE-8281). - blk-mq: introduce blk_mq_tagset_wait_completed_request() (bsc#1156419,jsc#SLE-8281). - blk-mq: introduce blk_mq_request_completed() (bsc#1156419,jsc#SLE-8281). - commit 0d15be1 - soc: imx: gpc: fix initialiser format (git-fixes). - reset: fix reset_control_get_exclusive kerneldoc comment (git-fixes). - reset: fix reset_control_lookup kerneldoc comment (git-fixes). - reset: fix of_reset_control_get_count kerneldoc comment (git-fixes). - reset: fix of_reset_simple_xlate kerneldoc comment (git-fixes). - reset: Fix memory leak in reset_control_array_put() (git-fixes). - iio: adc: stm32-adc: fix stopping dma (git-fixes). - iio: imu: inv_mpu6050: fix no data on MPU6050 (git-fixes). - iio: imu: adis16480: make sure provided frequency is positive (git-fixes). - intel_th: gth: Fix the window switching sequence (git-fixes). - thunderbolt: Drop unnecessary read when writing LC command in Ice Lake (git-fixes). - thunderbolt: Fix lockdep circular locking depedency warning (git-fixes). - clocksource/drivers/mediatek: Fix error handling (git-fixes). - pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes). - pinctrl: cherryview: Fix irq_valid_mask calculation (git-fixes). - pinctrl: intel: Avoid potential glitches if pin is in GPIO mode (git-fixes). - watchdog: bd70528: Add MODULE_ALIAS to allow module auto loading (git-fixes). - watchdog: imx_sc_wdt: Pretimeout should follow SCU firmware format (git-fixes). - watchdog: meson: Fix the wrong value of left time (git-fixes). - mac80211: fix ieee80211_txq_setup_flows() failure path (git-fixes). - nfc: netlink: fix double device reference drop (git-fixes). - r8169: fix page read in r8168g_mdio_read (git-fixes). - can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max (git-fixes). - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak (git-fixes). - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (git-fixes). - can: c_can: c_can_poll(): only read status register after status IRQ (git-fixes). - can: peak_usb: fix slab info leak (git-fixes). - can: peak_usb: fix a potential out-of-sync while decoding packets (git-fixes). - can: flexcan: disable completely the ECC mechanism (git-fixes). - can: usb_8dev: fix use-after-free on disconnect (git-fixes). - can: mcba_usb: fix use-after-free on disconnect (git-fixes). - can: gs_usb: gs_can_open(): prevent memory leak (git-fixes). - can: dev: add missing of_node_put() after calling of_get_child_by_name() (git-fixes). - dccp: do not leak jiffies on the wire (git-fixes). - pwm: bcm-iproc: Prevent unloading the driver module while in use (git-fixes). - drm/amdgpu: register gpu instance before fan boost feature enablment (git-fixes). - drm/i915: Avoid HPD poll detect triggering a new detect cycle (git-fixes). - fbdev: c2p: Fix link failure on non-inlining (git-fixes). - clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume (git-fixes). - clk: samsung: exynos542x: Move G3D subsystem clocks to its sub-CMU (git-fixes). - clk: samsung: exynos5433: Fix error paths (git-fixes). - clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 (git-fixes). - clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup (git-fixes). - clk: ti: clkctrl: Fix failed to enable error with double udelay timeout (git-fixes). - clk: at91: avoid sleeping early (git-fixes). - clk: at91: sam9x60: fix programmable clock (git-fixes). - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (git-fixes). - dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle (git-fixes). - dmaengine: qcom: bam_dma: Fix resource leak (git-fixes). - dmaengine: sprd: Fix the possible memory leak issue (git-fixes). - dmaengine: imx-sdma: fix size check for sdma script_number (git-fixes). - dmaengine: tegra210-adma: fix transfer failure (git-fixes). - dmaengine: sprd: Fix the link-list pointer register configuration issue (git-fixes). - drm/amdgpu: fix error handling in amdgpu_bo_list_create (git-fixes). - drm/amdgpu: fix potential VM faults (git-fixes). - drm/komeda: Don't flush inactive pipes (git-fixes). - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized (git-fixes). - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone (git-fixes). - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails (git-fixes). - commit d6c29b6 - block: Warn if elevator= parameter is used (bsc#1156055). - commit 87814cc - sched: Fix pick_next_task() vs 'change' pattern race (git fixes (sched)). - commit 75aac31 - ASoC: SOF: topology: Fix bytes control size checks (git-fixes). - ASoC: ti: sdma-pcm: Add back the flags parameter for non standard dma names (git-fixes). - ASoC: SOF: ipc: Fix memory leak in sof_set_get_large_ctrl_data (git-fixes). - ASoC: SOF: Fix memory leak in sof_dfsentry_write (git-fixes). - ASoC: kirkwood: fix device remove ordering (git-fixes). - ASoC: rsnd: dma: fix SSI9 4/5/6/7 busif dma address (git-fixes). - ASoC: hdmi-codec: drop mutex locking again (git-fixes). - ASoC: kirkwood: fix external clock probe defer (git-fixes). - ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes). - ASoC: SOF: control: return true when kcontrol values change (git-fixes). - ASoC: Intel: sof-rt5682: add a check for devm_clk_get (git-fixes). - ASoC: msm8916-wcd-digital: add missing MIX2 path for RX1/2 (git-fixes). - ASoC: wm_adsp: Don't generate kcontrols without READ flags (git-fixes). - ASoC: intel: bytcr_rt5651: add null check to support_button_press (git-fixes). - ASoC: intel: sof_rt5682: add remove function to disable jack (git-fixes). - ASoC: rt5682: add NULL handler to set_jack function (git-fixes). - ASoC: SOF: Intel: hda: Disable DMI L1 entry during capture (git-fixes). - update config files (add SND_SOC_SOF_HDA_ALWAYS_ENABLE_DMI_L1=y on x86_64) - ASoC: SOF: Intel: initialise and verify FW crash dump data (git-fixes). - ASoC: SOF: Intel: hda: fix warnings during FW load (git-fixes). - ASoC: SOF: topology: fix parse fail issue for byte/bool tuple types (git-fixes). - ASoC: SOF: loader: fix kernel oops on firmware boot failure (git-fixes). - ASoC: wm8994: Do not register inapplicable controls for WM1811 (git-fixes). - ASoC: samsung: arndale: Add missing OF node dereferencing (git-fixes). - ASoC: pcm3168a: The codec does not support S32_LE (git-fixes). - commit 6ff8cc0 - Refresh patches.suse/stacktrace-Don-t-skip-first-entry-on-noncurrent-task.patch. Update upstream status. - commit fac489f - mm/gup: fix a misnamed "write" argument, and a related bug (git fixes (mm/gup)). - commit d17d319 - blacklist.conf: Blacklist change in THP allocation behaviour - commit e194e08 - blacklist.conf: Blacklist change in THP allocation behaviour - commit 7e51886 - powerpc/mm/mce: Keep irqs disabled during lockless page table walk (bsc#1156395). - commit 9275ddd - bpf: Change size to u64 for bpf_map_{area_alloc, charge_init}() (bsc#1155518). - commit 04b6b83 - bpf: Allow narrow loads of bpf_sysctl fields with offset > 0 (bsc#1155518). - commit 1c48ac9 ++++ kernel-firmware: - Update to version 20191108 (git commit f1100ddf581f): (bsc#1154395): * i915: Add HuC firmware v7.0.3 for TGL * i915: Add GuC firmware v35.2.0 for TGL * i915: Add HuC firmware v9.0.0 for EHL * i915: Add GuC firmware v33.0.4 for EHL * rtw88: RTL8723D: add firmware file v48 * qed: Add firmware 8.40.33.0 * amdgpu: add new navi14 wks gfx firmware for 19.30 * amdgpu: update navi14 firmware for 19.30 * amdgpu: update raven firmware for 19.30 * linux-firmware: Add firmware file for Intel Bluetooth AX201 ++++ libvirt: - Enable automatic firmware seletction and add the new smm flavor to the build-time firmware list jsc#SLE-6997 ++++ raspberrypi-firmware: - disable vc4 on RPi4 using the disable-vc4.dtbo devicetree overlay (SLE-7771) ++++ raspberrypi-firmware-config: - disable vc4 on RPi4 using the disable-vc4.dtbo devicetree overlay (SLE-7771) ++++ raspberrypi-firmware-dt: - Add disable-vc4-overlay.dts, which simply disables vc4 (SLE-7771) ------------------------------------------------------------------ ------------------ 2019-11-9 - Nov 9 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Use SPEC-file macro for systemd generator directory, since the libexec macro is changing from /usr/lib to /usr/libexec. ------------------------------------------------------------------ ------------------ 2019-11-8 - Nov 8 2019 ------------------- ------------------------------------------------------------------ ++++ growpart-generator: - Initial packaging of the standalone generator ++++ kernel-default: - Move upstreamed CA0132 patch into sorted section - commit 04d225f - ALSA: timer: Fix incorrectly assigned timer instance (git-fixes). - ALSA: hda: hdmi - add Tigerlake support (git-fixes). - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes). - commit b69261d - HID: Fix assumption that devices have inputs (git-fixes). - Refresh patches.suse/HID-logitech-hidpp-split-g920_get_config.patch. - commit 313ea5d - HID: wacom: generic: Treat serial number and related fields as unsigned (git-fixes). - USB: serial: whiteheat: fix line-speed endianness (git-fixes). - USB: gadget: Reject endpoints with 0 maxpacket value (git-fixes). - usb: xhci: fix __le32/__le64 accessors in debugfs code (git-fixes). - net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (git-fixes). - rtlwifi: rtl_pci: Fix problem of too small skb->len (git-fixes). - batman-adv: Avoid free/alloc race when handling OGM buffer (git-fixes). - net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes). - drm/amdgpu/gmc10: properly set BANK_SELECT and FRAGMENT_SIZE (git-fixes). - drm/amdgpu/powerplay/vega10: allow undervolting in p7 (git-fixes). - drm/amdgpu/gfx10: update gfx golden settings (git-fixes). - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override (git-fixes). - misc: fastrpc: prevent memory leak in fastrpc_dma_buf_attach (git-fixes). - iio: imu: adis16400: fix memory leak (git-fixes). - iio: imu: adis16400: release allocated memory on failure (git-fixes). - iio: fix center temperature of bmc150-accel-core (git-fixes). - staging: rtl8188eu: fix null dereference when kzalloc fails (git-fixes). - serial: 8250_omap: Fix gpio check for auto RTS/CTS (git-fixes). - serial: mctrl_gpio: Check for NULL pointer (git-fixes). - drm/amdgpu: fix memory leak (git-fixes). - gpio: max77620: Use correct unit for debounce times (git-fixes). - rtw88: Fix misuse of GENMASK macro (git-fixes). - commit 7396a58 - fjes: Handle workqueue allocation failure (CVE-2019-16231,bsc#1150466). - commit 026d312 - Update patch reference tag for dwc3 security fix (CVE-2019-18813, bsc#1156278) - commit 2c755c4 - series.conf: move sortable patches into sorted section - move into sorted section: patches.suse/scsi-target-compare-full-CHAP_A-Algorithm-strings.patch patches.suse/scsi-target-fix-SendTargets-All-string-compares.patch patches.suse/scsi-target-remove-unused-extension-parameters.patch patches.suse/scsi-target-iscsi-CHAP-add-support-for-SHA1-SHA256-a.patch patches.suse/scsi-target-iscsi-tie-the-challenge-length-to-the-ha.patch patches.suse/scsi-target-iscsi-rename-some-variables-to-avoid-con.patch - commit 80f0994 ++++ openssh: - Add openssh-8.1p1-seccomp-clock_nanosleep.patch, allow clock_nanosleep glibc master implements multiple functions using that syscall making the privsep sandbox kill the preauth process. ++++ qemu: - Fix %arm builds ++++ transactional-update: - Update to version 2.20 - Add the option `--continue` to extend an existing snapshot. This can be used to perform multiple operations before rebooting into the new state. [gh#openSUSE/transactional-update#16] - Make sure the dracut service to print warnings on /etc overlay conflicts also runs in the pre-made images. - Add "none" reboot method - Remove conflicting overlay artifacts in case an existing overlay directory will be reused ------------------------------------------------------------------ ------------------ 2019-11-7 - Nov 7 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.0.1+git20191106.809f44a: * Add test cases for file system mount options * Add translator for Filesystem struct * Document file system mount options * Implement file system mount options * providers: add initial zVM hypervisor support * travis: test on arm, use new ubuntu, cleanup * config/v3_1_exp/types: validate http(s) proxies * tests: remove unused stub for id * distro: turn on SELinux by default * Add filesystem mount options to schema * files/passwd: don't shell out to id * files/passwd: clean up repetitive code * providers/aliyun: Add aliyun * release-checklist: mention mantle cl branch for 0.x.y releases * config/v3*: don't warn on unset mode if appending ++++ kernel-default: - Refresh patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch. - commit 035dc7c - patches.suse/scsi-target-iscsi-rename-some-variables-to-avoid-con.patch: (jsc#SES-1080). - patches.suse/scsi-target-iscsi-tie-the-challenge-length-to-the-ha.patch: (jsc#SES-1080). - patches.suse/scsi-target-iscsi-CHAP-add-support-for-SHA1-SHA256-a.patch: (jsc#SES-1080). - patches.suse/scsi-target-remove-unused-extension-parameters.patch: (jsc#SES-1080). - patches.suse/scsi-target-fix-SendTargets-All-string-compares.patch: (jsc#SES-1080). - patches.suse/scsi-target-compare-full-CHAP_A-Algorithm-strings.patch: (jsc#SES-1080). - commit d620bcd - media: Revert "media: vimc: propagate pixel format in the stream" (git-fixes). - commit 34b5c83 - media: vimc: stream: fix style of argument description (git-fixes). - commit b398d8c - media: vimc: stream: remove obsolete function doc (git-fixes). - commit eb41435 - media: Revert "media: vimc: Remove or modify stream checks" (git-fixes). - commit 249cb6d - supported.conf: cleanup - drop modules built into vmlinux now: crypto/crc32 drivers/video/macmodes fs/autofs4/autofs4 - drop extension drivers/hwmon/ina3221 - commit 6d1628e - update upstream references - update Patch-mainline: patches.suse/cpusets-Rebuild-root-domain-deadline-accounting-information.patch patches.suse/membarrier-Fix-RCU-locking-bug-caused-by-faulty-merge.patch patches.suse/sched-Add-task_struct-pointer-to-sched_class-set_curr_task.patch patches.suse/sched-Allow-put_prev_task-to-drop-rq-lock.patch patches.suse/sched-Rework-CPU-hotplug-task-selection.patch patches.suse/sched-Rework-pick_next_task-slow-path.patch patches.suse/sched-core-Streamle-calls-to-task_rq_unlock.patch patches.suse/sched-fair-Avoid-redundant-EAS-calculation.patch patches.suse/sched-fair-Change-task_numa_work-storage-to-static.patch patches.suse/sched-fair-Expose-newidle_balance.patch patches.suse/sched-fair-Fall-back-to-sched-idle-CPU-if-idle-CPU-isn-t-found.patch patches.suse/sched-fair-Fix-Wunused-but-set-variable-warnings.patch patches.suse/sched-fair-Fix-low-cpu-usage-with-high-throttling-by-removing-expiration-of-cpu-local-slices.patch patches.suse/sched-fair-Introduce-fits_capacity.patch patches.suse/sched-fair-Move-init_numa_balancing-below-task_numa_work.patch patches.suse/sched-fair-Move-task_numa_work-init-to-init_numa_balancing.patch patches.suse/sched-fair-Speed-up-energy-aware-wake-ups.patch patches.suse/sched-fair-Start-tracking-SCHED_IDLE-tasks-count-in-cfs_rq.patch patches.suse/sched-isolation-Prefer-housekeeping-CPU-in-local-node.patch patches.suse/sched-membarrier-Fix-p-mm-membarrier_state-racy-load.patch patches.suse/sched-membarrier-Remove-redundant-check.patch patches.suse/sched-membarrier-Return-ENOMEM-to-userspace-on-memory-allocation-failure.patch patches.suse/sched-membarrier-Skip-IPIs-when-mm-mm_users-1.patch patches.suse/sched-rt-deadline-Fix-set_next_task-vs-pick_next_task.patch patches.suse/sched-stats-Fix-unlikely-use-of-sched_info_on.patch patches.suse/sched-topology-Add-partition_sched_domains_locked.patch patches.suse/stop_machine-Fix-stop_cpus_in_progress-ordering.patch - commit 7497999 ++++ libdrm: - This release includes support for latest Intel GPUs (jsc#SLE-7962, jsc#SLE-8024, jsc#SLE-8022, jsc#SLE-10182, jsc#SLE-4989, jsc#SLE-4983, bsc#1137515) ++++ Mesa: - Update to version 19.2.3 In this release: iris, meson, radv, anv, turnip, 965, svga, utils, core mesa, glsl, etanviv, and gallium/rbug - This Mesa release includes support for latest GPUs including Intel (jsc#SLE-7962, jsc#SLE-8024, jsc#SLE-8022, jsc#SLE-10182, jsc#SLE-4983, bsc#1137515) and fixes for boo#1127672, bsc#1117365 ++++ libglvnd: - This release is needed for latest Mesa update in order to support latest GPUs including Intel (jsc#SLE-7962, jsc#SLE-8024, jsc#SLE-8022, jsc#SLE-10182) ++++ qemu: - Fix two issues with qcow2 image processing which could affect disk integrity qcow2-Fix-QCOW2_COMPRESSED_SECTOR_MASK.patch qcow2-bitmap-Fix-uint64_t-left-shift-ove.patch ++++ suse-module-tools: - Update to version 15.2.7: * spec file: avoid %{_libexecdir} - Update to version 15.2.6: * modprobe.conf: add dependency of papr_scm on libnvdimm (bsc#1142152, ltc#176292, FATE#327775). ------------------------------------------------------------------ ------------------ 2019-11-6 - Nov 6 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - membarrier: Fix RCU locking bug caused by faulty merge (bnc#1155798 (CPU scheduler functional and performance backports)). - commit 49ddad8 - sched/fair: Avoid redundant EAS calculation (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix -Wunused-but-set-variable warnings (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/membarrier: Return -ENOMEM to userspace on memory allocation failure (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/membarrier: Skip IPIs when mm->mm_users == 1 (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/membarrier: Fix p->mm->membarrier_state racy load (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/membarrier: Remove redundant check (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Speed-up energy-aware wake-ups (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Rework pick_next_task() slow-path (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Allow put_prev_task() to drop rq->lock (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Expose newidle_balance() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Add task_struct pointer to sched_class::set_curr_task (bnc#1155798 (CPU scheduler functional and performance backports)). - sched: Rework CPU hotplug task selection (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/{rt,deadline}: Fix set_next_task vs pick_next_task (bnc#1155798 (CPU scheduler functional and performance backports)). - stop_machine: Fix stop_cpus_in_progress ordering (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices (bnc#1155798 (CPU scheduler functional and performance backports)). - cpusets: Rebuild root domain deadline accounting information (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/core: Streamle calls to task_rq_unlock() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/topology: Add partition_sched_domains_locked() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Introduce fits_capacity() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/isolation: Prefer housekeeping CPU in local node (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/stats: Fix unlikely() use of sched_info_on() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Fall back to sched-idle CPU if idle CPU isn't found (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Start tracking SCHED_IDLE tasks count in cfs_rq (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Change task_numa_work() storage to static (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Move task_numa_work() init to init_numa_balancing() (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Move init_numa_balancing() below task_numa_work() (bnc#1155798 (CPU scheduler functional and performance backports)). - commit daa1350 - blacklist.conf: rendered moot by subsequent removal of the driver (which we didn't compile in SLE15 in the first place) - commit 4972748 - enetc: Add mdio bus driver for the PCIe MDIO endpoint (jsc#SLE-9316). - enetc: Clean up makefile (jsc#SLE-9316). - commit 2f5843d - config: arm64: enable nxp ls1028a (jsc#SLE-9263) Update supported.conf accordingly - commit 3c653ff - series.conf: cleanup - update upstream reference and move into sorted section: patches.suse/rtlwifi-Fix-potential-overflow-on-P2P-code.patch - whitespace cleanup No effect on expanded tree. - commit 913dbd6 - rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043) - commit ceb9273 - rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let COMPRESS_VMLINUX determine the compression used for vmlinux. By default (historically), it is gz. - commit c8b2d9f - selftests/bpf: More compatible nc options in test_lwt_ip_encap (bsc#1155518). - selftests/bpf: Set rp_filter in test_flow_dissector (bsc#1155518). - selftests/bpf: fix endianness issues in test_sysctl (bsc#1155518). - selftests/bpf: improve unexpected success reporting in test_syctl (bsc#1155518). - selftests/bpf: fix "ctx:write sysctl:write read ok" on s390 (bsc#1155518). - selftests/bpf: introduce bpf_cpu_to_be64 and bpf_be64_to_cpu (bsc#1155518). - selftests/bpf: fix race in test_tcp_rtt test (bsc#1155518). - tools: bpftool: move "__printf()" attributes to header file (bsc#1155518). - tools: bpftool: fix format string for p_err() in detect_common_prefix() (bsc#1155518). - tools: bpftool: fix format string for p_err() in query_flow_dissector() (bsc#1155518). - tools: bpftool: fix argument for p_err() in BTF do_dump() (bsc#1155518). - tools: bpftool: fix format strings and arguments for jsonw_printf() (bsc#1155518). - tools: bpftool: fix arguments for p_err() in do_event_pipe() (bsc#1155518). - commit 19d2eb7 - series_sort: Move AMD-specific load balancing patch to sorted patch section - commit c65ad73 ++++ rdma-core: - BuildRequire valgrind-client-headers instead of full valgrind-devel where available. ++++ NetworkManager: - Update to version 1.20.6: + Fix updating agent-owned VPN secrets. + Adjust IWD support to new D-Bus path of IWD 1.0. + Introduce an 'optional' property in the 802-1x setting to allow the activation to proceed in case of missing authenticator. + Fix ARP announcements for IP addresses configured on interfaces. + Use proper interface when adding s390 specific details in initrd generator. + Don't disable PMF on Wi-Fi connections using SAE. + Properly handle uint16 property types in libnm. ++++ libvirt: - Update to libvirt 5.9.0 - jsc#SLE-7440 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html ++++ python-libvirt-python: - Update to 5.9.0 - Add all new APIs and constants in libvirt 5.9.0 ++++ qemu: - Work around a host kernel xfs bug which can result in qcow2 image corruption block-io-refactor-padding.patch util-iov-introduce-qemu_iovec_init_exten.patch block-Make-wait-mark-serialising-request.patch block-Add-bdrv_co_get_self_request.patch block-file-posix-Let-post-EOF-fallocate-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ++++ raspberrypi-firmware: - Update to 8e688a443 (2019-11-06): * firmware: Unicam: Request frequency of 250MHz when running camera use cases * firmware: arm_loader: Fix UART unmapping * firmware: uart1: Revert to the old core-frequency-locking method See: #1267 * firmware: arm_loader: Provide a sensible device_tree_end default See: #1259 * firmware: mmal_ril: Fix size reported on ENOSPC error See: #1269 * firmware: hvs: Trigger the EOLn timer at the field rate when interlaced See: #1227 * firmware: bootloader_state: Add support for a custom TFTP prefix parameter * firmware: arm_loader: GIC stub => 2711 stu See: #1255 * firmware: arm_loader: Add os_prefix option See: raspberrypi/linux#3237 * firmware: Add support for arbitrary memory specification * firmware: arm_loader: Fix explicit kernel name handling See: #1277 * firmware: Added a new display power mailbox call * firmware: Update display_power gencmd with optional display id See: raspberrypi/linux#3050 * firmware: Remove legacy pkgconfig to avoid Mesa conflicts See: raspberrypi/userland#585 * firmware: Update display_power gencmd with optional display id * firmware: sysman: Fix unsafe check for h264 being enabled See: popcornmix/omxplayer#749 * firmware: platform: Reduce absolute microvolts threshold to 500000 * firmware: Loop to init hotplug ++++ raspberrypi-firmware-config: - Update to 8e688a443 (2019-11-06): * firmware: Unicam: Request frequency of 250MHz when running camera use cases * firmware: arm_loader: Fix UART unmapping * firmware: uart1: Revert to the old core-frequency-locking method See: #1267 * firmware: arm_loader: Provide a sensible device_tree_end default See: #1259 * firmware: mmal_ril: Fix size reported on ENOSPC error See: #1269 * firmware: hvs: Trigger the EOLn timer at the field rate when interlaced See: #1227 * firmware: bootloader_state: Add support for a custom TFTP prefix parameter * firmware: arm_loader: GIC stub => 2711 stu See: #1255 * firmware: arm_loader: Add os_prefix option See: raspberrypi/linux#3237 * firmware: Add support for arbitrary memory specification * firmware: arm_loader: Fix explicit kernel name handling See: #1277 * firmware: Added a new display power mailbox call * firmware: Update display_power gencmd with optional display id See: raspberrypi/linux#3050 * firmware: Remove legacy pkgconfig to avoid Mesa conflicts See: raspberrypi/userland#585 * firmware: Update display_power gencmd with optional display id * firmware: sysman: Fix unsafe check for h264 being enabled See: popcornmix/omxplayer#749 * firmware: platform: Reduce absolute microvolts threshold to 500000 * firmware: Loop to init hotplug ------------------------------------------------------------------ ------------------ 2019-11-5 - Nov 5 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Re-enable systemtap, and require systemtap-headers and systemtap-dtrace, rather than systemtap-sdt-devel, to avoid build cycle (boo#1145438). - Own /usr/share/systemtap{|tapset} directories, since we no longer have systemtap-sdt-devel in BuildRequires. - Disable lto if systemtap is enabled: build fails otherwise. ++++ kernel-default: - Update upstream references: patches.suse/hugetlbfs-don-t-retry-when-pool-page-allocations-start-to-fail.patch patches.suse/mm-compaction-raise-compaction-priority-after-it-withdrawns.patch patches.suse/mm-compaction.c-remove-unnecessary-zone-parameter-in-isolate_migratepages.patch patches.suse/mm-filemap.c-don-t-initiate-writeback-if-mapping-has-no-dirty-pages.patch patches.suse/mm-filemap.c-rewrite-mapping_needs_writeback-in-less-fancy-manner.patch patches.suse/mm-mempolicy.c-remove-unnecessary-nodemask-check-in-kernel_migrate_pages.patch patches.suse/mm-reclaim-cleanup-should_continue_reclaim.patch patches.suse/mm-reclaim-make-should_continue_reclaim-perform-dryrun-detection.patch patches.suse/mm-replace-list_move_tail-with-add_page_to_lru_list_tail.patch patches.suse/mm-sl-aou-b-guarantee-natural-alignment-for-kmalloc-power-of-two.patch patches.suse/mm-sl-ou-b-improve-memory-accounting.patch patches.suse/mm-vmscan-do-not-share-cgroup-iteration-between-reclaimers.patch patches.suse/sched-topology-Improve-load-balancing-on-AMD-EPYC.patch - commit 471d837 - ALSA: hda/ca0132 - Fix possible workqueue stall (bsc#1155836). - commit a383566 - supported.conf: mark efa and siw as supported - commit 6c0057f - net: fix installing orphaned programs (bsc#1154353). - net: cls_bpf: fix NULL deref on offload filter removal (bsc#1154353). - net: phylink: Fix phylink_dbg() macro (bsc#1154353). - inet: stop leaking jiffies on the wire (bsc#1154353). - ixgbe: Remove duplicate clear_bit() call (jsc#SLE-7979 jsc#SLE-7981). - e1000: fix memory leaks (jsc#SLE-8100). - i40e: Fix receive buffer starvation for AF_XDP (jsc#SLE-8025). - igb: Fix constant media auto sense switching when no cable is connected (jsc#SLE-7967 jsc#SLE-8010). - igb: Enable media autosense for the i350 (jsc#SLE-7967 jsc#SLE-8010). - igb/igc: Don't warn on fatal read failures when the device is removed (jsc#SLE-7967 jsc#SLE-8010). - tcp: increase tcp_max_syn_backlog max value (bsc#1154353). - netdevsim: Fix use-after-free during device dismantle (bsc#1154353). - cxgb4: fix panic when attaching to ULD fail (jsc#SLE-8389). - net: annotate lockless accesses to sk->sk_napi_id (bsc#1154353). - net: annotate accesses to sk->sk_incoming_cpu (bsc#1154353). - mlxsw: core: Unpublish devlink parameters during reload (bsc#1154488). - qed: Optimize execution time for nvm attributes configuration (jsc#SLE-8401). - vxlan: fix unexpected failure of vxlan_changelink() (bsc#1154353). - qed: fix spelling mistake "queuess" -> "queues" (jsc#SLE-8401). - net/mlx5e: Initialize on stack link modes bitmap (jsc#SLE-8464). - net/mlx5e: Fix ethtool self test: link speed (jsc#SLE-8464). - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (jsc#SLE-8464). - net/mlx5e: Don't store direct pointer to action's tunnel info (jsc#SLE-8464). - net/mlx5: Fix NULL pointer dereference in extended destination (jsc#SLE-8464). - net/mlx5: Fix rtable reference leak (jsc#SLE-8464). - net/mlx5e: Only skip encap flows update when encap init failed (jsc#SLE-8464). - net/mlx5e: Replace kfree with kvfree when free vhca stats (jsc#SLE-8464). - net/mlx5e: Remove incorrect match criteria assignment line (jsc#SLE-8464). - net/mlx5e: Determine source port properly for vlan push action (jsc#SLE-8464). - net: rtnetlink: fix a typo fbd -> fdb (bsc#1154353). - bonding: fix using uninitialized mode_lock (bsc#1154353). - vxlan: check tun_info options_len properly (bsc#1154353). - erspan: fix the tun_info options_len check for erspan (bsc#1154353). - net: hisilicon: Fix ping latency when deal with high throughput (bsc#1154353). - net/mlx4_core: Dynamically set guaranteed amount of counters per VF (jsc#SLE-8460). - net: hisilicon: Fix "Trying to free already-free IRQ" (bsc#1154353). - net: fix sk_page_frag() recursion from memory reclaim (bsc#1154353). - udp: fix data-race in udp_set_dev_scratch() (bsc#1154353). - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (bsc#1154353). - net: use skb_queue_empty_lockless() in busy poll contexts (bsc#1154353). - net: use skb_queue_empty_lockless() in poll() handlers (bsc#1154353). - udp: use skb_queue_empty_lockless() (bsc#1154353). - net: add skb_queue_empty_lockless() (bsc#1154353). - ipvs: move old_secure_tcp into struct netns_ipvs (bsc#1154353). - ipvs: don't ignore errors in case refcounting ip_vs module fails (bsc#1154353). - netfilter: nft_payload: fix missing check for matching length in offloads (bsc#1154353). - netfilter: nf_flow_table: set timeout before insertion into hashes (bsc#1154353). - xsk: Fix registration of Rx-only sockets (bsc#1154353). - xdp: Handle device unregister for devmap_hash map type (bsc#1154353). - xdp: Prevent overflow in devmap_hash cost calculation for 32-bit builds (bsc#1154353). - bpf: lwtunnel: Fix reroute supplying invalid dst (bsc#1154353). - ipv4: fix route update on metric change (bsc#1154353). - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (bsc#1154353). - cxgb4: request the TX CIDX updates to status page (jsc#SLE-8389). - netns: fix GFP flags in rtnl_net_notifyid() (bsc#1154353). - net: sch_generic: Use pfifo_fast as fallback scheduler for CAN hardware (bsc#1154353). - net: remove unnecessary variables and callback (bsc#1154353). - vxlan: add adjacent link to limit depth level (bsc#1154353). - net: core: add ignore flag to netdev_adjacent structure (bsc#1154353). - team: fix nested locking lockdep warning (bsc#1154353). - bonding: use dynamic lockdep key instead of subclass (bsc#1154353). - bonding: fix unexpected IFF_BONDING bit unset (bsc#1154353). - net: core: add generic lockdep keys (bsc#1154353). - net: core: limit nested device depth (bsc#1154353). - keys: Fix memory leak in copy_net_ns (bsc#1154353). - net/flow_dissector: switch to siphash (bsc#1154353). - ipv6: include for missing declarations (bsc#1154353). - bnxt_en: Avoid disabling pci device in bnxt_remove_one() for already disabled device (jsc#SLE-8371 bsc#1153274). - bnxt_en: Minor formatting changes in FW devlink_health_reporter (jsc#SLE-8371 bsc#1153274). - bnxt_en: Adjust the time to wait before polling firmware readiness (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix devlink NVRAM related byte order related issues (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix the size of devlink MSIX parameters (jsc#SLE-8371 bsc#1153274). - ipv4: fix IPSKB_FRAG_PMTU handling with fragmentation (bsc#1154353). - net/mlx5: fix memory leak in mlx5_fw_fatal_reporter_dump (jsc#SLE-8464). - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (jsc#SLE-8464). - net/mlx5e: TX, Fix consumer index of error cqe dump (jsc#SLE-8464). - net/mlx5e: kTLS, Enhance TX resync flow (jsc#SLE-8464). - net/mlx5e: kTLS, Save a copy of the crypto info (jsc#SLE-8464). - net/mlx5e: kTLS, Remove unneeded cipher type checks (jsc#SLE-8464). - net/mlx5e: kTLS, Limit DUMP wqe size (jsc#SLE-8464). - net/mlx5e: kTLS, Fix missing SQ edge fill (jsc#SLE-8464). - net/mlx5e: kTLS, Fix page refcnt leak in TX resync error flow (jsc#SLE-8464). - net/mlx5e: kTLS, Save by-value copy of the record frags (jsc#SLE-8464). - net/mlx5e: kTLS, Save only the frag page to release at completion (jsc#SLE-8464). - net/mlx5e: kTLS, Size of a Dump WQE is fixed (jsc#SLE-8464). - net/mlx5e: kTLS, Release reference on DUMPed fragments in shutdown flow (jsc#SLE-8464). - net/mlx5e: Tx, Zero-memset WQE info struct upon update (jsc#SLE-8464). - net/mlx5e: Tx, Fix assumption of single WQEBB of NOP in cleanup flow (jsc#SLE-8464). - SUNRPC: Destroy the back channel when we destroy the host transport (bsc#1154353). - SUNRPC: The RDMA back channel mustn't disappear while requests are outstanding (bsc#1154353). - SUNRPC: The TCP back channel mustn't disappear while requests are outstanding (bsc#1154353). - RDMA/hns: Prevent memory leaks of eq->buf_list (jsc#SLE-8449). - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (jsc#SLE-8392). - RDMA/mlx5: Use irq xarray locking for mkey_table (jsc#SLE-8446). - IB/core: Avoid deadlock during netlink message handling (jsc#SLE-8449). - RDMA/nldev: Skip counter if port doesn't match (jsc#SLE-8449). - RDMA/uverbs: Prevent potential underflow (jsc#SLE-8449). - IB/core: Use rdma_read_gid_l2_fields to compare GID L2 fields (jsc#SLE-8449). - RDMA/qedr: Fix reported firmware version (jsc#SLE-8215). - RDMA/siw: free siw_base_qp in kref release routine (jsc#SLE-8381). - RDMA/iwcm: move iw_rem_ref() calls out of spinlock (jsc#SLE-8449). - iw_cxgb4: fix ECN check on the passive accept (jsc#SLE-8392). - IB/hfi1: Use a common pad buffer for 9B and 16B packets (jsc#SLE-8449). - IB/hfi1: Avoid excessive retry for TID RDMA READ request (jsc#SLE-8449). - RDMA/mlx5: Clear old rate limit when closing QP (jsc#SLE-8446). - net: reorder 'struct net' fields to avoid false sharing (bsc#1154353). - net: netem: correct the parent's backlog when corrupted packet was dropped (bsc#1154353). - net: netem: fix error path for corrupted GSO frames (bsc#1154353). - net: hns3: fix mis-counting IRQ vector numbers issue (bsc#1154353). - mlxsw: spectrum_trap: Push Ethernet header before reporting trap (bsc#1154488). - net: ensure correct skb->tstamp in various fragmenters (bsc#1154353). - tcp: fix a possible lockdep splat in tcp_done() (bsc#1154353). - net: cavium: Use the correct style for SPDX License Identifier (bsc#1154353). - tcp: annotate sk->sk_wmem_queued lockless reads (bsc#1154353). - tcp: annotate sk->sk_sndbuf lockless reads (bsc#1154353). - tcp: annotate sk->sk_rcvbuf lockless reads (bsc#1154353). - tcp: annotate tp->urg_seq lockless reads (bsc#1154353). - tcp: annotate tp->snd_nxt lockless reads (bsc#1154353). - tcp: annotate tp->write_seq lockless reads (bsc#1154353). - tcp: annotate tp->copied_seq lockless reads (bsc#1154353). - tcp: annotate tp->rcv_nxt lockless reads (bsc#1154353). - tcp: add rcu protection around tp->fastopen_rsk (bsc#1154353). - net: silence KCSAN warnings about sk->sk_backlog.len reads (bsc#1154353). - net: annotate sk->sk_rcvlowat lockless reads (bsc#1154353). - net: silence KCSAN warnings around sk_add_backlog() calls (bsc#1154353). - tcp: annotate lockless access to tcp_memory_pressure (bsc#1154353). - net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head (bsc#1154353). - net: avoid possible false sharing in sk_leave_memory_pressure() (bsc#1154353). - netfilter: conntrack: avoid possible false sharing (bsc#1154353). - netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID (bsc#1154353). - sctp: add chunks to sk_backlog when the newsk sk_socket is not set (bsc#1154353). - ip6erspan: remove the incorrect mtu limit for ip6erspan (bsc#1154353). - net/mlx5: DR, Allow insertion of duplicate rules (jsc#SLE-8464). - rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record (bsc#1154353). - rxrpc: Fix trace-after-put looking at the put call record (bsc#1154353). - rxrpc: Fix trace-after-put looking at the put connection record (bsc#1154353). - rxrpc: Fix trace-after-put looking at the put peer record (bsc#1154353). - rxrpc: Fix call ref leak (bsc#1154353). - commit ccf9a99 - rpm/mkspec-dtb: add mt76 based dtb package - commit 8ff92d0 - usb: dwc3: gadget: fix race when disabling ep with cancelled xfers (git-fixes). - USB: serial: whiteheat: fix potential slab corruption (git-fixes). - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments") (git-fixes). - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows") (git-fixes). - usb: xhci: fix Immediate Data Transfer endianness (git-fixes). - xhci: Fix use-after-free regression in xhci clear hub TT implementation (git-fixes). - USB: ldusb: fix control-message timeout (git-fixes). - USB: ldusb: fix ring-buffer locking (git-fixes). - usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (git-fixes). - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (git-fixes). - usb: dwc3: select CONFIG_REGMAP_MMIO (git-fixes). - hwmon: (ina3221) Fix read timeout issue (git-fixes). - r8169: fix wrong PHY ID issue with RTL8168dp (git-fixes). - mt76: dma: fix buffer unmap with non-linear skbs (git-fixes). - nl80211: fix validation of mesh path nexthop (git-fixes). - wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (git-fixes). - virt_wifi: fix refcnt leak in module exit routine (git-fixes). - macsec: fix refcnt leak in module exit routine (git-fixes). - keys: Fix memory leak in copy_net_ns (git-fixes). - drm/i915: Fix PCH reference clock for FDI on HSW/BDW (git-fixes). - drm/v3d: Fix memory leak in v3d_submit_cl_ioctl (git-fixes). - commit 7b0a0d1 - mm, sl[aou]b: guarantee natural alignment for kmalloc(power-of-two) (bnc#1155780 (VM/FS functional and performance backports)). - mm, sl[ou]b: improve memory accounting (bnc#1155780 (VM/FS functional and performance backports)). - hugetlbfs: don't retry when pool page allocations start to fail (bnc#1155780 (VM/FS functional and performance backports)). - mm, compaction: raise compaction priority after it withdrawns (bnc#1155780 (VM/FS functional and performance backports)). - mm, reclaim: cleanup should_continue_reclaim() (bnc#1155780 (VM/FS functional and performance backports)). - mm, reclaim: make should_continue_reclaim perform dryrun detection (bnc#1155780 (VM/FS functional and performance backports)). - mm/mempolicy.c: remove unnecessary nodemask check in kernel_migrate_pages() (bnc#1155780 (VM/FS functional and performance backports)). - mm/compaction.c: remove unnecessary zone parameter in isolate_migratepages() (bnc#1155780 (VM/FS functional and performance backports)). - mm: vmscan: do not share cgroup iteration between reclaimers (bnc#1155780 (VM/FS functional and performance backports)). - mm/filemap.c: rewrite mapping_needs_writeback in less fancy manner (bnc#1155780 (VM/FS functional and performance backports)). - mm/filemap.c: don't initiate writeback if mapping has no dirty pages (bnc#1155780 (VM/FS functional and performance backports)). - mm: replace list_move_tail() with add_page_to_lru_list_tail() (bnc#1155780 (VM/FS functional and performance backports)). - commit d426df6 - stacktrace: Don't skip first entry on noncurrent tasks (bnc#1154866). - commit cc9ff55 - Delete patches.suse/0056-acpi-Disable-ACPI-table-override-if-the-kernel-is-lo.patch. This patch be replaced by 6ea0e815fc in v5.4-rc1. (jsc#SLE-9870) - commit 76eea73 - Delete patches.suse/0055-acpi-Ignore-acpi_rsdp-kernel-param-when-the-kernel-h.patch. This patch be replaced by 41fa1ee9c6 in v5.4-rc1. (jsc#SLE-9870) - commit a511e8c - Delete patches.suse/0054-ACPI-Limit-access-to-custom_method-when-the-kernel-i.patch. This patch be replaced by f474e1486 in v5.4-rc1. (jsc#SLE-9870) - commit 881b574 - Delete patches.suse/0053-asus-wmi-Restrict-debugfs-interface-when-the-kernel-.patch. This patch be replaced by 5496197f9b in v5.4-rc1. (jsc#SLE-9870) - commit 26e7156 - Delete patches.suse/0052-x86-Restrict-MSR-access-when-the-kernel-is-locked-do.patch. This patch be replaced by 95f5e95f41 in v5.4-rc1. (jsc#SLE-9870) - commit d5a4f81 - Delete patches.suse/0051-x86-Lock-down-IO-port-access-when-the-kernel-is-lock.patch. This patch be replaced by 9b9d8dda1e in v5.4-rc1. (jsc#SLE-9870) - commit a338a65 - Delete patches.suse/0050-PCI-Lock-down-BAR-access-when-the-kernel-is-locked-d.patch. This patch be replaced by eb627e1772 in v5.4-rc1. (jsc#SLE-9870) - commit 35fdce5 - Delete patches.suse/0048-hibernate-Disable-when-the-kernel-is-locked-down.patch. This patch be replaced by 38bd94b8a in v5.4-rc1. (jsc#SLE-9870) - commit a36f246 - update upstream references - move to "almost mainline" section: patches.suse/autonuma-fix-watermark-checking-in-migrate_balanced_pgdat.patch patches.suse/autonuma-reduce-cache-footprint-when-scanning-page-tables.patch - update patch-mainline: patches.suse/mm-slub.c-init_on_free-1-should-wipe-freelist-ptr-for-bulk-allocations.patch patches.suse/sched-fair-Scale-bandwidth-quota-and-period-without-losing-quota-period-ratio-precision.patch patches.suse/sched-vtime-Fix-guest-system-mis-accounting-on-task-switch.patch No effect on expanded tree. - commit 509d57a ++++ Mesa: - Dont conflict with vulkan-devel anymore as there is no file conflict ++++ systemd: - Fix %{_libexecdir} misuses of /usr/lib ++++ zstd: - Update to version 1.4.4 * perf: Improved decompression speed, by > 10% * perf: Better compression speed when re-using a context * perf: Fix compression ratio when compressing large files with small dictionary * perf: zstd reference encoder can generate RLE blocks * perf: minor generic speed optimization * api: new ability to extract sequences from the parser for analysis * api: fixed decoding of magic-less frames * api: fixed ZSTD_initCStream_advanced() performance with fast modes * cli: Named pipes support * cli: short tar's extension support * cli: command --output-dir-flat=DIE , generates target files into requested directory * cli: commands --stream-size=# and --size-hint=# * cli: command --exclude-compressed * cli: faster -t test mode * cli: improved some error messages * cli: fix rare deadlock condition within dictionary builder * misc: Improved documentation : ZSTD_CLEVEL, DYNAMIC_BMI2, ZSTD_CDict, function deprecation, zstd format * misc: fixed educational decoder : accept larger literals section, and removed UNALIGNED() macro - Refresh pzstd.1.patch ++++ yast2: - Use new snapper machine-readable output to retrieve snapshots information (related to bsc#1149322). - 4.2.33 - Add linuxrc option "reboot_timeout" to configure the timeout before reboot (bsc#1122493) - 4.2.32 ------------------------------------------------------------------ ------------------ 2019-11-4 - Nov 4 2019 ------------------- ------------------------------------------------------------------ ++++ cpio: - add cpio-2.12-CVE-2019-14866.patch to fix a security issue where cpio does not properly validate the values written in the header of a TAR file through the to_oct() function [bsc#1155199] [CVE-2019-14866] ++++ kernel-default: - Refresh patches.suse/sched-topology-Improve-load-balancing-on-AMD-EPYC.patch. - commit d1f7e6e - rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description (bsc#1149119). - commit 525ec92 - Delete patches.suse/0047-kexec_file-restrict-if-the-kernel-is-locked-down.patch. This patch be replaced by 155bdd30a in v5.4-rc1. (jsc#SLE-9870) - commit 539b083 - Delete patches.suse/0047-kexec_file-split-KEXEC_VERIFY_SIG.patch. This patch be replaced by 99d5cadfd in v5.4-rc1. (jsc#SLE-9870) - commit b4392d9 - Delete patches.suse/0046-Copy-secure_boot-flag-in-boot-params-across-kexec-re.patch. This patch be replaced by fef5dad987 in v5.4-rc1. (jsc#SLE-9870) - commit 2ac33a1 - Delete patches.suse/0045-kexec-Disable-at-runtime-if-the-kernel-is-locked-dow.patch. This patch be replaced by 7d31f4602f in v5.4-rc1. (jsc#SLE-9870) - commit 6378a1f - Delete patches.suse/0043-Restrict-dev-mem-and-dev-kmem-when-the-kernel-is-loc.patch. This patch be replaced by 9b9d8dda1e in v5.4-rc1. (jsc#SLE-9870) - commit 471bb54 - Delete patches.suse/0042-Enforce-module-signatures-if-the-kernel-is-locked-do.patch. This patch be replaced by 49fcf732bd in v5.4-rc1. (jsc#SLE-9870) - commit 0f1ab5f - Delete patches.suse/0040-Add-the-ability-to-lock-down-access-to-the-running-k.patch. This patch be replaced by 9e47d31d6a and 000d388ed3 in v5.4-rc1. (jsc#SLE-9870) - commit a3aff83 - powerpc/powernv: Fix CPU idle to be called with IRQs disabled (git-fixes). - efi/tpm: Return -EINVAL when determining tpm final events log size fails (git-fixes). - commit 0afb81a - autonuma: Reduce cache footprint when scanning page tables (bnc#1155756). - autonuma: fix watermark checking in migrate_balanced_pgdat() (bnc#1155756). - commit 92ab99b - bpf: Fix use after free in bpf_get_prog_name (bsc#1155518). - bpf: Fix use after free in subprog's jited symbol removal (bsc#1155518). - commit 0ffd4be ++++ python-rpm-macros: - Update to version 20191104.08e6493: * %pyproject_install macro should include --no-compile. * Recognise the _ for the macro arguments too ++++ qemu: - Correct package names in _constraints after switch to multibuild. ++++ rebootmgr: - Update to version 0.20.1 - added a memory allocation check ++++ wpa_supplicant: - Update to 2.9 release: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * EAP-pwd changes - disable use of groups using Brainpool curves - allow the set of groups to be configured (eap_pwd_groups) - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * fixed FT-EAP initial mobility domain association using PMKSA caching (disabled by default for backwards compatibility; can be enabled with ft_eap_pmksa_caching=1) * fixed a regression in OpenSSL 1.1+ engine loading * added validation of RSNE in (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list * extended EAP-SIM/AKA fast re-authentication to allow use with FILS * extended ca_cert_blob to support PEM format * improved robustness of P2P Action frame scheduling * added support for EAP-SIM/AKA using anonymous@realm identity * fixed Hotspot 2.0 credential selection based on roaming consortium to ignore credentials without a specific EAP method * added experimental support for EAP-TEAP peer (RFC 7170) * added experimental support for EAP-TLS peer with TLS v1.3 * fixed a regression in WMM parameter configuration for a TDLS peer * fixed a regression in operation with drivers that offload 802.1X 4-way handshake * fixed an ECDH operation corner case with OpenSSL * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes - do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms - fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP - started to prefer FT-SAE over SAE AKM if both are enabled - started to prefer FT-SAE over FT-PSK if both are enabled - fixed FT-SAE when SAE PMKSA caching is used - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494, bsc#1131868) * EAP-pwd changes - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495, bsc#1131870) - verify server scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, bsc#1131874, bsc#1131872, bsc#1131871, bsc#1131644) - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/] (CVE-2019-11555, bsc#1133640) - enforce rand,mask generation rules more strictly - fix a memory leak in PWE derivation - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27) - SAE/EAP-pwd side-channel attack update [https://w1.fi/security/2019-6/] (CVE-2019-13377, bsc#1144443) * fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y * Hotspot 2.0 changes - do not indicate release number that is higher than the one AP supports - added support for release number 3 - enable PMF automatically for network profiles created from credentials * fixed OWE network profile saving * fixed DPP network profile saving * added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1) * added Multi-AP backhaul STA support * fixed build with LibreSSL * number of MKA/MACsec fixes and extensions * extended domain_match and domain_suffix_match to allow list of values * fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL * started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled * extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384 * fixed KEK2 derivation for FILS+FT * extended client_cert file to allow loading of a chain of PEM encoded certificates * extended beacon reporting functionality * extended D-Bus interface with number of new properties * fixed a regression in FT-over-DS with mac80211-based drivers * OpenSSL: allow systemwide policies to be overridden * extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability * added support for random P2P Device/Interface Address use * extended PEAP to derive EMSK to enable use with ERP/FILS * extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1) * removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS) * extended domain_match and domain_suffix_match to allow list of values * added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order * fixed PTK rekeying with FILS and FT * fixed WPA packet number reuse with replayed messages and key reinstallation [https://w1.fi/security/2017-1/] (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) * fixed unauthenticated EAPOL-Key decryption in wpa_supplicant [https://w1.fi/security/2018-1/] (CVE-2018-14526) * added support for FILS (IEEE 802.11ai) shared key authentication * added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA) * added support for DPP (Wi-Fi Device Provisioning Protocol) * added support for RSA 3k key case with Suite B 192-bit level * fixed Suite B PMKSA caching not to update PMKID during each 4-way handshake * fixed EAP-pwd pre-processing with PasswordHashHash * added EAP-pwd client support for salted passwords * fixed a regression in TDLS prohibited bit validation * started to use estimated throughput to avoid undesired signal strength based roaming decision * MACsec/MKA: - new macsec_linux driver interface support for the Linux kernel macsec module - number of fixes and extensions * added support for external persistent storage of PMKSA cache (PMKSA_GET/PMKSA_ADD control interface commands; and MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case) * fixed mesh channel configuration pri/sec switch case * added support for beacon report * large number of other fixes, cleanup, and extensions * added support for randomizing local address for GAS queries (gas_rand_mac_addr parameter) * fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel * added option for using random WPS UUID (auto_uuid=1) * added SHA256-hash support for OCSP certificate matching * fixed EAP-AKA' to add AT_KDF into Synchronization-Failure * fixed a regression in RSN pre-authentication candidate selection * added option to configure allowed group management cipher suites (group_mgmt network profile parameter) * removed all PeerKey functionality * fixed nl80211 AP and mesh mode configuration regression with Linux 4.15 and newer * added ap_isolate configuration option for AP mode * added support for nl80211 to offload 4-way handshake into the driver * added support for using wolfSSL cryptographic library * SAE - added support for configuring SAE password separately of the WPA2 PSK/passphrase - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability - added support for Password Identifier - fixed FT-SAE PMKID matching * Hotspot 2.0 - added support for fetching of Operator Icon Metadata ANQP-element - added support for Roaming Consortium Selection element - added support for Terms and Conditions - added support for OSEN connection in a shared RSN BSS - added support for fetching Venue URL information * added support for using OpenSSL 1.1.1 * FT - disabled PMKSA caching with FT since it is not fully functional - added support for SHA384 based AKM - added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in addition to previously supported BIP-CMAC-128 - fixed additional IE inclusion in Reassociation Request frame when using FT protocol - Drop merged patches: * rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch * rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch * rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch * rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch * rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch * rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch * rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch * rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch * rebased-v2.6-0009-WPA-Ignore-unauthenticated-encrypted-EAPOL-Key-data.patch * wpa_supplicant-bnc-1099835-fix-private-key-password.patch * wpa_supplicant-bnc-1099835-clear-default_passwd_cb.patch * wpa_supplicant-log-file-permission.patch * wpa_supplicant-log-file-cloexec.patch * wpa_supplicant-git-fa67debf4c6ddbc881a212b175faa6d5d0d90c8c.patch * wpa_supplicant-git-f5b74b966c942feb95a8ddbb7d130540b15b796d.patch - Rebase patches: * wpa_supplicant-getrandom.patch ------------------------------------------------------------------ ------------------ 2019-11-3 - Nov 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - series.conf: refresh - update upstream reference: patches.suse/scsi-lpfc-Check-queue-pointer-before-use.patch patches.suse/scsi-qla2xxx-Fix-partial-flash-write-of-MBI.patch patches.suse/scsi-qla2xxx-Initialized-mailbox-to-prevent-driver-l.patch patches.suse/scsi-qla2xxx-fixup-incorrect-usage-of-host_byte.patch patches.suse/scsi-qla2xxx-stop-timer-in-shutdown-path.patch - no effect on expanded tree - commit 37e310e ------------------------------------------------------------------ ------------------ 2019-11-2 - Nov 2 2019 ------------------- ------------------------------------------------------------------ ++++ pango: - Update to version 1.44.7+8: + Undo fontset deprecations. + Adjust expected test outputs. + Fix ItemProperties handling. + Don't treat rise as a no-shape attribute. + Drop an unused ItemProperties use. + Go back to ignoring underlines for itemization. + fc: remove another assertion that might trigger. - Switch to using pango 1.44 stable git branch. ------------------------------------------------------------------ ------------------ 2019-11-1 - Nov 1 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Fix issue where CHAP was not working after latest update (bsc#1155510), updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - ALSA: timer: Fix mutex deadlock at releasing card (git-fixes). - ALSA: hda - Fix mutex deadlock in HDMI codec driver (git-fixes). - Revert "ALSA: hda: Flush interrupts on disabling" (git-fixes). - ALSA: bebob: Fix prototype of helper function to return negative value (git-fixes). - ALSA: hda/realtek - Fix 2 front mics of codec 0x623 (git-fixes). - ALSA: hda/realtek - Add support for ALC623 (git-fixes). - ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface (git-fixes). - commit ed66481 - Update upstream references: patches.suse/mm-meminit-Recalculate-pcpu-batch-and-high-limits-after-init-completes.patch. patches.suse/mm-pcp-Share-common-code-between-memory-hotplug-and-percpu-sysctl-handler.patch. patches.suse/mm-pcpu-Make-zone-pcp-updates-and-reset-internal-to-the-mm.patch. - move these patches to "soon to be mainline" section - commit 8b0a210 - sched/vtime: Fix guest/system mis-accounting on task switch (git fixes (cputime accounting)). - sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision (git fixes (sched)). - commit dc7f4dd - mm/slub.c: init_on_free=1 should wipe freelist ptr for bulk allocations (git fixes (mm/slub)). - commit 1fe1553 - mm, pcpu: Make zone pcp updates and reset internal to the mm (bnc#1155628). - mm, pcp: Share common code between memory hotplug and percpu sysctl handler (bnc#1155628). - mm, meminit: Recalculate pcpu batch and high limits after init completes (bnc#1155628). - commit ca89c1c ++++ Mesa: - Use %pkg_vcmp macro instead of llvm-config to detect LLVM 9. ------------------------------------------------------------------ ------------------ 2019-10-31 - Oct 31 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - refresh config files No functional change. - commit b484ff3 - Update config files: Disable CONFIG_RT_GROUP_SCHED (jsc#SLE-10427) - commit db9fda6 - MODSIGN: make new include file self contained (jsc#SLE-9870). - commit 9916222 - bpf: fix BTF limits (bsc#1155518). - commit 97d5e03 - MODSIGN: Export module signature definitions (jsc#SLE-9870). - Update config files. - Refresh patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch. - commit 10961d4 - Update references (add CVE-2019-10220 bsc#1144903 bso#14072): patches.suse/Make-filldir-64-verify-the-directory-entry-filename-.patch patches.suse/filldir-64-remove-WARN_ON_ONCE-for-bad-directory-ent.patch - commit e4c1e0f ++++ NetworkManager: - Drop NetworkNanager-client recommends: this is no longer needed, as NM itself ships a frontend by now (nmtui). If a DE has a better way to manage NM (by means of applets or other way of integration) it is up to the DE to depend on the applets. ++++ systemd: - Drop 0001-compat-rules-escape-when-used-for-shell-expansion.patch It's part of the previous import. - Import commit b7467b7b553d6d0d6f92758d966b69f1a88b6b42 441f44f371 fileio: introduce read_full_virtual_file() for reading virtual files in sysfs, procfs (bsc#1133495) 8a1bb5c66b swap: do not make swap units wanted by its device unit anymore ++++ podman: - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. ++++ yast2: - Network: During an installation, check which backend is in use when Systemd is running. (bsc#1151291) - 4.2.31 ------------------------------------------------------------------ ------------------ 2019-10-30 - Oct 30 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Disable btrfs zstd support for i386-pc to workaround core.img too large to be embedded in btrfs bootloader area or MBR gap (boo#1154809) * 0001-btrfs-disable-zstd-support-for-i386-pc.patch ++++ kernel-default: - scsi: qla2xxx: stop timer in shutdown path (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix partial flash write of MBI (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Initialized mailbox to prevent driver load failure (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: fixup incorrect usage of host_byte (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit 1cb635f - Refresh patches.suse/scsi-lpfc-Check-queue-pointer-before-use.patch - commit 56420bc - nbd: verify socket is supported during setup (git-fixes). - commit 85aab98 - x86/boot/acpi: Move get_cmdline_acpi_rsdp() under #ifdef guard (jsc#SLE-9870). - tracefs: Revert ccbd54ff54e8 ("tracefs: Restrict tracefs when the kernel is locked down") (jsc#SLE-9870). - kexec: Fix file verification on S390 (jsc#SLE-9870). - security: constify some arrays in lockdown LSM (jsc#SLE-9870). - lockdown: Print current->comm in restriction messages (jsc#SLE-9870). - efi: Restrict efivar_ssdt_load when the kernel is locked down (jsc#SLE-9870). - tracefs: Restrict tracefs when the kernel is locked down (jsc#SLE-9870). - debugfs: Restrict debugfs when the kernel is locked down (jsc#SLE-9870). - kexec: Allow kexec_file() with appropriate IMA policy when locked down (jsc#SLE-9870). - lockdown: Lock down perf when in confidentiality mode (jsc#SLE-9870). - bpf: Restrict bpf when kernel lockdown is in confidentiality mode (jsc#SLE-9870). - lockdown: Lock down tracing and perf kprobes when in confidentiality mode (jsc#SLE-9870). - lockdown: Lock down /proc/kcore (jsc#SLE-9870). - x86/mmiotrace: Lock down the testmmiotrace module (jsc#SLE-9870). - lockdown: Lock down module params that specify hardware parameters (eg. ioport) (jsc#SLE-9870). - lockdown: Lock down TIOCSSERIAL (jsc#SLE-9870). - lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down (jsc#SLE-9870). - acpi: Disable ACPI table override if the kernel is locked down (jsc#SLE-9870). - acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down (jsc#SLE-9870). - ACPI: Limit access to custom_method when the kernel is locked down (jsc#SLE-9870). - x86/msr: Restrict MSR access when the kernel is locked down (jsc#SLE-9870). - x86: Lock down IO port access when the kernel is locked down (jsc#SLE-9870). - PCI: Lock down BAR access when the kernel is locked down (jsc#SLE-9870). - hibernate: Disable when the kernel is locked down (jsc#SLE-9870). - kexec_file: Restrict at runtime if the kernel is locked down (jsc#SLE-9870). - kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE (jsc#SLE-9870). - Update config files. (jsc#SLE-9870) - lockdown: Copy secure_boot flag in boot params across kexec reboot (jsc#SLE-9870). - kexec_load: Disable at runtime if the kernel is locked down (jsc#SLE-9870). - lockdown: Restrict /dev/{mem,kmem,port} when the kernel is locked down (jsc#SLE-9870). - lockdown: Enforce module signatures if the kernel is locked down (jsc#SLE-9870). - security: Add a static lockdown policy LSM (jsc#SLE-9870). - Update config files. (jsc#SLE-9870) - security: Add a "locked down" LSM hook (jsc#SLE-9870). - security: Support early LSMs (jsc#SLE-9870). - commit f827a66 ++++ libdrm: - Update to version 2.4.100 * bugfixes (boo#1155382) ++++ dtc: - switch to building python3 bindings using setuptools to avoid patching - Enable python3 binding in python3-libfdt - update to 1.5.1: * Numerous assorted bugfixes * Add a new fdt_create_with_flags() function, and a FDT_CREATE_FLAG_NO_NAME_DEDUP flag which improves speed at the cost of tree size by not deduplicating property names in the strings section * Run tests against shared library, so it will catch the common mistake of not adding new symbols to the versioning script * Add a number of missing symbols to versioning script * Use Python3 by default for pylibfdt * New fdt_append_addrrange() function in libfdt - remove dtc-license.patch (upstream) ++++ mdadm: - New patch: 0022-mdcheck-when-mdcheck_start-is-enabled-enable-mdcheck.patch New patch: 0023-mdcheck-use-to-pass-variable-to-mdcheck.patch New patch: 0024-SUSE-mdadm_env.sh-handle-MDADM_CHECK_DURATION.patch Improve systemd units for mdcheck (bsc#1153258) ++++ salt: - Remove virt.pool_delete fast parameter (U#54474) - Added: * remove-virt.pool_delete-fast-parameter-178.patch - Remove unnecessary yield causing BadYieldError (bsc#1154620) - Added: * remove-unnecessary-yield-causing-badyielderror-bsc-1.patch ------------------------------------------------------------------ ------------------ 2019-10-29 - Oct 29 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Add CONN_SOCK_BUF_SIZE to config - Fix bug to close the sync pipe before exit command ++++ growpart: - Clean growpart.spec: * Drop obsolete tags * Use install instead of mkdir+cp+chmod * Fix build on SLE 12 SP4 ++++ kernel-default: - tasks, sched/core: RCUify the assignment of rq->curr (bsc#1155364). - tasks, sched/core: With a grace period after finish_task_switch(), remove unnecessary code (bsc#1155364). - tasks, sched/core: Ensure tasks are available for a grace period after leaving the runqueue (bsc#1155364). - tasks: Add a count of task RCU users (bsc#1155364). - commit 270b1d3 - net: dsa: fix switch tree list (git-fixes). - net: dsa: b53: Do not clear existing mirrored port mask (git-fixes). - net: dsa: rtl8366rb: add missing of_node_put after calling of_get_child_by_name (git-fixes). - net: dsa: qca8k: Use up to 7 ports for all operations (git-fixes). - net: dsa: mv88e6xxx: fix SMI bit checking (git-fixes). - commit 0fcc138 - lib/vdso: Make clock_getres() POSIX compliant again (git-fixes). - commit 88590ee - net: phy: bcm7xxx: define soft_reset for 40nm EPHY (git-fixes). - net: phy: micrel: Discern KSZ8051 and KSZ8795 PHYs (git-fixes). - net: phy: fix write to mii-ctrl1000 register (git-fixes). - commit 904870e - dmaengine: iop-adma.c: fix printk format warning (git-fixes). - commit bb35c8c - ASoC: core: use list_del_init and move it back to soc_cleanup_component (git-fixes). - ASoC: core: delete component->card_list in soc_remove_component only (git-fixes). - commit bb8cb13 - Refresh patches.suse/ASoC-es8328-Fix-copy-paste-error-in-es8328_right_lin.patch Add a cherry-picked commit to ignore, too - commit 758f004 - Linux 5.3.8 (bnc#1151927 5.3.8). - lib/vdso: Make clock_getres() POSIX compliant again (bnc#1151927 5.3.8). - perf/aux: Fix AUX output stopping (bnc#1151927 5.3.8). - CIFS: Fix use after free of file info structures (bnc#1151927 5.3.8). - cifs: Fix missed free operations (bnc#1151927 5.3.8). - CIFS: avoid using MID 0xFFFF (bnc#1151927 5.3.8). - MIPS: tlbex: Fix build_restore_pagemask KScratch restore (bnc#1151927 5.3.8). - binder: Don't modify VMA bounds in ->mmap handler (bnc#1151927 5.3.8). - io_uring: fix bad inflight accounting for SETUP_IOPOLL|SETUP_SQTHREAD (bnc#1151927 5.3.8). - io_uring: used cached copies of sq->dropped and cq->overflow (bnc#1151927 5.3.8). - io_uring: Fix race for sqes with userspace (bnc#1151927 5.3.8). - io_uring: Fix broken links with offloading (bnc#1151927 5.3.8). - io_uring: Fix corrupted user_data (bnc#1151927 5.3.8). - s390/kaslr: add support for R_390_GLOB_DAT relocation type (bnc#1151927 5.3.8). - s390/zcrypt: fix memleak at release (bnc#1151927 5.3.8). - fs/dax: Fix pmd vs pte conflict detection (bnc#1151927 5.3.8). - scsi: core: try to get module before removing device (bnc#1151927 5.3.8). - scsi: ch: Make it possible to open a ch device multiple times again (bnc#1151927 5.3.8). - KVM: PPC: Book3S HV: XIVE: Ensure VP isn't already in use (bnc#1151927 5.3.8). - drm/amdgpu/vce: fix allocation size in enc ring test (bnc#1151927 5.3.8). - drm/amdgpu: user pages array memory leak fix (bnc#1151927 5.3.8). - drm/amdgpu/vcn: fix allocation size in enc ring test (bnc#1151927 5.3.8). - drm/amdgpu/uvd7: fix allocation size in enc ring test (v2) (bnc#1151927 5.3.8). - drm/amdgpu/uvd6: fix allocation size in enc ring test (v2) (bnc#1151927 5.3.8). - mmc: cqhci: Commit descriptors before setting the doorbell (bnc#1151927 5.3.8). - of: reserved_mem: add missing of_node_put() for proper ref-counting (bnc#1151927 5.3.8). - opp: of: drop incorrect lockdep_assert_held() (bnc#1151927 5.3.8). - tracing: Fix race in perf_trace_buf initialization (bnc#1151927 5.3.8). - EDAC/ghes: Fix Use after free in ghes_edac remove path (bnc#1151927 5.3.8). - Btrfs: fix qgroup double free after failure to reserve metadata for delalloc (bnc#1151927 5.3.8). - btrfs: don't needlessly create extent-refs kernel thread (bnc#1151927 5.3.8). - Btrfs: add missing extents release on file extent cluster relocation error (bnc#1151927 5.3.8). - Refresh patches.suse/0001-btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - x86/apic/x2apic: Fix a NULL pointer deref when handling a dying cpu (bnc#1151927 5.3.8). - irqchip/sifive-plic: Switch to fasteoi flow (bnc#1151927 5.3.8). - xen/netback: fix error path of xenvif_connect_data() (bnc#1151927 5.3.8). - ipv4: fix race condition between route lookup and invalidation (bnc#1151927 5.3.8). - ipv4: Return -ENETUNREACH if we can't create route but saddr is valid (bnc#1151927 5.3.8). - net: phy: micrel: Update KSZ87xx PHY name (bnc#1151927 5.3.8). - net: phy: micrel: Discern KSZ8051 and KSZ8795 PHYs (bnc#1151927 5.3.8). - net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow (bnc#1151927 5.3.8). - net: phy: Fix "link partner" information disappear issue (bnc#1151927 5.3.8). - rxrpc: use rcu protection while reading sk->sk_user_data (bnc#1151927 5.3.8). - net: i82596: fix dma_alloc_attr for sni_82596 (bnc#1151927 5.3.8). - sctp: change sctp_prot .no_autobind with true (bnc#1151927 5.3.8). - sched: etf: Fix ordering of packets with same txtime (bnc#1151927 5.3.8). - net: avoid potential infinite loop in tc_ctl_action() (bnc#1151927 5.3.8). - net/sched: fix corrupted L2 header with MPLS 'push' and 'pop' actions (bnc#1151927 5.3.8). - net: avoid errors when trying to pop MLPS header on non-MPLS packets (bnc#1151927 5.3.8). - iwlwifi: pcie: change qu with jf devices to use qu configuration (bnc#1151927 5.3.8). - netdevsim: Fix error handling in nsim_fib_init and nsim_fib_exit (bnc#1151927 5.3.8). - rxrpc: Fix possible NULL pointer access in ICMP handling (bnc#1151927 5.3.8). - mac80211: Reject malformed SSID elements (bnc#1151927 5.3.8). - net_sched: fix backward compatibility for TCA_ACT_KIND (bnc#1151927 5.3.8). - net_sched: fix backward compatibility for TCA_KIND (bnc#1151927 5.3.8). - zram: fix race between backing_dev_show and backing_dev_store (bnc#1151927 5.3.8). - ocfs2: fix panic due to ocfs2_wq is null (bnc#1151927 5.3.8). - hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic() (bnc#1151927 5.3.8). - mm: memblock: do not enforce current limit for memblock_phys* family (bnc#1151927 5.3.8). - mm: memcg: get number of pages on the LRU list in memcgroup base on lru_zone_size (bnc#1151927 5.3.8). - mm: memcg/slab: fix panic in __free_slab() caused by premature memcg pointer release (bnc#1151927 5.3.8). - mm/memunmap: don't access uninitialized memmap in memunmap_pages() (bnc#1151927 5.3.8). - mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo (bnc#1151927 5.3.8). - mm/memory-failure.c: don't access uninitialized memmaps in memory_failure() (bnc#1151927 5.3.8). - fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c (bnc#1151927 5.3.8). - drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store() (bnc#1151927 5.3.8). - nvme-pci: Set the prp2 correctly when using more than 4k page (bnc#1151927 5.3.8). - blk-rq-qos: fix first node deletion of rq_qos_del() (bnc#1151927 5.3.8). - filldir: remove WARN_ON_ONCE() for bad directory entries (bnc#1151927 5.3.8). - ceph: just skip unrecognized info in ceph_reply_info_extra (bnc#1151927 5.3.8). - dm cache: fix bugs when a GFP_NOWAIT allocation fails (bnc#1151927 5.3.8). - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown (bnc#1151927 5.3.8). - arm64: Allow CAVIUM_TX2_ERRATUM_219 to be selected (bnc#1151927 5.3.8). - Update config files. CAVIUM_TX2_ERRATUM_219=y (the default) - arm64: Avoid Cavium TX2 erratum 219 when switching TTBR (bnc#1151927 5.3.8). - arm64: Enable workaround for Cavium TX2 erratum 219 when running SMT (bnc#1151927 5.3.8). - arm64: KVM: Trap VM ops when ARM64_WORKAROUND_CAVIUM_TX2_219_TVM is set (bnc#1151927 5.3.8). - xtensa: fix change_bit in exclusive access option (bnc#1151927 5.3.8). - xtensa: drop EXPORT_SYMBOL for outs*/ins* (bnc#1151927 5.3.8). - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bnc#1151927 5.3.8). - drm/amdgpu/sdma5: fix mask value of POLL_REGMEM packet for pipe sync (bnc#1151927 5.3.8). - drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1 (bnc#1151927 5.3.8). - drm/i915/userptr: Never allow userptr into the mappable GGTT (bnc#1151927 5.3.8). - Input: synaptics-rmi4 - avoid processing unknown IRQs (bnc#1151927 5.3.8). - scsi: zfcp: fix reaction on bit error threshold notification (bnc#1151927 5.3.8). - scsi: core: save/restore command resid for error handling (bnc#1151927 5.3.8). - scsi: sd: Ignore a failure to sync cache due to lack of authorization (bnc#1151927 5.3.8). - parisc: Fix vmap memory leak in ioremap()/iounmap() (bnc#1151927 5.3.8). - mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped more than once (bnc#1151927 5.3.8). - mm/slub: fix a deadlock in show_slab_objects() (bnc#1151927 5.3.8). - uaccess: implement a proper unsafe_copy_to_user() and switch filldir over to it (bnc#1151927 5.3.8). - elf: don't use MAP_FIXED_NOREPLACE for elf executable mappings (bnc#1151927 5.3.8). - ARM: dts: am4372: Set memory bandwidth limit for DISPC (bnc#1151927 5.3.8). - ARM: OMAP2+: Fix warnings with broken omap2_set_init_voltage() (bnc#1151927 5.3.8). - ARM: OMAP2+: Add missing LCDC midlemode for am335x (bnc#1151927 5.3.8). - ARM: OMAP2+: Fix missing reset done flag for am3 and am43 (bnc#1151927 5.3.8). - ARM: dts: Fix gpio0 flags for am335x-icev2 (bnc#1151927 5.3.8). - ARM: dts: Fix wrong clocks for dra7 mcasp (bnc#1151927 5.3.8). - namespace: fix namespace.pl script to support relative paths (bnc#1151927 5.3.8). - scsi: megaraid: disable device when probe failed after enabled device (bnc#1151927 5.3.8). - scsi: ufs: skip shutdown if hba is not powered (bnc#1151927 5.3.8). - Make filldir() verify the directory entry filename is valid (bnc#1151927 5.3.8). - Convert filldir() from __put_user() to unsafe_put_user() (bnc#1151927 5.3.8). - net: phy: fix write to mii-ctrl1000 register (bnc#1151927 5.3.8). - net: phy: allow for reset line to be tied to a sleepy GPIO controller (bnc#1151927 5.3.8). - r8152: Set macpassthru in reset_resume callback (bnc#1151927 5.3.8). - netfilter: nft_connlimit: disable bh on garbage collection (bnc#1151927 5.3.8). - net: ag71xx: fix mdio subnode support (bnc#1151927 5.3.8). - net: stmmac: Do not stop PHY if WoL is enabled (bnc#1151927 5.3.8). - Refresh patches.suse/net-stmmac-Avoid-deadlock-on-suspend-resume.patch. - net: stmmac: Correctly take timestamp for PTPv2 (bnc#1151927 5.3.8). - net: stmmac: dwmac4: Always update the MAC Hash Filter (bnc#1151927 5.3.8). - net: stmmac: xgmac: Not all Unicast addresses may be available (bnc#1151927 5.3.8). - net: dsa: rtl8366rb: add missing of_node_put after calling of_get_child_by_name (bnc#1151927 5.3.8). - mac80211: fix txq null pointer dereference (bnc#1151927 5.3.8). - nl80211: fix null pointer dereference (bnc#1151927 5.3.8). - ieee802154: ca8210: prevent memory leak (bnc#1151927 5.3.8). - net: dsa: qca8k: Use up to 7 ports for all operations (bnc#1151927 5.3.8). - s390/mm: fix -Wunused-but-set-variable warnings (bnc#1151927 5.3.8). - mips: Loongson: Fix the link time qualifier of 'serial_exit()' (bnc#1151927 5.3.8). - MIPS: dts: ar9331: fix interrupt-controller size (bnc#1151927 5.3.8). - riscv: Fix memblock reservation for device tree blob (bnc#1151927 5.3.8). - RISC-V: Clear load reservations while restoring hart contexts (bnc#1151927 5.3.8). - selftests: kvm: Fix libkvm build error (bnc#1151927 5.3.8). - xen/efi: Set nonblocking callbacks (bnc#1151927 5.3.8). - drm/komeda: prevent memory leak in komeda_wb_connector_add (bnc#1151927 5.3.8). - drm: Clear the fence pointer when writeback job signaled (bnc#1151927 5.3.8). - drm: Free the writeback_job when it with an empty fb (bnc#1151927 5.3.8). - drm/amd/display: memory leak (bnc#1151927 5.3.8). - drm/amdgpu: fix multiple memory leaks in acp_hw_init (bnc#1151927 5.3.8). - loop: change queue block size to match when using DIO (bnc#1151927 5.3.8). - nvme-rdma: fix possible use-after-free in connect timeout (bnc#1151927 5.3.8). - nvme: allow 64-bit results in passthru commands (bnc#1151927 5.3.8). - nvme: Add quirk for Kingston NVME SSD running FW E8FK11.T (bnc#1151927 5.3.8). - Added QUIRKs for ADATA XPG SX8200 Pro 512GB (bnc#1151927 5.3.8). - nvme-rdma: Fix max_hw_sectors calculation (bnc#1151927 5.3.8). - nvme: fix an error code in nvme_init_subsystem() (bnc#1151927 5.3.8). - nvme-pci: Save PCI state before putting drive into deepest state (bnc#1151927 5.3.8). - nvme-tcp: fix wrong stop condition in io_work (bnc#1151927 5.3.8). - nvme-pci: Fix a race in controller removal (bnc#1151927 5.3.8). - blk-mq: honor IO scheduler for multiqueue devices (bnc#1151927 5.3.8). - LSM: SafeSetID: Stop releasing uninitialized ruleset (bnc#1151927 5.3.8). - commit 22f2089 - blacklist.conf: Add an already cherry-picked i915 entry - commit 43dfee5 - Update patches.suse/0001-btrfs-block-group-Fix-a-memory-leak-due-to-missing-b.patch (bsc#1155178 bnc#1151927 5.3.8). - Update patches.suse/0001-btrfs-tracepoints-Fix-bad-entry-members-of-qgroup-ev.patch (bsc#1155186 bnc#1151927 5.3.8). - Update patches.suse/0001-btrfs-tracepoints-Fix-wrong-parameter-order-for-qgro.patch (bsc#1155184 bnc#1151927 5.3.8). - Update patches.suse/ACPI-CPPC-Set-pcc_data-pcc_ss_id-to-NULL-in-acpi_cpp.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/ACPI-NFIT-Fix-unlock-on-error-in-scrub_show.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/ALSA-hda-Force-runtime-PM-on-Nvidia-HDMI-codecs.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/ALSA-hda-realtek-Add-support-for-ALC711.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/ALSA-hda-realtek-Enable-headset-mic-on-Asus-MJ401TA.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/ALSA-usb-audio-Disable-quirks-for-BOSS-Katana-amplif.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/ASoC-rsnd-Reinitialize-bit-clock-inversion-flag-for-.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/Btrfs-check-for-the-full-sync-flag-while-holding-the.patch (bsc#1153713 bnc#1151927 5.3.8). - Update patches.suse/Input-da9063-fix-capability-and-drop-KEY_SLEEP.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/Input-st1232-fix-reporting-multitouch-coordinates.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/PCI-PM-Fix-pci_power_up.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/RDMA-cxgb4-Do-not-dma-memory-off-of-the-stack.patch (jsc#SLE-8392 bnc#1151927 5.3.8). - Update patches.suse/Revert-Input-elantech-enable-SMBus-on-new-2018-syste.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/Revert-drm-radeon-Fix-EEH-during-kexec.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/USB-ldusb-fix-memleak-on-disconnect.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/USB-ldusb-fix-read-info-leaks.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/USB-legousbtower-fix-memleak-on-disconnect.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/USB-serial-ti_usb_3410_5052-fix-port-close-races.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/USB-usblp-fix-use-after-free-on-disconnect.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/cfg80211-wext-avoid-copying-malformed-SSIDs.patch (bsc#1153158 CVE-2019-17133 bnc#1151927 5.3.8). - Update patches.suse/clk-ti-dra7-Fix-mcasp8-clock-bits.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/drm-i915-Favor-last-VBT-child-device-with-conflictin.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/drm-panfrost-Handle-resetting-on-timeout-better.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/drm-ttm-Restore-ttm-prefaulting.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/lib-textsearch-fix-escapes-in-example-code.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/libata-ahci-Fix-PCS-quirk-application.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/md-raid0-fix-warning-message-for-parameter-default_l.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/memstick-jmb38x_ms-Fix-an-error-handling-path-in-jmb.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/mm-compaction-fix-wrong-pfn-handling-in-_reset_isolation_pfn.patch (git-fixes (mm/compaction) bnc#1151927 5.3.8). - Update patches.suse/mmc-mxs-fix-flags-passed-to-dmaengine_prep_slave_sg.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/mmc-sdhci-omap-Fix-Tuning-procedure-for-temperatures.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/msft-hv-1955-x86-hyperv-Make-vapic-support-x2apic-mode.patch (fate#323887 bnc#1151927 5.3.8). - Update patches.suse/net-aquantia-correctly-handle-macvlan-and-multicast-.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-aquantia-do-not-pass-lro-session-with-invalid-tc.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-aquantia-temperature-retrieval-fix.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-aquantia-when-cleaning-hw-cache-it-should-be-tog.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-bcmgenet-Fix-RGMII_MODE_EN-value-for-GENET-v1-2-.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-bcmgenet-Set-phydev-dev_flags-only-for-internal-.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-ethernet-broadcom-have-drivers-select-DIMLIB-as-.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-hisilicon-Fix-usage-of-uninitialized-variable-in.patch (bsc#1154353 bnc#1151927 5.3.8). - Update patches.suse/net-ibmvnic-Fix-EOI-when-running-in-XIVE-mode.patch (bsc#1089644, ltc#166495, ltc#165544, git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-ipv6-fix-listify-ip6_rcv_finish-in-case-of-forwa.patch (bsc#1154353 bnc#1151927 5.3.8). - Update patches.suse/net-mscc-ocelot-add-missing-of_node_put-after-callin.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/net-stmmac-Avoid-deadlock-on-suspend-resume.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/pinctrl-armada-37xx-fix-control-of-pins-32-and-up.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/pinctrl-armada-37xx-swap-polarity-on-LED-group.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/pinctrl-cherryview-restore-Strago-DMI-workaround-for.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/scsi-qla2xxx-Fix-N2N-link-reset.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.8). - Update patches.suse/scsi-qla2xxx-Fix-N2N-link-up-fail.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.8). - Update patches.suse/scsi-qla2xxx-Fix-stale-mem-access-on-driver-unload.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.8). - Update patches.suse/scsi-qla2xxx-Fix-unbound-sleep-in-fcport-delete-path.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.8). - Update patches.suse/scsi-qla2xxx-Silence-fwdump-template-message.patch (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bnc#1151927 5.3.8). - Update patches.suse/staging-wlan-ng-fix-exit-return-when-sme-key_idx-NUM.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/usb-udc-lpc32xx-fix-bad-bit-shift-operation.patch (git-fixes bnc#1151927 5.3.8). - Update patches.suse/x86-boot-64-Make-level2_kernel_pgt-pages-invalid-out.patch (bnc#1153969 bnc#1151927 5.3.8). - commit dd1ea62 - x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969). - x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969). - commit ec4e0e8 - series.conf: refresh Update upstream references: patches.suse/scsi-lpfc-remove-left-over-BUILD_NVME-defines.patch - commit b3990ad ++++ harfbuzz: - update to 2.6.3: + Misc small fixes, mostly to build-related issues + New API: hb_font_get_nominal_glyphs() ++++ systemd: - Import commit 5df9000899ef7d45ddbcacd0fdf73afa07a40f6b f0ed7237e4 udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256) b37054aa5a compat-rules: escape '$' when used for shell expansion Changes from the v243-stable: ef677436aa test: Pass personality test even when i686 userland runs on x86_64 kernel 3f6398c450 docs: fix inadvertent change in uid range 25bb377a73 cgroup: fix typo in BPF firewall support warning message 6d97aca0d5 fix build with compilers with default stack-protector enabled fbad077cec nspawn: surrender controlling terminal to PID2 when using the PID1 stub 0553c3c668 pid1: fix DefaultTasksMax initialization f406a691a7 src/core/automount: use DirectoryMode when calling mkdir -p 20438f96c3 udevadm trigger: do not propagate EACCES and ENODEV 6480630bc3 hwdb: Correct WWWW Pattern In Documentation Comment 9d8e889810 nspawn: consistenly fail if parsing the environment fails 40e169b304 nspawn: default to unified hierarchy if --as-pid2 is used b5df1037a0 cgroup: Mark memory protections as explicitly set in transient units f14e3e02cc cgroup: Respect DefaultMemoryMin when setting memory.min ea248e53bf cgroup: Check ancestor memory min for unified memory config de1d25a506 cgroup: docs: memory.high doc fixups 2ab45f38d8 cgroup: docs: Mention unbounded protection for memory.{low,min} 19a43dc38a Consider smb3 as remote filesystem 5c0224c7bf Handle d_type == DT_UNKNOWN correctly 8282bc61df util-lib: Don't propagate EACCES from find_binary PATH lookup to caller 9d0ae987a6 network: drop noisy log message f67f0e4ec4 Updated log message when the timesync happens for the first time (#13624) e151bf4674 units: make systemd-binfmt.service easier to work with no autofs 2b8e574d82 Corect man page reference in systemd-nologin.conf comments a0577353f1 man: Add a missing space in machinectl(1) 693e983988 log: Add missing "%" in "%m" log format strings ea7151b8c4 pid1: do not warn if /run/systemd/relabel-extra.d/ doesn't exist b90549290e man: fix typo ++++ zlib: - Update the zlib-no-version-check.patch to be even more forgiving with the versions on the zlib to allow updates without rebuilds ++++ libzypp: - Expose new libsolv API via C++ counterparts (openSUSE/zypper#214) - BuildRequires: libsolv-devel >= 0.7.7 - version 17.16.0 (12) ++++ salt: - Prevent 'Already reading' continuous exception message (bsc#1137642) - Added: * prevent-already-reading-continuous-exception-message.patch ++++ yast2: - fix showing release notes for online upgrade (bsc#1155134) - 4.2.30 ------------------------------------------------------------------ ------------------ 2019-10-28 - Oct 28 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix grub2.sleep to load old kernel after hibernation (boo#1154783) ++++ kernel-default: - HID: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (git-fixes). - HID: logitech-hidpp: rework device validation (git-fixes). - HID: logitech-hidpp: split g920_get_config() (git-fixes). - HID: fix error message in hid_open_report() (git-fixes). - virtio_ring: fix stalls for packed rings (git-fixes). - commit 211812f - Refresh patches.suse/Btrfs-check-for-the-full-sync-flag-while-holding-the.patch. - commit bee8076 - 8250-men-mcb: fix error checking when get_num_ports returns - ENODEV (git-fixes). - drm/komeda: Fix typos in komeda_splitter_validate (git-fixes). - ACPI: NFIT: Fix unlock on error in scrub_show() (git-fixes). - vfio/spapr_tce: Fix incorrect tce_iommu_group memory free (git-fixes). - commit 707ac5a - drm/amdgpu: Add DC feature mask to disable fractional pwm (bsc#1154010). - commit 619cd14 - scsi: qla2xxx: fix a potential NULL pointer dereference (bsc#1150457 CVE-2019-16233). - commit 0c213e5 - Refresh series.conf Move patches.suse/scsi-lpfc-remove-left-over-BUILD_NVME-defines.patch - commit c0faefe - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186). - commit 442159a - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184). - commit 941375b - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179). - commit 6d16367 - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178). - commit c8620c7 - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (git-fixes). - USB: ldusb: fix read info leaks (git-fixes). - USB: serial: ti_usb_3410_5052: fix port-close races (git-fixes). - USB: usblp: fix use-after-free on disconnect (git-fixes). - usb: udc: lpc32xx: fix bad bit shift operation (git-fixes). - USB: legousbtower: fix a signedness bug in tower_probe() (git-fixes). - USB: legousbtower: fix memleak on disconnect (git-fixes). - USB: ldusb: fix memleak on disconnect (git-fixes). - i2c: stm32f7: remove warning when compiling with W=1 (git-fixes). - i2c: stm32f7: fix a race in slave mode with arbitration loss irq (git-fixes). - i2c: stm32f7: fix first byte to send in slave mode (git-fixes). - i2c: mt65xx: fix NULL ptr dereference (git-fixes). - i2c: aspeed: fix master pending state handling (git-fixes). - Input: st1232 - fix reporting multitouch coordinates (git-fixes). - mmc: mxs: fix flags passed to dmaengine_prep_slave_sg (git-fixes). - mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C (git-fixes). - regulator: da9062: fix suspend_enable/disable preparation (git-fixes). - regulator: of: fix suspend-min/max-voltage parsing (git-fixes). - commit 8eae40b - efi: Export Runtime Configuration Interface table to sysfs (jsc#SLE-7702). - Update config files. - commit da35ab6 - efi: x86: move efi_is_table_address() into arch/x86 (jsc#SLE-7702). - commit 7c42f38 ++++ libeconf: - Update to version 0.3.3+git20191028.3ac14ce: * Release version 0.3.3 * Reset *key_file to NULL after free ++++ permissions: - fix /usr/sbin/pinger ownership to root:squid (bsc#1093414, CVE-2019-3688, 0008-squid-pinger-owner-fix-CVE-2019-3688.patch) - fix privilege escalation through untrusted symlinks (bsc#1150734, CVE-2019-3690, 0007-chkstat-fix-privesc-CVE-2019-3690.patch) ++++ u-boot-rpiarm64: - Constrain multibuild expansion in linked/branched/copied packages. ------------------------------------------------------------------ ------------------ 2019-10-26 - Oct 26 2019 ------------------- ------------------------------------------------------------------ ++++ dtc: - Enable YAML output format ++++ qemu: - Address potential corruption when using qcow2 images coroutine-Add-qemu_co_mutex_assert_locke.patch qcow2-Fix-corruption-bug-in-qcow2_detect.patch - Include more tweaks to our packaging workflow scripts - this will continue as we refine the scripts - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ++++ u-boot-rpiarm64: - Add RK3399 based Rock Pi4 board http://rockpi.org - Build TPL for RK3399 platforms where it is supported ------------------------------------------------------------------ ------------------ 2019-10-25 - Oct 25 2019 ------------------- ------------------------------------------------------------------ ++++ growpart: - Replaced hardcoded systemd paths with macros in spec file ++++ irqbalance: - In HyperV VMs all NVME MSI interrupts are set to unmanaged to compensate the lack of matrix.c in pre-v4.20 kernels. Irqbalanced is supposed to spread the load. (bsc#1119461, bsc#1154905, bsc#1138190) Performance can be improved further with --hintpolicy=subset - add 0001-Revert-remove-affinity_hint-infrastructure.patch - add set-numa-node.patch - add 0001-Revert-Types-clean-out-unused-variables-from-irq_inf.patch ++++ kernel-default: - x86/mm: Avoid redundant interrupt disable in load_mm_cr4() (bsc#1154772). - commit a9a3f29 - ima: Fix use after free in ima_read_modsig() (jsc#SLE-9870). - ima: Store the measurement again when appraising a modsig (jsc#SLE-9870). - ima: Define ima-modsig template (jsc#SLE-9870). - ima: Collect modsig (jsc#SLE-9870). - ima: Implement support for module-style appended signatures (jsc#SLE-9870). - ima: Factor xattr_verify() out of ima_appraise_measurement() (jsc#SLE-9870). - commit 947fbd9 - ima: Add modsig appraise_type option for module-style appended signatures (jsc#SLE-9870). - Update config files. - commit 4fa2098 - integrity: Select CONFIG_KEYS instead of depending on it (jsc#SLE-9870). - PKCS#7: Introduce pkcs7_get_digest() (jsc#SLE-9870). - PKCS#7: Refactor verify_pkcs7_signature() (jsc#SLE-9870). - commit 610313d - config: refresh ARM configs - FB_TFT_FBTFT_DEVICE dropped - commit d1fe9dc ++++ kernel-default-base: - Add efivarfs required by mokutil (bsc#1154858). ++++ Mesa: - Update to version 19.2.2 * assortment of fixes in this release, notably a bunch of work to get Solaris and illumos working with mesa, as well as more work fixing issues in the migration of package-config and headers being handled by libglvnd instead of mesa when mesa is built with support for glvnd. There's bunch of other changes here, with radv and intel leading the pack, otherwise just a few things here and there. - n_add-Mesa-headers-again.patch * add Mesa headers again despite of building it against libglvnd; those headers turned out not to be usable; in addition packaging headers with libglvnd make dependancies problematic ... ++++ libglvnd: - 0001-include-install-GL-headers-when-GL-is-enabled.patch * A typo made it depend on EGL instead. - 0002-Add-a-configure-option-to-disable-glesv1-or-glesv2.patch * Because mesa can be built without glesv1 so it breaks autodetection. Fixes: https://bugs.archlinux.org/task/64032 ('mesa-demos doesn't build, unable to find GLES/gl.h') - 0003-egl-Sync-with-Khronos.patch * Reserve enums 0x34A0..0x34AF for ANGLE project. (#93) Closes: https://gitlab.freedesktop.org/glvnd/libglvnd/issues/193 ++++ pango: - Update to version 1.44.7: + Fix tests without libthai. + Small speedup to Emoji iteration. + Bring back PangoFontsetSimple (pygtk bind it). ++++ salt: - Fix for aptpkg test with older mock modules - Added: * fix-for-older-mock-module.patch - Remove wrong tests for core grain and improve debug logging - Use rich RPM deps to get a compatible version of tornado into the buildroot. - Added: * fix-a-wrong-rebase-in-test_core.py-180.patch ++++ yast2: - Support for products on control file during upgrade (jsc#SLE-7214) - 4.2.29 ------------------------------------------------------------------ ------------------ 2019-10-24 - Oct 24 2019 ------------------- ------------------------------------------------------------------ ++++ growpart: - Reference entry for maintenance Tracker bug for the submission set to: bsc#1154357 ++++ kernel-default: - Delete patches.suse/btrfs-use-spinlock-to-protect--caching_block_groups-list.patch. Qgroup rescan now uses the commit root and skips locking, so the deadlock this patch was intended to fix no longer exists. - commit dc168d3 - Update cdrom autoclose to v4. - cdrom: export autoclose logic as a separate function (bsc#1048585). - scsi: blacklist: add VMware ESXi cdrom - broken tray emulation (bsc#1048585 bsc#1080813). - Refresh patches.suse/cdrom-factor-out-common-open_for_-code.patch. - Refresh patches.suse/cdrom-wait-for-the-tray-to-close.patch. - Refresh patches.suse/scsi-sr-wait-for-the-medium-to-become-ready.patch. - Delete patches.suse/cdrom-separate-autoclose-into-an-IOCTL.patch. - Delete patches.suse/docs-cdrom-Add-autoclose-IOCTL.patch. - Delete patches.suse/scsi-sr-workaround-VMware-ESXi-cdrom-emulation-bug.patch. - commit 9bf0726 - procfs: update and re-enable patch for /proc/sys/fs/procfs-drop-fd-dentries Refresh patches.suse/procfs-add-tunable-for-fd-fdinfo-dentry-retention.patch. - commit 3f88bb6 - Delete patches.suse/revert-btrfs-qgroup-move-half-of-the-qgroup-accounting-time-out-of-commit-trans.patch. It was replaced by setting the flag to skip locking while traversing the commit root. - commit 304f8d0 - reiserfs: fix extended attributes on the root directory (bsc#1151225). - commit 90c4321 - reiserfs: re-enable reiserfs patches Refresh patches.suse/reiserfs-mark-read-write-mode-unsupported.patch. - commit ac1361a - ACPI: acpi_pad: Do not launch acpi_pad threads on idle cpus (bsc#1113399). - commit 1724b68 - drm/i915/execlists: Always clear pending&inflight requests on reset (bsc#1152489) - commit 21a0694 - ALSA: hda: Add Tigerlake/Jasperlake PCI ID (git-fixes). - ALSA: usb-audio: Fix copy&paste error in the validator (git-fixes). - ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting (git-fixes). - ASoC: simple_card_utils.h: Fix potential multiple redefinition error (git-fixes). - ASoc: rockchip: i2s: Fix RPM imbalance (git-fixes). - ASoC: topology: Fix a signedness bug in soc_tplg_dapm_widget_create() (git-fixes). - ALSA: hda/realtek - Add support for ALC711 (git-fixes). - commit 4dad920 - Add CVE reference to FIB security fix patch (CVE-2019-18198, bsc#1154617). - commit 2b47bbd - net: usb: lan78xx: Connect PHY before registering MAC (git-fixes). - net: ethernet: broadcom: have drivers select DIMLIB as needed (git-fixes). - net: mscc: ocelot: add missing of_node_put after calling of_get_child_by_name (git-fixes). - net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() (git-fixes). - net: nixge: Fix a signedness bug in nixge_probe() (git-fixes). - net: axienet: fix a signedness bug in probe (git-fixes). - net: socionext: Fix a signedness bug in ave_probe() (git-fixes). - net: netsec: Fix signedness bug in netsec_probe() (git-fixes). - net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe() (git-fixes). - commit 242e8f9 - net: bcmgenet: reset 40nm EPHY on energy detect (git-fixes). - net: bcmgenet: soft reset 40nm EPHYs before MAC init (git-fixes). - net: bcmgenet: don't set phydev->link from MAC (git-fixes). - net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 (git-fixes). - net: bcmgenet: Set phydev->dev_flags only for internal PHYs (git-fixes). - md/raid0: fix warning message for parameter default_layout (git-fixes). - commit 87f7ca5 - net: aquantia: correctly handle macvlan and multicast coexistence (git-fixes). - net: aquantia: do not pass lro session with invalid tcp checksum (git-fixes). - net: aquantia: when cleaning hw cache it should be toggled (git-fixes). - net: aquantia: temperature retrieval fix (git-fixes). - net: aquantia: Fix aq_vec_isr_legacy() return value (git-fixes). - commit f106659 - bus: ti-sysc: Remove unpaired sysc_clkdm_deny_idle() (git-fixes). - commit 6fbfebc - ASoC: sun4i: Revert A83t description (git-fixes). - ASoC: sunxi: Revert initial A83t support (git-fixes). - ASoC: sun4i-i2s: Add support for DSP formats (git-fixes). - ASoC: sun4i-i2s: Replace call to params_width by local variable (git-fixes). - ASoC: sun4i-i2s: Use the actual format width instead of an hardcoded one (git-fixes). - ASoC: sun4i-i2s: Use the physical / slot width for the clocks (git-fixes). - ASoC: sun4i-i2s: Add support for TDM slots (git-fixes). - ASoC: sun4i-i2s: Support more channels (git-fixes). - ASoC: sun4i-i2s: Pass the channels number as an argument (git-fixes). - ASoC: sun4i-i2s: Remove duplicated quirks structure (git-fixes). - ASoC: sun4i-i2s: Register regmap and PCM before our component (git-fixes). - commit 0c68de2 - ASoC: sun4i-i2s: Rework MCLK divider calculation (git-fixes). - Refresh patches.suse/ASoC-sun4i-i2s-Fix-the-MCLK-and-BCLK-dividers-on-new.patch. - commit 65ed49e - ASoC: sun4i-i2s: Fix the LRCK period on A83t (git-fixes). - ASoC: sun4i-i2s: Fix MCLK Enable bit offset on A83t (git-fixes). - ASoC: sun4i-i2s: Fix WSS and SR fields for the A83t (git-fixes). - ASoC: sun4i-i2s: Fix the LRCK polarity (git-fixes). - ASoC: sun4i-i2s: Fix LRCK and BCLK polarity offsets on newer SoCs (git-fixes). - ASoC: sun4i-i2s: RX and TX counter registers are swapped (git-fixes). - ASoC: sun4i-i2s: Fix the MCLK and BCLK dividers on newer SoCs (git-fixes). - ASoC: sun4i-i2s: Use module clock as BCLK parent on newer SoCs (git-fixes). - ASoC: sun4i-i2s: Move the format configuration to a callback (git-fixes). - ASoC: sun4i-i2s: Move the channel configuration to a callback (git-fixes). - commit fd35f56 - ASoC: imx-audmix: register the card on a proper dev (git-fixes). - ASoC: wm8988: fix typo in wm8988_right_line_controls (git-fixes). - ASoC: sunxi: fix a sound binding broken reference (git-fixes). - ASoC: ams-delta: Take control over audio mute GPIO pins (git-fixes). - ASoC: Intel: Baytrail: Fix implicit fallthrough warning (git-fixes). - ASoC: meson: g12a-tohdmitx: require regmap mmio (git-fixes). - ASoC: meson: axg-tdm-formatter: free reset on device removal (git-fixes). - ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls (git-fixes). - ASoC: es8328: Fix copy-paste error in es8328_right_line_controls (git-fixes). - commit d53947e - blacklist.conf: Add path entries for unsupported architectures - commit cf0a6f3 - scripts: setlocalversion: fix a bashism (git-fixes). - xsk: Fix crash in poll when device does not support ndo_xsk_wakeup (git-fixes). - NTB: fix IDT Kconfig typos/spellos (git-fixes). - tools/power/x86/intel-speed-select: Fix a read overflow in isst_set_tdp_level_msr() (git-fixes). - commit 9b4c74d - media: MAINTAINERS: hantro: Fix typo in a filepath (git-fixes). - commit cd10c19 - bonding: fix potential NULL deref in bond_update_slave_arr (git-fixes). - llc: fix sk_buff refcounting in llc_conn_state_process() (git-fixes). - llc: fix another potential sk_buff leak in llc_ui_sendmsg() (git-fixes). - llc: fix sk_buff leak in llc_conn_service() (git-fixes). - llc: fix sk_buff leak in llc_sap_state_process() (git-fixes). - staging/fbtft: Remove fbtft_device (git-fixes). - enetc: Fix a signedness bug in enetc_of_get_phy() (git-fixes). - enetc: Clean up local mdio bus allocation (git-fixes). - ACPI / property: Fix acpi_graph_get_remote_endpoint() name in kerneldoc (git-fixes). - clocksource/drivers/npcm: Fix GENMASK and timer operation (git-fixes). - commit b262b78 - clk: ti: dra7: Fix mcasp8 clock bits (git-fixes). - bus: ti-sysc: Fix handling of invalid clocks (git-fixes). - bus: ti-sysc: Fix clock handling for no-idle quirks (git-fixes). - checkpatch.pl: warn on invalid commit id (git-fixes). - clk: at91: fix update bit maps on CFG_MOR write (git-fixes). - clk: actions: Fix factor clk struct member access (git-fixes). - clk: Evict unregistered clks from parent caches (git-fixes). - clk: fix devm_platform_ioremap_resource.cocci warnings (git-fixes). - clk: sunxi-ng: v3s: add the missing PLL_DDR1 (git-fixes). - clk: imx: imx8mm: fix pll mux bit (git-fixes). - clk: imx8mm: Fix incorrect parents (git-fixes). - clk: imx8mq: Fix sys3 pll references (git-fixes). - clk: imx8mm: GPT1 clock mux option #5 should be sys_pll1_80m (git-fixes). - clk: imx8mm: Fix typo of pwm3 clock's mux option #4 (git-fixes). - clk: qcom: fix QCS404 TuringCC regmap (git-fixes). - clk: meson: g12a: fix hifi typo in mali parent_names (git-fixes). - commit 989e4b0 - supported.conf: drop gpio-tegra186 module It is built into vmlinux now, not a module. - commit cc0ff86 ------------------------------------------------------------------ ------------------ 2019-10-23 - Oct 23 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Fix udev rules issue (bsc#1154655) + bug-1154655_udev-remove-unsupported-OPTIONS-event_timeout-rule.patch ++++ kernel-default: - mmc: sdhci-pci: Add another Id for Intel CML (jsc#SLE-7946). - commit 06e352d - drm/i915/cml: Add Missing PCI IDs (jsc#SLE-7930, jsc#SLE-7953). - commit 9b2cd64 - scsi: sr: wait for the medium to become ready (bsc#1048585). - scsi: sr: workaround VMware ESXi cdrom emulation bug (bsc#1048585 bsc#1080813). - bdev: add open_finish (bsc#1048585). - docs: cdrom: Add autoclose IOCTL (bsc#1048585). - cdrom: separate autoclose into an IOCTL (bsc#1048585). - cdrom: wait for the tray to close (bsc#1048585). - cdrom: factor out common open_for_* code (bsc#1048585). - cdrom: add poll_event_interruptible (bsc#1048585). - commit 79a9241 - arm64: config: statically link gpio-tegra186 Driver doesn't load automatically. gpio-tegra already set to same. - commit 8ae3edf - cpufreq: tegra186: add CPUFREQ_NEED_INITIAL_FREQ_CHECK flag (bsc#1154776). - commit e492e69 - Remove old cdrom autoclose patches. - Refresh patches.suse/cdrom-turn-off-autoclose-by-default.patch. - Delete patches.suse/cdrom-factor-out-common-open_for_-code.patch. - Delete patches.suse/cdrom-wait-for-tray-to-close.patch. - Delete patches.suse/delay-add-poll_event_interruptible.patch. - Delete patches.suse/scsi-sr-wait-for-the-medium-to-become-ready.patch. - Delete patches.suse/scsi-sr-workaround-VMware-ESXi-cdrom-emulation-bug.patch. - commit 355491c - drm/i915: Don't mix srcu tag and negative error codes (bsc#1152489) - commit 3b706cc - drm/i915/execlists: Process interrupted context on reset (bsc#1152489) - commit 6dbca2a - fs/libfs.c: fix kernel-doc warning (git-fixes). - fs/direct-io.c: fix kernel-doc warning (git-fixes). - Documentation/infiniband: update name of some functions (git-fixes). - docs: kbuild: remove cc-ldoption from document again (git-fixes). - docs: kbuild: fix invalid ReST syntax (git-fixes). - dmaengine: dw: platform: Switch to acpi_dma_controller_register() (git-fixes). - Documentation: virt: Fix broken reference to virt tree's index (git-fixes). - docs: packing: move it to core-api book and adjust markups (git-fixes). - docs: ipmb: place it at driver-api and convert to ReST (git-fixes). - docs: cgroup-v1/blkio-controller.rst: remove a CFQ left over (git-fixes). - hwmon: (shtc1) fix shtc1 and shtw1 id mask (git-fixes). - hwmon: (lm75) Fix write operations for negative temperatures (git-fixes). - commit cf25ad9 - tun: remove possible false sharing in tun_flow_update() (git-fixes). - vhost/test: stop device before reset (git-fixes). - xarray.h: fix kernel-doc warning (git-fixes). - USB: usb-skeleton: fix use-after-free after driver unbind (git-fixes). - usbip: vhci_hcd indicate failed message (git-fixes). - watchdog: jz4740: Fix unused variable warning in jz4740_wdt_probe (git-fixes). - wcn36xx: use dynamic allocation for large variables (git-fixes). - mic: avoid statically declaring a 'struct device' (git-fixes). - commit 03e4263 - tty: n_hdlc: fix build on SPARC (git-fixes). - tty: serial: rda: Fix the link time qualifier of 'rda_uart_exit()' (git-fixes). - tty: serial: owl: Fix the link time qualifier of 'owl_uart_exit()' (git-fixes). - tty: max310x: fix off-by-one buffer access when storing overrun (git-fixes). - tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs (git-fixes). - commit 79097ee - serial: fix kernel-doc warning in comments (git-fixes). - serial: stm32: Use __maybe_unused instead of #if CONFIG_PM_SLEEP (git-fixes). - soc: amlogic: meson-gx-socinfo: Add of_node_put() before return (git-fixes). - soc: renesas: rcar-sysc: Add goto to of_node_put() before return (git-fixes). - spi: bcm-qspi: Fix BSPI QUAD and DUAL mode support when using flex mode (git-fixes). - commit 6cf7966 - pinctrl: berlin: as370: fix a typo s/spififib/spdifib (git-fixes). - pinctrl: cherryview: restore Strago DMI workaround for all versions (git-fixes). - pinctrl: intel: Allocate IRQ chip dynamic (git-fixes). - pinctrl: armada-37xx: swap polarity on LED group (git-fixes). - pinctrl: stmfx: fix null pointer on remove (git-fixes). - pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable() (git-fixes). - pinctrl: armada-37xx: fix control of pins 32 and up (git-fixes). - commit 9b31ee5 - iio: imu: st_lsm6dsx: fix waitime for st_lsm6dsx i2c controller (git-fixes). - iio: adc: meson_saradc: Fix memory allocation order (git-fixes). - kbuild: correct formatting of header in kbuild module docs (git-fixes). - lib: textsearch: fix escapes in example code (git-fixes). - lib: dimlib: fix help text typos (git-fixes). - mtd: spi-nor: fix a memory leak bug (git-fixes). - mtd: spi-nor: Fix an error code in spi_nor_read_raw() (git-fixes). - mtd: spi-nor: Fix Cadence QSPI RCU Schedule Stall (git-fixes). - mtd: rawnand: brcmnand: Fix ecc chunk calculation for erased page bitfips (git-fixes). - mtd: rawnand: ingenic: fix devm_platform_ioremap_resource.cocci warnings (git-fixes). - Revert "mwifiex: fix system hang problem after resume" (git-fixes). - iio: dac: ad5380: fix incorrect assignment to val (git-fixes). - iio: tsl2772: Use devm_add_action_or_reset for tsl2772_chip_off (git-fixes). - media: MAINTAINERS: Remove zoran driver (git-fixes). - gpio/aspeed: Fix incorrect number of banks (git-fixes). - gpio: ftgpio: Fix an error handling path in 'ftgpio_gpio_probe()' (git-fixes). - gpio: Move gpiochip_lock/unlock_as_irq to gpio/driver.h (git-fixes). - commit e950311 - drm/panfrost: Handle resetting on timeout better (git-fixes). - drm/ttm: Restore ttm prefaulting (git-fixes). - drm/msm/dsi: Implement reset correctly (git-fixes). - Revert "drm/radeon: Fix EEH during kexec" (git-fixes). - drm/i915: Favor last VBT child device with conflicting AUX ch/DDC pin (git-fixes). - drm/i915/cml: Add second PCH ID for CMP (git-fixes). - drm/i915: Extend Haswell GT1 PSMI workaround to all (git-fixes). - commit 28cf2c7 - Update patches.suse/x86-cpu-add-comet-lake-to-the-intel-cpu-models-header.patch (jsc#SLE-7935). - commit a71e408 - config: refresh - commit 3d308bb - series.conf: cleanup Move two submitted wireless patches to "on the way to mainline" section. No effect on expanded tree. - commit 4d1b347 ++++ kernel-firmware: - Update to version 20191023 (git commit: ad7a8b22b1d0): upgrade for SLE15-SP2 / Leap 15.2 (jsc#SLE-8379,bsc#1155307) * Mellanox: Add new mlxsw_spectrum2 firmware 29.2000.2308 * Mellanox: Add new mlxsw_spectrum firmware 13.2000.2308 * rtl_nic: add firmware files for RTL8153 * rtl_bt: Update configuration file for BT part of RTL8822CU * bnx2x: Add FW 7.13.15.0. * linux-firmware: Update AMD cpu microcode * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * amdgpu: add initial navi14 firmware form 19.30 * rtlwifi: rtl8821ae: Add firmware for the RTL8812AE variant. * ice: Fix up WHENCE entry and symlink * nvidia: Update Tegra210 XUSB firmware to v50.24 * nvidia: Add XUSB firmware for Tegra194 * Remove duplicate symlinks * copy-firmware: Create symlinks from WHENCE file * Make symlinks consistent * amdgpu: update vega20 ucode for 19.30 * amdgpu: update vega12 ucode for 19.30 * amdgpu: update vega10 ucode for 19.30 * amdgpu: update picasso ucode for 19.30 * amdgpu: update raven2 ucode for 19.30 * amdgpu: update raven ucode for 19.30 * amdgpu: add new raven rlc firmware * ice: Add package file for Intel E800 series driver * amdgpu: add initial navi10 firmware * drm/i915/firmware: Add v9.0.0 of HuC for Icelake * drm/i915/firmware: Add v4.0.0 of HuC for Cometlake * drm/i915/firmware: Add v4.0.0 of HuC for Geminilake * drm/i915/firmware: Add v2.0.0 of HuC for Broxton * drm/i915/firmware: Add v4.0.0 of HuC for Kabylake * drm/i915/firmware: Add v2.0.0 of HuC for Skylake * drm/i915/firmware: Add v33 of GuC for CML * drm/i915/firmware: Add v2.04 of DMC for TGL * drm/i915/firmware: Add v1.09 of DMC for ICL * qcom: add firmware files for Adreno a630 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * nvidia: Add XUSB firmware for Tegra186 * Add symlinks for Tegra VIC firmware binaries * rtl_bt: Update RTL8723D BT FW to 0x828A_96F1 * rtl_nic: add firmware rtl8125a-3 * linux-firmware: Add firmware file for Intel Bluetooth AX201 * Chelsio driver loads firmware configuration file to allow firmware to distribute resources before chip bring up. Chelsio NIC driver, cxgb4 searches for firmware config file at /lib/firmware/cxgb4/ directory. * brcm: Add 43455 based AP6255 NVRAM for the Minix Neo Z83-4 Mini PC * brcm: Add 43340 based AP6234 NVRAM for the PoV TAB-P1006W-232 tablet * iwlwifi: update FWs to core45-152 release * check_whence: Add copy-firmware.sh to the list of ignored files * rtl_bt: Update RTL8822C BT FW to V0x098A_94A4 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * Mellanox: Add new mlxsw_spectrum firmware 13.2000.1886 * Install only listed firmware files * rtw88: add a README file * rtw88: RTL8822C: add WoW firmware v7.3 * rtw88: RTL8822C: update rtw8822c_fw.bin to v7.3 * ath10k: QCA9984 hw1.0: update board-2.bin * ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00046 * ath10k: QCA988X hw2.0: update firmware-5.bin to 10.2.4-1.0-00045 * ath10k: QCA9888 hw2.0: update board-2.bin * ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00040 * ath10k: QCA9887 hw1.0: update firmware-5.bin to 10.2.4-1.0-00045 * ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00140-QCARMSWPZ-1 * ath10k: QCA4019 hw1.0: update board-2.bin * cxgb4: update firmware to revision 1.24.3.0 * nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.38 * nvidia: add missing entries in WHENCE * linux-firmware: Update NXP Management Complex firmware to version 10.16.2 * iwlwifi: update -48 FWs for Qu and cc * iwlwifi: update FWs for 3168, 7265D, 9000, 9260, 8000, 8265 and cc * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth 22161 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * amdgpu: update vega10 VCE firmware * amdgpu: update picasso vcn firmware * amdgpu: update raven vcn firmware * amdgpu: update tonga to latest 19.20 firmware * amdgpu: update vega12 to latest 19.20 firmware * amdgpu: partially revert 2579167548be33afb1fe2a9a5c141561ee5a8bbe * amdgpu: update vega10 to latest 19.20 firmware * amdgpu: update polaris12 to latest 19.20 firmware * amdgpu: update raven2 to latest 19.20 firmware * amdgpu: update raven to latest 19.20 firmware * amdgpu: update picasso to latest 19.20 firmware * drm/i915/firmware: Add v33 of GuC for ICL * drm/i915/firmware: Add v33 of GuC for KBL * drm/i915/firmware: Add v33 of GuC for SKL * drm/i915/firmware: Add v33 of GuC for GLK * drm/i915/firmware: Add v33 of GuC for BXT * linux-firmware: rsi: add firmware image for redpine 9116 chipset * linux-firmware: Add firmware file for Intel Bluetooth AX201 * iwlwifi: add new firmwares for integrated 22000 series * iwlwifi: update FW for 22000 to Core45-96 * iwlwifi: update FWs for 9000 series to Core45-96 * iwlwifi: update Core45 FWs for 22260, 9000 and 9260 * iwlwifi: udpate -36 firmware for 8000 series - Install with the copy-file.sh script now included in tarball; the licenses are kept only in license directory - Drop the previous vega10_sos.bin revert, as already addressed in the new firmware ++++ lvm2: - Fix udev rules issue (bsc#1154655) + bug-1154655_udev-remove-unsupported-OPTIONS-event_timeout-rule.patch ++++ snapper: - add --machine-readable option for CSV and JSON outputs. - add --columns option for selecting columns in the commands list, list-configs and get-config. - bsc#1149322 - version 0.8.6 ++++ libssh2_org: - Security fix: [bsc#1154862, CVE-2019-17498] * The SSH_MSG_DISCONNECT:packet.c logic has an integer overflow in a bounds check that might lead to disclose sensitive information or cause a denial of service * Add patch libssh2_org-CVE-2019-17498.patch ++++ u-boot-rpiarm64: - Put idbloader.img into /boot for Rockchip idbloader.img is installable TPL/SPL bootloader image: https://gitlab.denx.de/u-boot/u-boot/commit/1b0a936b52606af87b6576817a0e939da731b6d9 - include update_git.sh as source in the spec file - Make factory-auto bot happy ++++ zypper: - Add extended solver options to list-updates. Since the update command supports tweaking the solver via CLI options the list-updates command should allow the same (bsc#1153351) - version 1.14.32 ------------------------------------------------------------------ ------------------ 2019-10-22 - Oct 22 2019 ------------------- ------------------------------------------------------------------ ++++ file: - Add temporary patch CVE-2019-18218-46a8443f.patch from upstream to fix bsc#1154661 -- heap-based buffer overflow in cdf_read_property_info in cdf.c ++++ grub2: - Enable support for riscv64 - Backports from upstream: * risc-v-fix-computation-of-pc-relative-relocation-offset.patch * risc-v-add-clzdi2-symbol.patch * grub-install-define-default-platform-for-risc-v.patch ++++ kernel-default: - phylink: fix kernel-doc warnings (git-fixes). - power: supply: ab8500: remove set but not used variables 'vbup33_vrtcn' and 'bup_vch_range' (git-fixes). - power: reset: gpio-restart: Fix typo when gpio reset is not found (git-fixes). - power: supply: Init device wakeup after device_add() (git-fixes). - remoteproc: qcom: q6v5-mss: fixup q6v5_pds_enable error handling (git-fixes). - r8169: fix DMA issue on MIPS platform (git-fixes). - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() (git-fixes). - commit ed8c5e4 - rt2x00: initialize last_reset (git-fixes). - virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr (git-fixes). - staging: bcm2835-audio: Fix draining behavior regression (git-fixes). - rtc: pcf2127: bugfix: read rtc disables watchdog (git-fixes). - rtc: rv3029: revert error handling patch to rv3029_eeprom_write() (git-fixes). - video: of: display_timing: Add of_node_put() in of_get_display_timing() (git-fixes). - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet (git-fixes). - rtw88: fix wrong rx power calculation (git-fixes). - rtlwifi: Fix file release memory leak (git-fixes). - rtw88: fix seq_file memory leak (git-fixes). - rtlwifi: rtl8821ae: Fix incorrect returned values (git-fixes). - rtlwifi: rtl8192cu: Fix value set in descriptor (git-fixes). - rtw88: debug: dump tx power indexes in use (git-fixes). - regulator: da9211: fix obtaining "enable" GPIO (git-fixes). - regulator: max77686: fix obtaining "maxim,ena" GPIO (git-fixes). - commit 39d4733 - platform/x86: i2c-multi-instantiate: Fail the probe if no IRQ provided (git-fixes). - platform/x86: classmate-laptop: remove unused variable (git-fixes). - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (git-fixes). - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table (git-fixes). - commit fb32f25 - pinctrl: iproc-gpio: Fix incorrect pinconf configurations (git-fixes). - pinctrl: qcom: sdm845: Fix UFS_RESET pin (git-fixes). - pinctrl: intel: remap the pin number to gpio offset for irq enabled pin (git-fixes). - commit 9e6b97e - nl80211: fix memory leak in nl80211_get_ftm_responder_stats (git-fixes). - NFC: pn533: fix use-after-free and memleaks (git-fixes). - PCI: PM: Fix pci_power_up() (git-fixes). - of: mdio: Fix a signedness bug in of_phy_get_and_connect() (git-fixes). - PCI: Correct pci=resource_alignment parameter example (git-fixes). - phy: ti: am654-serdes: fix an use-after-free in serdes_am654_clk_register() (git-fixes). - paride/pcd: need to set queue to NULL before put_disk (git-fixes). - paride/pf: need to set queue to NULL before put_disk (git-fixes). - commit 6c4192e - mt76: stop rx aggregation on station removal (git-fixes). - mt76: mt7603: fix watchdog rescheduling in mt7603_set_channel (git-fixes). - mt76: mt7615: fix MT7615_WATCHDOG_TIME definition (git-fixes). - mt76: usb: fix endian in mt76u_copy (git-fixes). - mt76: mt76u: fix typo in mt76u_fill_rx_sg (git-fixes). - mt76: mt7615: fix sparse warnings: warning: restricted __le16 degrades to integer (git-fixes). - commit 36419e2 - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (git-fixes). - staging: most: sound: Fix error path of audio_init (git-fixes). - media: em28xx: Fix exception handling in em28xx_alloc_urbs() (git-fixes). - media: atmel: atmel-isi: fix timeout value for stop streaming (git-fixes). - media: ov8856: Check reading clock frequency succeeded (git-fixes). - media: imx7.rst: Fix the references to the CSI multiplexer (git-fixes). - media: marvell-ccic: mmp: add MODULE_DEVICE_TABLE (git-fixes). - media: rcar-vin: Clean up correct notifier in error path (git-fixes). - media: staging/imx: Fix NULL deref in find_pipeline_entity() (git-fixes). - media: vivid: fix potential integer overflow on left shift (git-fixes). - commit 67df550 - mailbox: qcom-apcs: fix max_register value (git-fixes). - commit b903159 - mac80211: accept deauth frames in IBSS mode (git-fixes). - mac80211: don't check if key is NULL in ieee80211_key_link() (git-fixes). - mac80211: vht: add support VHT EXT NSS BW in parsing VHT (git-fixes). - mac80211: minstrel_ht: fix per-group max throughput rate initialization (git-fixes). - commit 53cbd53 - leds: lm3532: Fix brightness control for i2c mode (git-fixes). - Refresh patches.suse/leds-lm3532-Fixes-for-the-driver-for-stability.patch. - commit 2348f20 - libata/ahci: Fix PCS quirk application (git-fixes). - libertas_tf: Use correct channel range in lbtf_geo_init (git-fixes). - led: triggers: Fix dereferencing of null pointer (git-fixes). - leds: trigger: gpio: GPIO 0 is valid (git-fixes). - leds: ti-lmu-common: Fix coccinelle issue in TI LMU (git-fixes). - commit 59a3bf5 - iwlwifi: exclude GEO SAR support for 3168 (git-fixes). - iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (git-fixes). - iwlwifi: mvm: fix race in sync rx queue notification (git-fixes). - Revert "Input: elantech - enable SMBus on new (2018+) systems" (git-fixes). - Input: da9063 - fix capability and drop KEY_SLEEP (git-fixes). - ima: initialize the "template" field with the default template (git-fixes). - Input: cros_ec_keyb - add back missing mask for event_type (git-fixes). - iwlwifi: dbg_ini: remove periphery phy and aux regions handling (git-fixes). - commit 5ba2a59 - i2c: designware: assert reset when error happen at ->probe() (git-fixes). - crypto: hisilicon - Matching the dma address for dma_pool_free() (git-fixes). - dma-buf: fix stack corruption in dma_fence_chain_release (git-fixes). - brcmfmac: get chip's default RAM info during PCIe setup (git-fixes). - can: xilinx_can: xcan_probe(): skip error message on deferred probe (git-fixes). - can: xilinx_can: xcan_chip_start(): fix failure with invalid bus (git-fixes). - crypto: mediatek - fix uninitialized value of gctx->textlen (git-fixes). - crypto: caam/qi - use print_hex_dump_debug function to print debug messages (git-fixes). - crypto: caam/qi - execute library only on DPAA 1.x (git-fixes). - crypto: caam - unregister algorithm only if the registration succeeded (git-fixes). - crypto: caam - execute module exit point only if necessary (git-fixes). - crypto: caam - free resources in case caam_rng registration failed (git-fixes). - crypto: ccp - Clean up and exit correctly on allocation failure (git-fixes). - crypto: ccp - Reduce maximum stack usage (git-fixes). - commit 44f9d1d - ath10k: fix latency issue for QCA988x (git-fixes). - ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init (git-fixes). - Bluetooth: hidp: Fix assumptions on the return value of hidp_send_message (git-fixes). - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA (git-fixes). - ASoC: SOF: Intel: hda: Initialize HDA controller after i915 init (git-fixes). - ALSA: aoa: onyx: always initialize register read value (git-fixes). - ahci: Do not export local variable ahci_em_messages (git-fixes). - commit 2bdf3d5 - act_mirred: Fix mirred_init_module error handling (git-fixes). - commit 251206c - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (git-fixes). - commit e7cfc10 - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (git-fixes). - commit 043c45c - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel (git-fixes). - Refresh patches.suse/ALSA-usb-audio-Add-DSD-support-for-EVGA-NU-Audio.patch. - Refresh patches.suse/ALSA-usb-audio-Add-Hiby-device-family-to-quirks-for-.patch. - commit 468bbcd - ALSA: usb-audio: DSD auto-detection for Playback Designs (git-fixes). - Refresh patches.suse/ALSA-usb-audio-Add-DSD-support-for-EVGA-NU-Audio.patch. - Refresh patches.suse/ALSA-usb-audio-Add-Hiby-device-family-to-quirks-for-.patch. - commit 81fa71f - ALSA: hda - Force runtime PM on Nvidia HDMI codecs (git-fixes). - ALSA: hda/realtek - Enable headset mic on Asus MJ401TA (git-fixes). - ALSA: hdac: clear link output stream mapping (git-fixes). - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (git-fixes). - ALSA: hda/realtek - Fix alienware headset mic (git-fixes). - Add Acer Aspire Ethos 8951G model quirk (git-fixes). - ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (git-fixes). - ALSA: hda - Allow runtime PM for controller if component notifier is used (git-fixes). - ALSA: usb-audio: remove some dead code (git-fixes). - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() (git-fixes). - ALSA: usb-audio: Clean up check_input_term() (git-fixes). - ALSA: usb-audio: Remove superfluous bLength checks (git-fixes). - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects (git-fixes). - ALSA: usb-audio: Simplify parse_audio_unit() (git-fixes). - ALSA: usb-audio: More validations of descriptor units (git-fixes). - ALSA: hda/realtek - Check beep whitelist before assigning in all codecs (git-fixes). - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (git-fixes). - ALSA: hda - Expand pin_match function to match upcoming new tbls (git-fixes). - ALSA: hda/sigmatel - remove unused variable 'stac9200_core_init' (git-fixes). - ALSA: hda: Set fifo_size for both playback and capture streams (git-fixes). - ALSA: hda - Inform too slow responses (git-fixes). - ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (git-fixes). - ALSA: usb-audio: fix PCM device order (git-fixes). - ALSA: usb-audio: Unify audioformat release code (git-fixes). - ALSA: hda: Add support of Zhaoxin controller (git-fixes). - ALSA: usb-audio: Scarlett Gen 2 mixer interface (git-fixes). - ALSA: line6: sizeof (byte) is always 1, use that fact (git-fixes). - ALSA: hda/hdmi - Allow audio component for AMD/ATI and Nvidia HDMI (git-fixes). - commit 34822c0 - Linux 5.3.7 (bnc#1151927 5.3.7). - tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency (bnc#1151927 5.3.7). - tracing/hwlat: Report total time spent in all NMIs during the sample (bnc#1151927 5.3.7). - tracing: Get trace_array reference for available_tracers files (bnc#1151927 5.3.7). - ftrace: Get a reference counter for the trace_array on filter files (bnc#1151927 5.3.7). - hwmon: Fix HWMON_P_MIN_ALARM mask (bnc#1151927 5.3.7). - mtd: rawnand: au1550nd: Fix au_read_buf16() prototype (bnc#1151927 5.3.7). - firmware: google: increment VPD key_len properly (bnc#1151927 5.3.7). - mei: avoid FW version request on Ibex Peak and earlier (bnc#1151927 5.3.7). - mei: me: add comet point (lake) LP device ids (bnc#1151927 5.3.7). - iio: light: opt3001: fix mutex unlock race (bnc#1151927 5.3.7). - iio: adc: ad799x: fix probe error handling (bnc#1151927 5.3.7). - iio: light: add missing vcnl4040 of_compatible (bnc#1151927 5.3.7). - iio: light: fix vcnl4000 devicetree hooks (bnc#1151927 5.3.7). - iio: adc: axp288: Override TS pin bias current for some models (bnc#1151927 5.3.7). - iio: adc: stm32-adc: fix a race when using several adcs with dma and irq (bnc#1151927 5.3.7). - iio: adc: stm32-adc: move registers definitions (bnc#1151927 5.3.7). - iio: accel: adxl372: Perform a reset at start up (bnc#1151927 5.3.7). - iio: accel: adxl372: Fix push to buffers lost samples (bnc#1151927 5.3.7). - iio: accel: adxl372: Fix/remove limitation for FIFO samples (bnc#1151927 5.3.7). - iio: adc: hx711: fix bug in sampling of data (bnc#1151927 5.3.7). - staging: vt6655: Fix memory leak in vt6655_probe (bnc#1151927 5.3.7). - Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc (bnc#1151927 5.3.7). - staging: rtl8188eu: fix HighestRate check in odm_ARFBRefresh_8188E() (bnc#1151927 5.3.7). - staging: bcm2835-audio: Fix draining behavior regression (bnc#1151927 5.3.7). - staging/fbtft: Depend on OF (bnc#1151927 5.3.7). - serial: uartps: Fix uartps_major handling (bnc#1151927 5.3.7). - serial: uartlite: fix exit path null pointer (bnc#1151927 5.3.7). - USB: yurex: fix NULL-derefs on disconnect (bnc#1151927 5.3.7). - USB: iowarrior: fix use-after-free after driver unbind (bnc#1151927 5.3.7). - USB: iowarrior: fix use-after-free on release (bnc#1151927 5.3.7). - USB: iowarrior: fix use-after-free on disconnect (bnc#1151927 5.3.7). - USB: chaoskey: fix use-after-free on release (bnc#1151927 5.3.7). - USB: adutux: fix use-after-free on release (bnc#1151927 5.3.7). - USB: ldusb: fix NULL-derefs on driver unbind (bnc#1151927 5.3.7). - USB: legousbtower: fix use-after-free on release (bnc#1151927 5.3.7). - USB: usb-skeleton: fix NULL-deref on disconnect (bnc#1151927 5.3.7). - USB: serial: keyspan: fix NULL-derefs on open() and write() (bnc#1151927 5.3.7). - USB: serial: option: add support for Cinterion CLS8 devices (bnc#1151927 5.3.7). - USB: serial: option: add Telit FN980 compositions (bnc#1151927 5.3.7). - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bnc#1151927 5.3.7). - media: stkwebcam: fix runtime PM after driver unbind (bnc#1151927 5.3.7). - USB: serial: fix runtime PM after driver unbind (bnc#1151927 5.3.7). - USB: usblp: fix runtime PM after driver unbind (bnc#1151927 5.3.7). - USB: usb-skeleton: fix runtime PM after driver unbind (bnc#1151927 5.3.7). - usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior (bnc#1151927 5.3.7). - usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}() (bnc#1151927 5.3.7). - xhci: Fix NULL pointer dereference in xhci_clear_tt_buffer_complete() (bnc#1151927 5.3.7). - xhci: Increase STS_SAVE timeout in xhci_suspend() (bnc#1151927 5.3.7). - xhci: Prevent deadlock when xhci adapter breaks during init (bnc#1151927 5.3.7). - usb: xhci: wait for CNR controller not ready bit in xhci resume (bnc#1151927 5.3.7). - xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts (bnc#1151927 5.3.7). - xhci: Check all endpoints for LPM timeout (bnc#1151927 5.3.7). - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bnc#1151927 5.3.7). - xhci: Fix false warning message about wrong bounce buffer write length (bnc#1151927 5.3.7). - USB: legousbtower: fix open after failed reset request (bnc#1151927 5.3.7). - USB: legousbtower: fix potential NULL-deref on disconnect (bnc#1151927 5.3.7). - USB: legousbtower: fix deadlock on disconnect (bnc#1151927 5.3.7). - USB: legousbtower: fix slab info leak at probe (bnc#1151927 5.3.7). - usb: typec: ucsi: displayport: Fix for the mode entering routine (bnc#1151927 5.3.7). - usb: typec: ucsi: ccg: Remove run_isr flag (bnc#1151927 5.3.7). - USB: usblcd: fix I/O after disconnect (bnc#1151927 5.3.7). - usb: typec: tcpm: usb: typec: tcpm: Fix a signedness bug in tcpm_fw_get_caps() (bnc#1151927 5.3.7). - USB: dummy-hcd: fix power budget for SuperSpeed mode (bnc#1151927 5.3.7). - USB: yurex: Don't retry on unexpected errors (bnc#1151927 5.3.7). - USB: adutux: fix NULL-derefs on disconnect (bnc#1151927 5.3.7). - USB: adutux: fix use-after-free on disconnect (bnc#1151927 5.3.7). - USB: microtek: fix info-leak at probe (bnc#1151927 5.3.7). - USB: rio500: Remove Rio 500 kernel driver (bnc#1151927 5.3.7). - perf inject jit: Fix JIT_CODE_MOVE filename (bnc#1151927 5.3.7). - perf llvm: Don't access out-of-scope array (bnc#1151927 5.3.7). - efi/tpm: Fix sanity check of unsigned tbl_size being less than zero (bnc#1151927 5.3.7). - efi/tpm: Only set 'efi_tpm_final_log_size' after successful event log parsing (bnc#1151927 5.3.7). - efi/tpm: Don't traverse an event log with no events (bnc#1151927 5.3.7). - efi/tpm: Don't access event->count when it isn't mapped (bnc#1151927 5.3.7). - efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified (bnc#1151927 5.3.7). - x86/asm: Fix MWAITX C-state hint value (bnc#1151927 5.3.7). - MIPS: Disable Loongson MMI instructions for kernel build (bnc#1151927 5.3.7). - MIPS: elf_hwcap: Export userspace ASEs (bnc#1151927 5.3.7). - NFS: Fix O_DIRECT accounting of number of bytes read/written (bnc#1151927 5.3.7). - CIFS: Force reval dentry if LOOKUP_REVAL flag is set (bnc#1151927 5.3.7). - CIFS: Force revalidate inode when dentry is stale (bnc#1151927 5.3.7). - CIFS: Gracefully handle QueryInfo errors during open (bnc#1151927 5.3.7). - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (bnc#1151927 5.3.7). - drm/i915: Mark contents as dirty on a write fault (bnc#1151927 5.3.7). - drm/i915: Bump skl+ max plane width to 5k for linear/x-tiled (bnc#1151927 5.3.7). - drm/i915: Whitelist COMMON_SLICE_CHICKEN2 (bnc#1151927 5.3.7). - drm/i915: Perform GGTT restore much earlier during resume (bnc#1151927 5.3.7). - io_uring: only flush workqueues on fileset removal (bnc#1151927 5.3.7). - btrfs: fix uninitialized ret in ref-verify (bnc#1151927 5.3.7). - btrfs: allocate new inode in NOFS context (bnc#1151927 5.3.7). - btrfs: fix balance convert to single on 32-bit host CPUs (bnc#1151927 5.3.7). - btrfs: fix incorrect updating of log root tree (bnc#1151927 5.3.7). - Btrfs: fix memory leak due to concurrent append writes with fiemap (bnc#1151927 5.3.7). - Fix the locking in dcache_readdir() and friends (bnc#1151927 5.3.7). - arm64/sve: Fix wrong free for task->thread.sve_state (bnc#1151927 5.3.7). - gpio: eic: sprd: Fix the incorrect EIC offset when toggling (bnc#1151927 5.3.7). - gpio: fix getting nonexclusive gpiods from DT (bnc#1151927 5.3.7). - gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source (bnc#1151927 5.3.7). - selinux: fix context string corruption in convert_context() (bnc#1151927 5.3.7). - mm/vmpressure.c: fix a signedness bug in vmpressure_register_event() (bnc#1151927 5.3.7). - mm/page_alloc.c: fix a crash in free_pages_prepare() (bnc#1151927 5.3.7). - mm/z3fold.c: claim page in the beginning of free (bnc#1151927 5.3.7). - panic: ensure preemption is disabled during panic() (bnc#1151927 5.3.7). - commit fe06c63 - Update patches.suse/0001-btrfs-relocation-fix-use-after-free-on-dead-relocati.patch (bsc#1152972 bnc#1151927 5.3.7). - Update patches.suse/0001-kernel-sysctl.c-do-not-override-max_threads-provided.patch (bnc#1150875 bnc#1151927 5.3.7). - Update patches.suse/0002-drm-msm-Use-the-correct-dma_sync-calls-harder.patch (bsc#1152472 bnc#1151927 5.3.7). - Update patches.suse/ACPI-PPTT-Add-support-for-ACPI-6.3-thread-flag.patch (jsc#SLE-10146 bnc#1151927 5.3.7). - Update patches.suse/IB-core-Fix-wrong-iterating-on-ports.patch (jsc#SLE-8449 bnc#1151927 5.3.7). - Update patches.suse/RDMA-vmw_pvrdma-Free-SRQ-only-once.patch (jsc#SLE-8449 bnc#1151927 5.3.7). - Update patches.suse/arm64-topology-Use-PPTT-to-determine-if-PE-is-a-thre.patch (jsc#SLE-10146 bnc#1151927 5.3.7). - Update patches.suse/blk-wbt-fix-performance-regression-in-wbt-scale_up-scale_down.patch (bsc#1152489 bnc#1151927 5.3.7). - commit 942d26b - kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578). - commit 7f1e881 - iommu/vt-d: Add Scalable Mode fault information (jsc#SLE-8032). - iommu/vt-d: Add trace events for device dma map/unmap (jsc#SLE-8014). - commit e17e39f - rtlwifi: Fix potential overflow on P2P code (bsc#1154372 CVE-2019-17666). - commit 6cf6227 - series.conf: cleanup Update upstream references and move into sorted section: patches.suse/net-ath6kl-Fix-a-NULL-ptr-deref-bug.patch Move into "on the way" section: patches.suse/libertas-fix-a-potential-NULL-pointer-dereference.patch - commit 5ebd03f - Fix Patch-mainline tag patches.suse/firmware-dmi-fix-unlikely-out-of-bounds-read.patch. - commit a48c406 ++++ python3-core: - Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in python/Lib/DocXMLRPCServer.py ++++ systemd: - Remove intltool BuildRequires, not needed since v237 - Use python3-base BuildRequires instead of full python3 ++++ python3: - Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in python/Lib/DocXMLRPCServer.py ++++ salt: - core.py: ignore wrong product_name files - zypperpkg: understand product type - Added: * accumulated-changes-from-yomi-167.patch ++++ zypper: - --solver-focus: Set the solvers general attitude when resolving a job (bsc#1146415) - Add --repo switch to download (jira#SLE-9171) - manpage: Improve description of $releasever and --releasever usecases (bsc#1149511) - Ask only once if multiple packages share the same license text (bsc#1145554) - Allow selection by capability if --force switch is used (fixes #289) - BuildRequires: libzypp-devel >= 17.15.0 - version 1.14.31 ------------------------------------------------------------------ ------------------ 2019-10-21 - Oct 21 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - lvm2-pvscan needs process speed improvement on a large scale PVs (jcs#SLE-5498) + jcs-SLE5498_pvscan-allow-use-of-noudevsync-option.patch ++++ glib2: - Update to version 2.62.2: + Bugs fixed: - glgo#GNOME/GLib#1896: Use after free when calling g_dbus_connection_flush_sync() in a dedicated thread. - glgo#GNOME/GLib!1154: Backport glgo#GNOME/GLib!1152 “gwinhttpvfs: Handle g_get_prgname() returning NULL” to glib-2-62. - glgo#GNOME/GLib!1156: Backport glgo#GNOME/GLib!1146 Solaris fixes to glib-2-62. ++++ kernel-default: - libertas: fix a potential NULL pointer dereference (CVE-2019-16232,bsc#1150465). - commit 9f9e4f7 - iwlwifi: pcie: fix rb_allocator workqueue allocation (CVE-2019-16234,bsc#1150452). - commit 88957ce - kernel-binary.spec.in: Obsolete kgraft packages only when not building them. - commit 25f7690 - kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354). It is not strictly necessary to uncompress it so maybe the ghost file can be 0 size in this case. - commit 4bf73c8 - iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154625). - iommu/amd: Fix incorrect PASID decoding from event log (bsc#1154626). - iommu/io-pgtable-arm: Support all Mali configurations (bsc#1154637). - iommu/io-pgtable-arm: Correct Mali attributes (bsc#1154636). - iommu/amd: Lock code paths traversing protection_domain->dev_list (bsc#1154629). - iommu/amd: Lock dev_data in attach/detach code paths (bsc#1154630). - iommu/amd: Check for busy devices earlier in attach_device() (bsc#1154624). - iommu/amd: Take domain->lock for complete attach/detach path (bsc#1154633). - iommu/amd: Remove amd_iommu_devtable_lock (bsc#1154631). - iommu/amd: Remove domain->updated (bsc#1154632). - iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154635). - iommu/amd: Unmap all L7 PTEs when downgrading page-sizes (bsc#1154634). - iommu/amd: Introduce first_pte_l7() helper (bsc#1154628). - iommu/amd: Fix pages leak in free_pagetable() (bsc#1154627). - commit 41aabfd - vsprintf: Prevent crash when dereferencing invalid pointers for %pD (bsc#1154619). - commit dffedfe - scsi: lpfc: Check queue pointer before use (bsc#1154242). - commit 7553622 - x86/hyperv: Set pv_info.name to "Hyper-V" (fate#323887). - x86/hyperv: Make vapic support x2apic mode (fate#323887). - Drivers: hv: vmbus: Fix harmless building warnings without CONFIG_PM_SLEEP (fate#323887). - HID: hyperv: Use in-place iterator API in the channel callback (fate#323887). - commit bcf7984 - Move patch to upstream section Refresh patches.suse/scsi-lpfc-remove-left-over-BUILD_NVME-defines.patch. - commit 4bf6dec - firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes). - commit cf1b81f - series.conf: refresh - update upstream references: patches.suse/cfg80211-wext-avoid-copying-malformed-SSIDs.patch. patches.suse/net-ibmvnic-Fix-EOI-when-running-in-XIVE-mode.patch. - commit 863654c - hrtimer/treewide: Use hrtimer_sleeper_start_expires() (bsc#1149032). - hrtimer: Provide hrtimer_sleeper_start_expires() (bsc#1149032). - hrtimer: Consolidate hrtimer_init() + hrtimer_init_sleeper() calls (bsc#1149032). - hrtimer: Remove task argument from hrtimer_init_sleeper() (bsc#1149032). - lib/timerqueue: Rely on rbtree semantics for next timer (bsc#1154536). - x86/math64: Provide a sane mul_u64_u32_div() implementation for x86_64 (bsc#1149032). - sched: Clean up active_mm reference counting (bsc#1149032). - sched/core: Convert get_task_struct() to return the task (bsc#1149032). - mutex: Fix up mutex_waiter usage (bsc#1149032). - locking/mutex: Use mutex flags macro instead of hard code (bsc#1149032). - locking/mutex: Make __mutex_owner static to mutex.c (bsc#1149032). - locking/qspinlock,x86: Clarify virt_spin_lock_key (bsc#1149032). - locking/rwsem: Check for operations on an uninitialized rwsem (bsc#1149032). - locking/rwsem: Make handoff writer optimistically spin on owner (bsc#1149032). - commit 2a492dc ++++ lvm2: - lvm2-pvscan needs process speed improvement on a large scale PVs (jcs#SLE-5498) + jcs-SLE5498_pvscan-allow-use-of-noudevsync-option.patch ++++ systemd: - Add 0001-compat-rules-escape-when-used-for-shell-expansion.patch (bsc#1153648) Added to the quaratine area to avoid uploading a new tar ball just for that single change. It will be dropped during the next import. - don't package locales in -mini package ++++ libxslt: - Security fix [bsc#1154609, CVE-2019-18197] * Fix dangling pointer in xsltCopyText * Add libxslt-CVE-2019-18197.patch ++++ zlib: - Add SUSE specific patch to fix bsc#1138793, we simply don't want to test if the app was linked with exactly same version of zlib like the one that is present on the runtime: * zlib-no-version-check.patch ++++ podman: - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 ++++ salt: - Enable usage of downloadonly parameter for apt module - Added: * adds-the-possibility-to-also-use-downloadonly-in-kwa.patch ++++ slirp4netns: - Update to 0.4.2 * Do not propagate mounts to the parent ns in sandbox ------------------------------------------------------------------ ------------------ 2019-10-18 - Oct 18 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Merge in latest upstream, with fixes for: * Support CHAP SHA-1, SHA-256, SHA3-256 vis openssl libcrypto - this requires an update of the SPEC file, as well * Initialize timeout for printing specific session info Updating (in addition to the SPEC file): * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - Fix Patch-mainline: patches.suse/s390-zcrypt-add-base-code-for-cca-crypto-card-info-support patches.suse/s390-zcrypt-cex7s-exploitation-support patches.suse/s390-zcrypt-move-cca-misc-functions-to-new-code-file patches.suse/s390-zcrypt-new-sysfs-attributes-serialnr-and-mkvps - commit 7dfd2cf - netdevsim: implement support for devlink region and snapshots (bsc#1154353). - Refresh patches.suse/net-devlink-split-reload-op-into-two.patch. - commit 8316be1 - netdevsim: register couple of devlink params (bsc#1154353). - Refresh patches.suse/net-devlink-split-reload-op-into-two.patch. - commit f83adc1 - SUNRPC: fix race to sk_err after xs_error_report (bsc#1154353). - commit cf2c098 - netdevsim: Add devlink-trap support (bsc#1154353). - Refresh patches.suse/net-devlink-split-reload-op-into-two.patch. - commit bd989c4 - net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() (bsc#1154353). - mlxsw: spectrum: Clear VLAN filters during port initialization (bsc#1154488). - net: ena: clean up indentation issue (bsc#1154492). - net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() (bsc#1154353). - net: ena: Select DIMLIB for ENA_ETHERNET (bsc#1154492). - sunrpc: clean up indentation issue (bsc#1154353). - sunrpc: add a new cache_detail operation for when a cache is flushed (bsc#1154353). - svcrdma: Use llist for managing cache of recv_ctxts (jsc#SLE-8449). - svcrdma: Remove svc_rdma_wq (jsc#SLE-8449). - SUNRPC: Track writers of the 'channel' file to improve cache_listeners_exist (bsc#1154353). - SUNRPC: Fix congestion window race with disconnect (bsc#1154353). - SUNRPC: Rename xdr_buf_read_netobj to xdr_buf_read_mic (bsc#1154353). - SUNRPC: Don't receive TCP data into a request buffer that has been reset (bsc#1154353). - xprtrdma: Clear xprt->reestablish_timeout on close (jsc#SLE-8449). - xprtrdma: Recycle MRs after disconnect (jsc#SLE-8449). - xprtrdma: Optimize rpcrdma_post_recvs() (jsc#SLE-8449). - xprtrdma: Inline XDR chunk encoder functions (jsc#SLE-8449). - xprtrdma: Fix bc_max_slots return value (jsc#SLE-8449). - xprtrdma: Clean up xprt_rdma_set_connect_timeout() (jsc#SLE-8449). - xprtrdma: Use an llist to manage free rpcrdma_reps (jsc#SLE-8449). - xprtrdma: Remove rpcrdma_buffer::rb_mrlock (jsc#SLE-8449). - xprtrdma: Cache free MRs in each rpcrdma_req (jsc#SLE-8449). - xprtrdma: Ensure creating an MR does not trigger FS writeback (jsc#SLE-8449). - xprtrdma: Move rpcrdma_mr_get out of frwr_map (jsc#SLE-8449). - xprtrdma: Combine rpcrdma_mr_put and rpcrdma_mr_unmap_and_put (jsc#SLE-8449). - xprtrdma: Simplify rpcrdma_mr_pop (jsc#SLE-8449). - xprtrdma: Rename rpcrdma_buffer::rb_all (jsc#SLE-8449). - xprtrdma: Rename CQE field in Receive trace points (jsc#SLE-8449). - xprtrdma: Boost maximum transport header size (jsc#SLE-8449). - xprtrdma: Fix calculation of ri_max_segs again (jsc#SLE-8449). - xprtrdma: Update obsolete comment (jsc#SLE-8449). - xprtrdma: Refresh the documenting comment in frwr_ops.c (jsc#SLE-8449). - SUNRPC: Inline xdr_commit_encode (bsc#1154353). - SUNRPC: Remove rpc_wake_up_queued_task_on_wq() (bsc#1154353). - RDMA/hns: Package operations of rq inline buffer into separate functions (jsc#SLE-8449). - RDMA/hns: Optimize cmd init and mode selection for hip08 (jsc#SLE-8449). - RDMA/hns: Use devm_platform_ioremap_resource() to simplify code (jsc#SLE-8449). - RDMA/hns: Fix wrong assignment of qp_access_flags (jsc#SLE-8449). - RDMA/hns: Delete the not-used lines (jsc#SLE-8449). - RDMA/hns: Remove if-else judgment statements for creating srq (jsc#SLE-8449). - RDMA/hns: Add reset process for function-clear (jsc#SLE-8449). - RDMA/hns: Fix cast from or to restricted __le32 for driver (jsc#SLE-8449). - RDMA/hns: Remove the some magic number (jsc#SLE-8449). - RDMA/hns: Modify the data structure of hns_roce_av (jsc#SLE-8449). - RDMA/hns: Fix some white space check_mtu_validate() (jsc#SLE-8449). - RDMA/hns: Remove unuseful member (jsc#SLE-8449). - RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver (jsc#SLE-8449). - RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver (jsc#SLE-8449). - RDMA/hns: Modify pi vlaue when cq overflows (jsc#SLE-8449). - RDMA/hns: Bugfix for creating qp attached to srq (jsc#SLE-8449). - RDMA/hns: Logic optimization of wc_flags (jsc#SLE-8449). - RDMA/hns: Use the new APIs for printing log (jsc#SLE-8449). - RDMA/hns: Disable alw_lcl_lpbk of SSU (jsc#SLE-8449). - RDMA/hns: Remove redundant print in hns_roce_v2_ceq_int() (jsc#SLE-8449). - RDMA/hns: Refactor hns_roce_v2_set_hem for hip08 (jsc#SLE-8449). - RDMA/hns: Remove unnecessary kzalloc (jsc#SLE-8449). - RDMA/hns: Refactor irq request code (jsc#SLE-8449). - RDMA/hns: Split bool statement and assign statement (jsc#SLE-8449). - RDMA/hns: Handling the error return value of hem function (jsc#SLE-8449). - RDMA/hns: Update some comments style (jsc#SLE-8449). - RDMA/hns: Clean up unnecessary initial assignment (jsc#SLE-8449). - RDMA/hns: Remove unnessary init for cmq reg (jsc#SLE-8449). - RDMA/hns: Update the prompt message for creating and destroy qp (jsc#SLE-8449). - RDMA/hns: Optimize hns_roce_modify_qp function (jsc#SLE-8449). - RDMA/hns: Encapsulate some lines for setting sq size in user mode (jsc#SLE-8449). - RDMA/hns: remove obsolete Kconfig comment (jsc#SLE-8449). - RDMA/hns: Remove not used UAR assignment (jsc#SLE-8449). - RDMA/hns: remove set but not used variable 'irq_num' (jsc#SLE-8449). - RDMA/hns: Refactor eq table init for hip08 (jsc#SLE-8449). - RDMA/hns: Refactor hem table mhop check and calculation (jsc#SLE-8449). - RDMA/hns: Package for hns_roce_rereg_user_mr function (jsc#SLE-8449). - RDMA/hns: Optimize hns_roce_mhop_alloc function (jsc#SLE-8449). - RDMA/hns: optimize the duplicated code for qpc setting flow (jsc#SLE-8449). - RDMA/hns: Use a separated function for setting extend sge paramters (jsc#SLE-8449). - RDMA/hns: Refactor for hns_roce_v2_modify_qp function (jsc#SLE-8449). - RDMA/hns: Refactor the code of creating srq (jsc#SLE-8449). - RDMA/hns: Package the flow of creating cq (jsc#SLE-8449). - net: ena: don't wake up tx queue when down (bsc#1154492). - mlxsw: spectrum_buffers: Add the ability to query the CPU port's shared buffer (bsc#1154488). - mlxsw: spectrum: Register CPU port with devlink (bsc#1154488). - mlxsw: spectrum_buffers: Prevent changing CPU port's configuration (bsc#1154488). - net: ena: fix incorrect update of intr_delay_resolution (bsc#1154492). - net: ena: fix retrieval of nonadaptive interrupt moderation intervals (bsc#1154492). - net: ena: fix update of interrupt moderation register (bsc#1154492). - net: ena: remove all old adaptive rx interrupt moderation code from ena_com (bsc#1154492). - net: ena: remove ena_restore_ethtool_params() and relevant fields (bsc#1154492). - net: ena: remove old adaptive interrupt moderation code from ena_netdev (bsc#1154492). - net: ena: remove code duplication in ena_com_update_nonadaptive_moderation_interval _*() (bsc#1154492). - net: ena: enable the interrupt_moderation in driver_supported_features (bsc#1154492). - net: ena: reimplement set/get_coalesce() (bsc#1154492). - net: ena: switch to dim algorithm for rx adaptive interrupt moderation (bsc#1154492). - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it (bsc#1154492). - netdevsim: Set offsets to various protocol layers (bsc#1154353). - net: hns3: add some DFX info for reset issue (bsc#1154353). - net: hns3: check NULL pointer before use (bsc#1154353). - net: hns3: modify some logs format (bsc#1154353). - net: hns3: fix port setting handle for fibre port (bsc#1154353). - net: hns3: fix shaper parameter algorithm (bsc#1154353). - net: hns3: revert to old channel when setting new channel num fail (bsc#1154353). - net: hns3: add ethtool_ops.set_channels support for HNS3 VF driver (bsc#1154353). - net: hns3: make array spec_opcode static const, makes object smaller (bsc#1154353). - net: hns3: make hclge_dbg_get_m7_stats_info static (bsc#1154353). - net: hns3: disable loopback setting in hclge_mac_init (bsc#1154353). - net: hns3: remove explicit conversion to bool (bsc#1154353). - net: hns3: add client node validity judgment (bsc#1154353). - net: hns3: fix mis-assignment to hdev->reset_level in hclge_reset (bsc#1154353). - net: hns3: fix double free bug when setting ringparam (bsc#1154353). - net: hns3: fix error VF index when setting VLAN offload (bsc#1154353). - net: hns: Move static keyword to the front of declaration (bsc#1154353). - sunrpc: Use kzfree rather than its implementation (bsc#1154353). - mvpp2: percpu buffers (bsc#1154353). - mvpp2: refactor BM pool functions (bsc#1154353). - net: hns3: remove set but not used variable 'qos' (bsc#1154353). - net: hns3: remove redundant assignment to pointer reg_info (bsc#1154353). - net: bridge: Populate the pvid flag in br_vlan_get_info (bsc#1154353). - net: hns3: not allow SSU loopback while execute ethtool -t dev (bsc#1154353). - net: hns3: check reset interrupt status when reset fails (bsc#1154353). - net: hns3: add phy selftest function (bsc#1154353). - net: hns3: implement .process_hw_error for hns3 client (bsc#1154353). - net: hns3: optimize waiting time for TQP reset (bsc#1154353). - net: hns3: fix incorrect type in assignment (bsc#1154353). - net: hns3: make some reusable codes into a function (bsc#1154353). - net: hns3: optimize some log printings (bsc#1154353). - net: hns3: reduce the parameters of some functions (bsc#1154353). - net: hns3: modify base parameter of kstrtouint in hclge_dbg_dump_tm_map (bsc#1154353). - net: hns3: use macro instead of magic number (bsc#1154353). - net: hns3: code optimization for debugfs related to "dump reg" (bsc#1154353). - mlxsw: spectrum_ptp: Add counters for GC events (bsc#1154488). - mlxsw: Bump firmware version to 13.2000.1886 (bsc#1154488). - mlxsw: spectrum: Prevent auto negotiation on number of lanes (bsc#1154488). - mlxsw: Remove 56G speed support (bsc#1154488). - net: hns3: Fix -Wunused-const-variable warning (bsc#1154353). - selftests: mlxsw: Add a test case for devlink-trap (bsc#1154488). - selftests: mlxsw: Add test cases for devlink-trap L2 drops (bsc#1154488). - mlxsw: spectrum: Add devlink-trap support (bsc#1154488). - mlxsw: Add trap group for layer 2 discards (bsc#1154488). - mlxsw: Add layer 2 discard trap IDs (bsc#1154488). - mlxsw: reg: Add new trap actions (bsc#1154488). - mlxsw: core: Add API to set trap action (bsc#1154488). - netdevsim: Fix build error without CONFIG_INET (bsc#1154353). - net: hns: add phy_attached_info() to the hns driver (bsc#1154353). - net: hns3: add phy_attached_info() to the hns3 driver (bsc#1154353). - net: hns3: prevent unnecessary MAC TNL interrupt (bsc#1154353). - net: hns3: change print level of RAS error log from warning to error (bsc#1154353). - net: hns3: fix error and incorrect format (bsc#1154353). - net: hns3: modify redundant initialization of variable (bsc#1154353). - net: hns3: add or modify comments (bsc#1154353). - Documentation: Add description of netdevsim traps (bsc#1154353). - net: bridge: mdb: allow add/delete for host-joined groups (bsc#1154353). - net: bridge: mdb: dump host-joined entries as well (bsc#1154353). - net: bridge: mdb: factor out mdb filling (bsc#1154353). - net: bridge: mdb: move vlan comments (bsc#1154353). - net/mvpp2: Replace tasklet with softirq hrtimer (bsc#1154353). - net: hns3: Make hclge_func_reset_sync_vf static (bsc#1154353). - mvpp2: no need to check return value of debugfs_create functions (bsc#1154353). - hns3: no need to check return value of debugfs_create functions (bsc#1154353). - net: hns3: refine some macro definitions (bsc#1154353). - net: hns3: add handshake with VF for PF reset (bsc#1154353). - net: hns3: refine MAC pause statistics querying function (bsc#1154353). - net: hns3: add function display NCL_CONFIG info (bsc#1154353). - net: hns3: add check for max TX BD num for tso and non-tso case (bsc#1154353). - net: hns3: add some statitics info to tx process (bsc#1154353). - net: hns3: add DFX registers information for ethtool -d (bsc#1154353). - net: hns3: modify how pause options is displayed (bsc#1154353). - net: hns3: add input length check for debugfs write function (bsc#1154353). - net: hns3: clean up for vlan handling in hns3_fill_desc_vtags (bsc#1154353). - net: hns3: fix interrupt clearing error for VF (bsc#1154353). - net: hns3: fix GFP flag error in hclge_mac_update_stats() (bsc#1154353). - mlxsw: spectrum: Extend to support Spectrum-3 ASIC (bsc#1154488). - net: hns3: activate reset timer when calling reset_event (bsc#1154353). - net: hns3: clear reset interrupt status in hclge_irq_handle() (bsc#1154353). - net: hns3: fix some reset handshake issue (bsc#1154353). - net: hns3: rename a member in struct hclge_mac_ethertype_idx_rd_cmd (bsc#1154353). - net: hns3: simplify hclge_cmd_query_error() (bsc#1154353). - net: hns3: minior error handling change for hclge_tm_schd_info_init (bsc#1154353). - net: hns3: minor cleanup in hns3_clean_rx_ring (bsc#1154353). - net: hns3: remove unnecessary variable in hclge_get_mac_vlan_cmd_status() (bsc#1154353). - net: hns3: refine for set ring parameters (bsc#1154353). - net: hns3: do not query unsupported commands in debugfs (bsc#1154353). - net: hns3: add handler for NCSI error mailbox (bsc#1154353). - net: hns3: add link change event report (bsc#1154353). - net: phy: xgene: use devm_platform_ioremap_resource() to simplify code (bsc#1154353). - mvpp2: use devm_platform_ioremap_resource() to simplify code (bsc#1154353). - net: bridge: mcast: add delete due to fast-leave mdb flag (bsc#1154353). - selftests: mlxsw: Add a test for leftover DSCP rule (bsc#1154488). - selftests: mlxsw: Fix local variable declarations in DSCP tests (bsc#1154488). - net: Remove dev_err() usage after platform_get_irq() (bsc#1154353). - net: hns3: use dev_info() instead of pr_info() (bsc#1154353). - net: hns3: Add support for using order 1 pages with a 4K buffer (bsc#1154353). - net: hns3: add interrupt affinity support for misc interrupt (bsc#1154353). - net: hns3: make hclge_service use delayed workqueue (bsc#1154353). - net: hns3: add debug messages to identify eth down cause (bsc#1154353). - net: hns3: modify firmware version display format (bsc#1154353). - net: hns3: change GFP flag during lock period (bsc#1154353). - net: hns3: remove upgrade reset level when reset fail (bsc#1154353). - net: hns3: add a check for get_reset_level (bsc#1154353). - net: hns3: add reset checking before set channels (bsc#1154353). - mlxsw: spectrum_flower: Forbid to offload match on reserved TCP flags bits (bsc#1154488). - mlxsw: spectrum_acl: Track rules that forbid egress block bind (bsc#1154488). - mlxsw: spectrum_flower: Forbid to offload mirred redirect on egress (bsc#1154488). - drivers: net: xgene: Move status variable declaration into CONFIG_ACPI block (bsc#1154353). - mlxsw: spectrum_router: Increase scale of IPv6 nexthop groups (bsc#1154488). - mlxsw: spectrum: Expose KVD size for Spectrum-2 (bsc#1154488). - drivers: net: xgene: Remove acpi_has_method() calls (bsc#1154353). - platform/mellanox: mlxreg-hotplug: Remove dev_err() usage after platform_get_irq() (bsc#1154488). - commit 25127c6 - s390/zcrypt: new sysfs attributes serialnr and mkvps (jsc#SLE-9582 jsc#IBM-505 LTC#181532). - Refresh patches.suse/s390-zcrypt-cex7s-exploitation-support. - commit e3c6694 - s390/zcrypt: add base code for cca crypto card info support (jsc#SLE-9582 jsc#IBM-505 LTC#181532). - s390/zcrypt: move cca misc functions to new code file (jsc#SLE-9582 jsc#IBM-505 LTC#181532). - commit ade3003 - Update references in patches.suse/Revert-s390-dasd-Add-discard-support-for-ESE-volumes.patch (bnc#1151927 5.3.6 jsc#SLE-7885 jsc#IBM-463 LTC#178852). - Update references in patches.suse/s390-dasd-Fix-error-handling-during-online-processin.patch (bnc#1151927 5.3.6 jsc#SLE-7885 jsc#IBM-463 LTC#178852). - commit fae0452 - s390/zcrypt: CEX7S exploitation support (jsc#SLE-7506 jsc#IBM-458 LTC#178859). - commit 99477f1 - selftests/bpf: fix clearing buffered output between tests/subtests (bsc#1154353). - commit 5178748 - libbpf: convert libbpf code to use new btf helpers (bsc#1154353). - Refresh patches.suse/libbpf-fix-false-uninitialized-variable-warning.patch. - commit 234ecb1 - Documentation: Clarify trap's description (bsc#1154353). - libbpf: Teach btf_dumper to emit stand-alone anonymous enum definitions (bsc#1154353). - libbpf: Remove getsockopt() check for XDP_OPTIONS (bsc#1154353). - kcm: disable preemption in kcm_parse_func_strparser() (bsc#1154353). - IB/mlx5: Use the original address for the page during free_pages (jsc#SLE-8446). - RDMA/cma: Fix false error message (jsc#SLE-8449). - kbuild: replace BASH-specific ${@:2} with shift and ${@} (bsc#1154353). - libbpf: add flags to umem config (bsc#1154353). - tools: bpftool: do not link twice against libbpf.a in Makefile (bsc#1154353). - tools: bpf: account for generated feature/ and libbpf/ directories (bsc#1154353). - tools: bpftool: improve and check builds for different make invocations (bsc#1154353). - tools: bpftool: ignore make built-in rules for getting kernel version (bsc#1154353). - tools/bpf: sync bpf.h (bsc#1154353). - btf: do not use CONFIG_OUTPUT_FORMAT (bsc#1154353). - libbpf: use LFS (_FILE_OFFSET_BITS) instead of direct mmap2 syscall (bsc#1154353). - libbpf: add bpf_btf_get_next_id() to cycle through BTF objects (bsc#1154353). - libbpf: refactor bpf_*_get_next_id() functions (bsc#1154353). - tools: bpf: synchronise BPF UAPI header with tools (bsc#1154353). - bpf: sync bpf.h to tools/ (bsc#1154353). - libbpf: add support for need_wakeup flag in AF_XDP part (bsc#1154353). - libbpf: make libbpf.map source of truth for libbpf version (bsc#1154353). - tools: bpftool: compile with $(EXTRA_WARNINGS) (bsc#1154353). - libbpf: attempt to load kernel BTF from sysfs first (bsc#1154353). - tools: bpftool: add feature check for zlib (bsc#1154353). - tools: bpftool: fix reading from /proc/config.gz (bsc#1154353). - libbpf: implement BPF CO-RE offset relocation algorithm (bsc#1154353). - libbpf: add .BTF.ext offset relocation section loading (bsc#1154353). - libbpf: add helpers for working with BTF types (bsc#1154353). - bpf: sync bpf.h to tools/ (bsc#1154353). - tools: Add definitions for devmap_hash map type (bsc#1154353). - tools/libbpf_probes: Add new devmap_hash type (bsc#1154353). - tools/include/uapi: Add devmap_hash BPF map type (bsc#1154353). - selftests/bpf: convert send_signal.c to use subtests (bsc#1154353). - selftests/bpf: convert bpf_verif_scale.c to sub-tests API (bsc#1154353). - selftests/bpf: add sub-tests support for test_progs (bsc#1154353). - selftests/bpf: abstract away test log output (bsc#1154353). - selftest/bpf: centralize libbpf logging management for test_progs (bsc#1154353). - libbpf: return previous print callback from libbpf_set_print (bsc#1154353). - selftests/bpf: add test selectors by number and name to test_progs (bsc#1154353). - selftests/bpf: revamp test_progs to allow more control (bsc#1154353). - selftests/bpf: prevent headers to be compiled as C code (bsc#1154353). - selftests/bpf: support BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP (bsc#1154353). - libbpf: provide more helpful message on uninitialized global var (bsc#1154353). - tools headers: Grab copy of linux/const.h, needed by linux/bits.h (bsc#1154353). - commit 0d4cc4a - scsi: lpfc: remove left-over BUILD_NVME defines (bsc#1154268). - commit bde7b0f - rpm/config.sh: enable building DTBs (bsc#1153301) - commit c58d61a - series.conf: move unsortable patch out of sorted section Move patches.suse/Btrfs-check-for-the-full-sync-flag-while-holding-the.patch out of sorted section; it does not have Git-commit tag (yet) so that it cannot be sorted without manual update anyway. - commit dab15c2 - series.conf: move queued patch into sorted section Update patches.suse/cfg80211-wext-avoid-copying-malformed-SSIDs.patch Git-repo tag and move it into sorted section. - commit 9c78ce4 ++++ lz4: - less intrusive patch for CVE-2019-17543 [bsc#1153936] - lz4-merge-_destSize-variant-to-LZ4_compress_generic.patch ++++ libsolv: - fix updating of too many packages in focusbest mode - fix handling of disabled installed packages in distupgrade - new POOL_FLAG_WHATPROVIDESWITHDISABLED pool flag - bump version to 0.7.7 ++++ libzypp: - Fix empty metalink downloads if filesize is unknown (bsc#1153557) - Recognize riscv64 as architecture - Fix installation of new header file (fixes #185) - zypp.conf: Introduce `solver.focus` to define the resolvers general attitude when resolving jobs. (bsc#1146415) - New container detection algorithm for zypper ps (bsc#1146947) - version 17.15.0 (12) ++++ supportutils: - Updated to version 3.1.5 + Removed root .snapshots directory from full file list (bsc#1154482) ++++ yast2: - Fix showing details for accessing media error (bsc#1153297) - 4.2.28 ------------------------------------------------------------------ ------------------ 2019-10-17 - Oct 17 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-13-14003c19eaa863ae9d80a0ebb9b5cab6273a5a9e.patch Use official key binding functions in inputrc that is replace up-history with previous-history, down-history with next-history and backward-delete-word with backward-kill-word (bsc#1084934). Add some missed key escape sequences for urxvt-unicode terminal as well (boo#1007715). ++++ growpart: - Deleted rootgrow source and sub-package build rootgrow is provided on github: https://github.com/SUSE-Enceladus/rootgrow and builds a standalone package now ++++ grub2: - Version bump to 2.04 * removed - translations-20170427.tar.xz * grub2.spec - Make signed grub-tpm.efi specific to x86_64-efi build, the platform currently shipped with tpm module from upstream codebase - Add shim_lock to signed grub.efi in x86_64-efi build - x86_64: linuxefi now depends on linux, both will verify kernel via shim_lock - Remove translation tarball and po file hacks as it's been included in upstream tarball * rediff - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-secureboot-add-linuxefi.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-install-signed-grub.patch - grub2-linux.patch - use-grub2-as-a-package-name.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-secureboot-use-linuxefi-on-uefi.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-provide-linuxefi-config.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-efi-chainloader-root.patch - grub2-ppc64le-disable-video.patch - grub2-ppc64-cas-reboot-support.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0003-bootp-New-net_bootp6-command.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - grub2-emu-4-all.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-fix-double-free.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch * drop upstream patches - grub2-fix-locale-en.mo.gz-not-found-error-message.patch - grub2-fix-build-with-flex-2.6.4.patch - grub2-accept-empty-module.patch - 0001-Fix-packed-not-aligned-error-on-GCC-8.patch - 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch - unix-exec-avoid-atexit-handlers-when-child-exits.patch - 0001-xfs-Accept-filesystem-with-sparse-inodes.patch - grub2-binutils2.31.patch - grub2-msdos-fix-overflow.patch - 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch - grub2-efi-Move-grub_reboot-into-kernel.patch - grub2-efi-Free-malloc-regions-on-exit.patch - grub2-move-initrd-upper.patch - 0002-Add-Virtual-LAN-support.patch - 0001-ofnet-Initialize-structs-in-bootpath-parser.patch - 0001-misc-fix-invalid-character-recongition-in-strto-l.patch - 0001-tpm-Core-TPM-support.patch - 0002-tpm-Measure-kernel-initrd.patch - 0003-tpm-Add-BIOS-boot-measurement.patch - 0004-tpm-Rework-linux-command.patch - 0005-tpm-Rework-linux16-command.patch - 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch - 0007-tpm-Measure-the-kernel-commandline.patch - 0008-tpm-Measure-commands.patch - 0009-tpm-Measure-multiboot-images-and-modules.patch - 0010-tpm-Fix-boot-when-there-s-no-TPM.patch - 0011-tpm-Fix-build-error.patch - 0013-tpm-i386-pc-diskboot-img.patch - grub2-freetype-pkgconfig.patch - 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch - 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch - 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch - 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch - 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch - 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch - 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch - 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch ++++ kernel-default: - RDMA/mlx5: Add missing synchronize_srcu() for MW cases (jsc#SLE-8446). - RDMA/mlx5: Put live in the correct place for ODP MRs (jsc#SLE-8446). - RDMA/mlx5: Order num_pending_prefetch properly with synchronize_srcu (jsc#SLE-8446). - RDMA/odp: Lift umem_mutex out of ib_umem_odp_unmap_dma_pages() (jsc#SLE-8449). - RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (jsc#SLE-8446). - RDMA/mlx5: Do not allow rereg of a ODP MR (jsc#SLE-8446). - IB/core: Fix wrong iterating on ports (jsc#SLE-8449). - RDMA/nldev: Reshuffle the code to avoid need to rebind QP in error path (jsc#SLE-8449). - RDMA/cxgb4: Do not dma memory off of the stack (jsc#SLE-8392). - RDMA/cm: Fix memory leak in cm_add/remove_one (jsc#SLE-8449). - RDMA/core: Fix an error handling path in 'res_get_common_doit()' (jsc#SLE-8449). - RDMA/i40iw: Associate ibdev to netdev before IB device registration (jsc#SLE-8449). - RDMA/iwcm: Fix a lock inversion issue (jsc#SLE-8449). - RDMA/iw_cxgb4: fix SRQ access from dump_qp() (jsc#SLE-8392). - RDMA/hfi1: Prevent memory leak in sdma_init (jsc#SLE-8449). - RDMA/core: Fix use after free and refcnt leak on ndev in_device in iwarp_query_port (jsc#SLE-8449). - RDMA/siw: Fix serialization issue in write_space() (jsc#SLE-8381). - RDMA/vmw_pvrdma: Free SRQ only once (jsc#SLE-8449). - mlx5: avoid 64-bit division in dr_icm_pool_mr_create() (jsc#SLE-8464). - devlink: Fix error handling in param and info_get dumpit cb (bsc#1154353). - sk_buff: drop all skb extensions on free and skb scrubbing (bsc#1154353). - bpf: Clean up indentation issue in BTF kflag processing (bsc#1154353). - xsk: relax UMEM headroom alignment (bsc#1154353). - bpf: fix BTF verification of enums (bsc#1154353). - net: sched: sch_sfb: don't call qdisc_put() while holding tree lock (bsc#1154353). - net: sched: multiq: don't call qdisc_put() while holding tree lock (bsc#1154353). - net: sched: sch_htb: don't call qdisc_put() while holding tree lock (bsc#1154353). - sch_netem: fix rcu splat in netem_enqueue() (bsc#1154353). - cxgb4: Signedness bug in init_one() (jsc#SLE-8389). - net/mlx5: DR, Allow matching on vport based on vhca_id (jsc#SLE-8464). - net/mlx5: DR, Fix getting incorrect prev node in ste_free (jsc#SLE-8464). - net/mlx5: DR, Remove redundant vport number from action (jsc#SLE-8464). - net/mlx5: DR, Fix SW steering HW bits and definitions (jsc#SLE-8464). - qede: qede_fp: simplify a bit 'qede_rx_build_skb()' (jsc#SLE-8401). - IB/hfi1: remove unlikely() from IS_ERR*() condition (jsc#SLE-8449). - mm/gup: add make_dirty arg to put_user_pages_dirty_lock() (jsc#SLE-8449). - PCI/P2PDMA: Update pci_p2pdma_distance_many() documentation (jsc#SLE-8449). - PCI/P2PDMA: Allow IOMMU for host bridge whitelist (jsc#SLE-8449). - PCI/P2PDMA: dma_map() requests that traverse the host bridge (jsc#SLE-8449). - PCI/P2PDMA: Store mapping method in an xarray (jsc#SLE-8449). - PCI/P2PDMA: Factor out __pci_p2pdma_map_sg() (jsc#SLE-8449). - PCI/P2PDMA: Introduce pci_p2pdma_unmap_sg() (jsc#SLE-8449). - PCI/P2PDMA: Add attrs argument to pci_p2pdma_map_sg() (jsc#SLE-8449). - PCI/P2PDMA: Whitelist some Intel host bridges (jsc#SLE-8449). - PCI/P2PDMA: Factor out host_bridge_whitelist() (jsc#SLE-8449). - PCI/P2PDMA: Apply host bridge whitelist for ACS (jsc#SLE-8449). - PCI/P2PDMA: Factor out __upstream_bridge_distance() (jsc#SLE-8449). - PCI/P2PDMA: Add constants for map type results to upstream_bridge_distance() (jsc#SLE-8449). - PCI/P2PDMA: Add provider's pci_dev to pci_p2pdma_pagemap struct (jsc#SLE-8449). - PCI/P2PDMA: Introduce private pagemap structure (jsc#SLE-8449). - RDMA/efa: Fix incorrect error print (jsc#SLE-5640). - RDMA/bnxt_re: Fix spelling mistake "missin_resp" -> "missing_resp" (jsc#SLE-8372 bsc#1153275). - IB/{rdmavt, hfi1, qib}: Add a counter for credit waits (jsc#SLE-8449). - IB/hfi1: Add traces for TID RDMA READ (jsc#SLE-8449). - RDMA/siw: Relax from kmap_atomic() use in TX path (jsc#SLE-8381). - IB/iser: Support up to 16MB data transfer in a single command (jsc#SLE-8449). - RDMA/siw: Fix page address mapping in TX path (jsc#SLE-8381). - RDMA: Fix goto target to release the allocated memory (jsc#SLE-8449). - RDMA/usnic: Avoid overly large buffers on stack (jsc#SLE-8449). - RDMA/odp: Add missing cast for 32 bit (jsc#SLE-8449). - IB/mlx5: Add page fault handler for DC initiator WQE (jsc#SLE-8446). - IB/mlx5: Remove check of FW capabilities in ODP page fault handling (jsc#SLE-8446). - RDMA/iwpm: Delete unnecessary checks before the macro call "dev_kfree_skb" (jsc#SLE-8449). - RDMA/efa: Use existing FIELD_SIZEOF macro (jsc#SLE-5640). - RDMA/efa: Remove umem check on dereg MR flow (jsc#SLE-5640). - RDMA/mlx5: RDMA_RX flow type support for user applications (jsc#SLE-8446). - RDMA: Delete DEBUG code (jsc#SLE-8449). - RDMA/mlx5: Annotate lock dependency in bind/unbind slave port (jsc#SLE-8446). - IB/mlx5: Expose XRQ legacy commands over the DEVX interface (jsc#SLE-8446). - IB/mlx5: Add legacy events to DEVX list (jsc#SLE-8446). - RDMA/{cxgb3, cxgb4, i40iw}: Remove common code (jsc#SLE-8449). - RDMA/core: Add common iWARP query port (jsc#SLE-8449). - RDMA/cxgb3: Use ib_device_set_netdev() (jsc#SLE-8449). - RDMA: Introduce ib_port_phys_state enum (jsc#SLE-8449). - RDMA/efa: Rate limit admin queue error prints (jsc#SLE-5640). - RDMA/core: Introduce ratelimited ibdev printk functions (jsc#SLE-8449). - rdma: Enable ib_alloc_cq to spread work over a device's comp_vectors (jsc#SLE-8449). - mlx5: Fix formats with line continuation whitespace (jsc#SLE-8464). - RDMA/mlx5: Remove DEBUG ODP code (jsc#SLE-8446). - RDMA/core: fix spelling mistake "Nelink" -> "Netlink" (jsc#SLE-8449). - infiniband: Remove dev_err() usage after platform_get_irq() (jsc#SLE-8449). - RDMA/efa: Expose device statistics (jsc#SLE-5640). - IB/bnxt_re: Do not notifify GID change event (jsc#SLE-8372 bsc#1153275). - IB/mlx5: Support per device q counters in switchdev mode (jsc#SLE-8446). - IB/mlx5: Refactor code for counters allocation (jsc#SLE-8446). - qed*: Change dpi_addr to be denoted with __iomem (jsc#SLE-8401). - IB/mlx5: Add CREATE_PSV/DESTROY_PSV for devx interface (jsc#SLE-8446). - RDMA/core: Support netlink commands in non init_net net namespaces (jsc#SLE-8449). - RDMA/mlx4: Annotate boolean arguments as bool and not int (jsc#SLE-8461). - RDMA/mlx4: Separate creation of RWQ and QP (jsc#SLE-8461). - IB/usnic: Use dev_get_drvdata (jsc#SLE-8449). - RDMA/qedr: Remove Unneeded variable rc (jsc#SLE-8215). - RDMA/qib: Unneeded variable ret (jsc#SLE-8449). - IB/mlx5: Avoid unnecessary typecast (jsc#SLE-8446). - RDMA/core: Annotate destroy of mutex to ensure that it is released as unlocked (jsc#SLE-8449). - RDMA/hns: Fix comparison of unsigned long variable 'end' with less than zero (jsc#SLE-8449). - RDMA/mlx4: Untag user pointers in mlx4_get_umem_mr (jsc#SLE-8461). - IB/hfi1: Remove unused define (jsc#SLE-8449). - RDMA/odp: remove ib_ucontext from ib_umem (jsc#SLE-8449). - RDMA/odp: use mmu_notifier_get/put for 'struct ib_ucontext_per_mm' (jsc#SLE-8449). - RDMA/mlx5: Use odp instead of mr->umem in pagefault_mr (jsc#SLE-8446). - RDMA/mlx5: Use ib_umem_start instead of umem.address (jsc#SLE-8446). - RDMA/core: Make invalidate_range a device operation (jsc#SLE-8449). - RDMA/odp: Use kvcalloc for the dma_list and page_list (jsc#SLE-8449). - RDMA/odp: Check for overflow when computing the umem_odp end (jsc#SLE-8449). - RDMA/odp: Provide ib_umem_odp_release() to undo the allocs (jsc#SLE-8449). - RDMA/odp: Split creating a umem_odp from ib_umem_get (jsc#SLE-8449). - RDMA/odp: Make the three ways to create a umem_odp clear (jsc#SLE-8449). - RMDA/odp: Consolidate umem_odp initialization (jsc#SLE-8449). - RDMA/odp: Make it clearer when a umem is an implicit ODP umem (jsc#SLE-8449). - RDMA/odp: Iterate over the whole rbtree directly (jsc#SLE-8449). - RDMA/odp: Use the common interval tree library instead of generic (jsc#SLE-8449). - refresh configs (INTERVAL_TREE=y on s390x) - mm/mmu_notifiers: add a get/put scheme for the registration (jsc#SLE-8449). - mm/mmu_notifiers: do not speculatively allocate a mmu_notifier_mm (jsc#SLE-8449). - mm/mmu_notifiers: hoist do_mmu_notifier_register down_write to the caller (jsc#SLE-8449). - infiniband: don't bother with d_delete() (jsc#SLE-8449). - ethtool: implement Energy Detect Powerdown support via phy-tunable (bsc#1154353). - drop_monitor: Better sanitize notified packets (bsc#1154353). - tcp: Add snd_wnd to TCP_INFO (bsc#1154353). - tcp: Add TCP_INFO counter for packets received out-of-order (bsc#1154353). - bpf: fix accessing bpf_sysctl.file_pos on s390 (bsc#1154353). - xdp: Fix race in dev_map_hash_update_elem() when replacing element (bsc#1154353). - kcm: use BPF_PROG_RUN (bsc#1154353). - net: sched: use get_dev() action API in flow_action infra (bsc#1154353). - net: sched: take reference to psample group in flow_action infra (bsc#1154353). - net: sched: extend flow_action_entry with destructor (bsc#1154353). - qed: fix spelling mistake "fullill" -> "fulfill" (jsc#SLE-8401). - net: devlink: move reload fail indication to devlink core and expose to user (bsc#1154353). - net: devlink: split reload op into two (bsc#1154353). - mlx4: Split restart_one into two functions (jsc#SLE-8460). - cxgb4: Fix spelling typos (jsc#SLE-8389). - nfp: read chip model from the PluDevice register (bsc#1154353). - qed: Fix Config attribute frame format (jsc#SLE-8401). - qed*: Fix size of config attribute dump (jsc#SLE-8401). - nfp: devlink: set unknown fw_load_policy (bsc#1154353). - devlink: add unknown 'fw_load_policy' value (bsc#1154353). - net/mlx5: FWTrace, Reduce stack usage (jsc#SLE-8464). - net/mlx5: Fix addr's type in mlx5dr_icm_dm (jsc#SLE-8464). - net/mlx5: Fix rt's type in dr_action_create_reformat_action (jsc#SLE-8464). - kdoc: fix nfp_fw_load documentation (bsc#1154353). - nfp: devlink: add 'reset_dev_on_drv_probe' support (bsc#1154353). - nfp: devlink: add 'fw_load_policy' support (bsc#1154353). - nfp: add devlink param infrastructure (bsc#1154353). - nfp: honor FW reset and loading policies (bsc#1154353). - nfp: nsp: add support for hwinfo set operation (bsc#1154353). - nfp: nsp: add support for optional hwinfo lookup (bsc#1154353). - nfp: nsp: add support for fw_loaded command (bsc#1154353). - devlink: add 'reset_dev_on_drv_probe' param (bsc#1154353). - devlink: extend 'fw_load_policy' values (bsc#1154353). - net/mlx4_en: ethtool: make array modes static const, makes object smaller (jsc#SLE-8460). - net/tls: align non temporal copy to cache lines (bsc#1154353). - net/tls: remove the record tail optimization (bsc#1154353). - net/tls: use RCU for the adder to the offload record list (bsc#1154353). - net/tls: unref frags in order (bsc#1154353). - be2net: make two arrays static const, makes object smaller (jsc#SLE-8375). - net/mlx5e: Add port buffer's congestion counters (jsc#SLE-8464). - net/mlx5: Expose HW capability bits for port buffer per priority congestion counters (jsc#SLE-8464). - net/mlx5: DR, Remove redundant dev_name print from err log (jsc#SLE-8464). - net/mlx5: DR, Fix error return code in dr_domain_init_resources() (jsc#SLE-8464). - net/mlx5: DR, Remove useless set memory to zero use memset() (jsc#SLE-8464). - net/mlx5e: Remove unnecessary clear_bit()s (jsc#SLE-8464). - net/mlx5e: kTLS, Remove unused function parameter (jsc#SLE-8464). - net/mlx5: Use PTR_ERR_OR_ZERO rather than its implementation (jsc#SLE-8464). - net/mlx5: fix missing assignment of variable err (jsc#SLE-8464). - net/mlx5: fix spelling mistake "offlaods" -> "offloads" (jsc#SLE-8464). - net/mlx5e: Remove leftover declaration (jsc#SLE-8464). - net/mlx5e: Use ipv6_stub to avoid dependency with ipv6 being a module (jsc#SLE-8464). - net/mlx5: Kconfig: Fix MLX5_CORE dependency with PCI_HYPERV_INTERFACE (jsc#SLE-8464). - net/mlx5e: Fix static checker warning of potential pointer math issue (jsc#SLE-8464). - tcp: ulp: fix possible crash in tcp_diag_get_aux_size() (bsc#1154353). - net: fib_notifier: move fib_notifier_ops from struct net into per-net struct (bsc#1154353). - xsk: lock the control mutex in sock_diag interface (bsc#1154353). - xsk: avoid store-tearing when assigning umem (bsc#1154353). - xsk: avoid store-tearing when assigning queues (bsc#1154353). - net/mlx5e: Allow XSK frames smaller than a page (jsc#SLE-8464). - mlx5e: modify driver for handling offsets (jsc#SLE-8464). - bpf: fix error check in bpf_tcp_gen_syncookie (bsc#1154353). - nfp: bpf: add simple map op cache (bsc#1154353). - nfp: bpf: rework MTU checking (bsc#1154353). - bpf: introduce verifier internal test flag (bsc#1154353). - xdp: xdp_umem: replace kmap on vmap for umem map (bsc#1154353). - bpf: add new BPF_BTF_GET_NEXT_ID syscall command (bsc#1154353). - bpf: add BTF ids in procfs for file descriptors to BTF objects (bsc#1154353). - bpf: Use PTR_ERR_OR_ZERO in xsk_map_inc() (bsc#1154353). - xsk: support BPF_EXIST and BPF_NOEXIST flags in XSKMAP (bsc#1154353). - bpf: support cloning sk storage on accept() (bsc#1154353). - bpf: export bpf_map_inc_not_zero (bsc#1154353). - net: Don't call XDP_SETUP_PROG when nothing is changed (bsc#1154353). - net/mlx5e: Add AF_XDP need_wakeup support (jsc#SLE-8464). - net/mlx5e: Move the SW XSK code from NAPI poll to a separate function (jsc#SLE-8464). - btf: fix return value check in btf_vmlinux_init() (bsc#1154353). - net_sched: act_police: add 2 new attributes to support police 64bit rate and peakrate (bsc#1154353). - nfp: Drop unnecessary continue in nfp_net_pf_alloc_vnics (bsc#1154353). - net: qed: Move static keyword to the front of declaration (jsc#SLE-8401). - net/tls: dedup the record cleanup (bsc#1154353). - net/tls: clean up the number of #ifdefs for CONFIG_TLS_DEVICE (bsc#1154353). - net/tls: narrow down the critical area of device_offload_lock (bsc#1154353). - net/tls: don't jump to return (bsc#1154353). - net/tls: use the full sk_proto pointer (bsc#1154353). - net/sched: cbs: remove redundant assignment to variable port_rate (bsc#1154353). - devlink: Add new info version tags for ASIC and FW (bsc#1154353). - net/mlx5: Add devlink flow_steering_mode parameter (jsc#SLE-8464). - net/mlx5: Add support to use SMFS in switchdev mode (jsc#SLE-8464). - net/mlx5: Add API to set the namespace steering mode (jsc#SLE-8464). - net/mlx5: Add direct rule fs_cmd implementation (jsc#SLE-8464). - net/mlx5: DR, Add CONFIG_MLX5_SW_STEERING for software steering support (jsc#SLE-8464). - update configs (MLX5_SW_STEERING=y) - net/mlx5: DR, Expose APIs for direct rule managing (jsc#SLE-8464). - net/mlx5: DR, Add required FW steering functionality (jsc#SLE-8464). - net/mlx5: DR, Expose steering rule functionality (jsc#SLE-8464). - net/mlx5: DR, Expose steering action functionality (jsc#SLE-8464). - net/mlx5: DR, Expose steering matcher functionality (jsc#SLE-8464). - net/mlx5: DR, Expose steering table functionality (jsc#SLE-8464). - net/mlx5: DR, Expose steering domain functionality (jsc#SLE-8464). - net/mlx5: DR, Add Steering entry (STE) utilities (jsc#SLE-8464). - net/mlx5: DR, Expose an internal API to issue RDMA operations (jsc#SLE-8464). - net/mlx5: DR, ICM pool memory allocator (jsc#SLE-8464). - net/mlx5: DR, Add direct rule command utilities (jsc#SLE-8464). - net/mlx5: DR, Add the internal direct rule types definitions (jsc#SLE-8464). - net/mlx5: Add flow steering actions to fs_cmd shim layer (jsc#SLE-8464). - net/mlx5: Set only stag for match untagged packets (jsc#SLE-8464). - net/mlx5: Avoid disabling RoCE when uninitialized (jsc#SLE-8464). - net/mlx5: Add HW bits and definitions required for SW steering (jsc#SLE-8464). - net/mlx5: Move device memory management to mlx5_core (jsc#SLE-8464). - mlx5: Add missing init_net check in FIB notifier (jsc#SLE-8464). - devlink: Use switch-case instead of if-else (bsc#1154353). - devlink: Make port index data type as unsigned int (bsc#1154353). - net: tls: export protocol version, cipher, tx_conf/rx_conf to socket diag (bsc#1154353). - tcp: ulp: add functions to dump ulp-specific information (bsc#1154353). - net/tls: use RCU protection on icsk->icsk_ulp_data (bsc#1154353). - qede: Add support for dumping the grc data (jsc#SLE-8401). - qed: Add APIs for configuring grc dump config flags (jsc#SLE-8401). - qede: Add support for reading the config id attributes (jsc#SLE-8401). - qed: Add APIs for reading config id attributes (jsc#SLE-8401). - udp: Remove unlikely() from IS_ERR*() condition (bsc#1154353). - net/mlx5e: Remove unlikely() from WARN*() condition (jsc#SLE-8464). - net/mlx5e: Move local var definition into ifdef block (jsc#SLE-8464). - net: sched: cls_matchall: cleanup flow_action before deallocating (bsc#1154353). - sched: act_vlan: implement stats_update callback (bsc#1154353). - net/mlx5e: Support TSO and TX checksum offloads for IP-in-IP tunnels (jsc#SLE-8464). - net/mlx5e: Improve stateless offload capability check (jsc#SLE-8464). - net/mlx5e: Support RSS for IP-in-IP and IPv6 tunneled packets (jsc#SLE-8464). - net/mlx5e: Change function's position to a more fitting file (jsc#SLE-8464). - net/mlx5e: Add device out of buffer counter (jsc#SLE-8464). - net/mlx5e: Support LAG TX port affinity distribution (jsc#SLE-8464). - net/mlx5e: Expose new function for TIS destroy loop (jsc#SLE-8464). - net/mlx5e: ethtool, Fix a typo in WOL function names (jsc#SLE-8464). - net/mlx5: Set ODP capabilities for DC transport to max (jsc#SLE-8464). - net/mlx5: fix a -Wstringop-truncation warning (jsc#SLE-8464). - net/mlx5: Create bypass and loopback flow steering namespaces for RDMA RX (jsc#SLE-8464). - net/mlx5: Add per-namespace flow table default miss action support (jsc#SLE-8464). - net/mlx5: Add lag_tx_port_affinity capability bit (jsc#SLE-8464). - net/mlx5: Expose IP-in-IP capability bit (jsc#SLE-8464). - net/mlx5: Add support for VNIC_ENV internal rq counter (jsc#SLE-8464). - net/mlx5: Improve functions documentation (jsc#SLE-8464). - net/mlx5: Add missing include file to lib/crypto.c (jsc#SLE-8464). - net/mlx5: Add XRQ legacy commands opcodes (jsc#SLE-8464). - net/mlx5: Use debug message instead of warn (jsc#SLE-8464). - mlx5: Use refcount_t for refcount (jsc#SLE-8464). - net/mlx5: remove self-assignment on esw->dev (jsc#SLE-8464). - IB/mlx5: Support MLX5_CMD_OP_QUERY_LAG as a DEVX general command (jsc#SLE-8446). - net/mlx5: Fix mlx5_ifc_query_lag_out_bits (jsc#SLE-8464). - nfp: add AMDA0058 boards to firmware list (bsc#1154353). - net: sched: flower: don't take rtnl lock for cls hw offloads API (bsc#1154353). - net: sched: copy tunnel info when setting flow_action entry->tunnel (bsc#1154353). - net: sched: take reference to action dev before calling offloads (bsc#1154353). - net: sched: take rtnl lock in tc_setup_flow_action() (bsc#1154353). - net: sched: conditionally obtain rtnl lock in cls hw offloads API (bsc#1154353). - net: sched: add API for registering unlocked offload block callbacks (bsc#1154353). - net: sched: notify classifier on successful offload add/delete (bsc#1154353). - net: sched: refactor block offloads counter usage (bsc#1154353). - net: sched: change tcf block offload counter type to atomic_t (bsc#1154353). - net: sched: protect block offload-related fields with rw_semaphore (bsc#1154353). - =?UTF-8?q?net/core/skmsg:=20Delete=20an=20unnecessary=20c?= =?UTF-8?q?heck=20before=20the=20function=20call=20=E2=80=9Cconsume=5Fskb?= =?UTF-8?q?=E2=80=9D?= (bsc#1154353). - net: use unlikely for dql_avail case (bsc#1154353). - drop_monitor: Make timestamps y2038 safe (bsc#1154353). - net/mlx5: Fix return code in case of hyperv wrong size read (jsc#SLE-8464). - net: ipv6: fix listify ip6_rcv_finish in case of forwarding (bsc#1154353). - net/mlx5e: Add mlx5e HV VHCA stats agent (jsc#SLE-8464). - net/mlx5: Add HV VHCA control agent (jsc#SLE-8464). - net/mlx5: Add HV VHCA infrastructure (jsc#SLE-8464). - net/mlx5: Add wrappers for HyperV PCIe operations (jsc#SLE-8464). - net/mlx5e: Add trace point for neigh update (jsc#SLE-8464). - net/mlx5e: Add trace point for neigh used value update (jsc#SLE-8464). - net/mlx5e: Add tc flower tracepoints (jsc#SLE-8464). - net/mlx5e: Only access fully initialized flows in neigh update (jsc#SLE-8464). - net/mlx5e: Refactor neigh update for concurrent execution (jsc#SLE-8464). - net/mlx5e: Refactor neigh used value update for concurrent execution (jsc#SLE-8464). - net/mlx5e: Protect neigh hash encap list with spinlock and rcu (jsc#SLE-8464). - net/mlx5e: Refactor mlx5e_neigh_update_table->encap_lock (jsc#SLE-8464). - net/mlx5e: Extend neigh hash entry with rcu (jsc#SLE-8464). - net/mlx5e: Always take reference to neigh entry (jsc#SLE-8464). - net/mlx5e: Extract code that queues neigh update work into function (jsc#SLE-8464). - net/mlx5: Fix the order of fc_stats cleanup (jsc#SLE-8464). - net/mlx5e: Fix deallocation of non-fully init encap entries (jsc#SLE-8464). - net/mlx5e: Report and recover from CQE with error on RQ (jsc#SLE-8464). - net/mlx5e: RX, Handle CQE with error at the earliest stage (jsc#SLE-8464). - net/mlx5e: Report and recover from rx timeout (jsc#SLE-8464). - net/mlx5e: Report and recover from CQE error on ICOSQ (jsc#SLE-8464). - net/mlx5e: Split open/close ICOSQ into stages (jsc#SLE-8464). - net/mlx5e: Add support to rx reporter diagnose (jsc#SLE-8464). - net/mlx5e: Add helper functions for reporter's basics (jsc#SLE-8464). - net/mlx5e: Add cq info to tx reporter diagnose (jsc#SLE-8464). - net/mlx5e: Extend tx reporter diagnostics output (jsc#SLE-8464). - net/mlx5e: Extend tx diagnose function (jsc#SLE-8464). - net/mlx5e: Generalize tx reporter's functionality (jsc#SLE-8464). - net/mlx5e: Change naming convention for reporter's functions (jsc#SLE-8464). - net/mlx5e: Rename reporter header file (jsc#SLE-8464). - net: flow_offload: convert block_ing_cb_list to regular list type (bsc#1154353). - be2net: eliminate enable field from be_aic_obj (jsc#SLE-8375). - Documentation: Add devlink-trap documentation (bsc#1154353). - devlink: Add generic packet traps and groups (bsc#1154353). - devlink: Add packet trap infrastructure (bsc#1154353). - refresh configs - drop_monitor: Allow user to start monitoring hardware drops (bsc#1154353). - drop_monitor: Add support for summary alert mode for hardware drops (bsc#1154353). - drop_monitor: Add support for packet alert mode for hardware drops (bsc#1154353). - drop_monitor: Consider all monitoring states before performing configuration (bsc#1154353). - drop_monitor: Add basic infrastructure for hardware drops (bsc#1154353). - drop_monitor: Initialize hardware per-CPU data (bsc#1154353). - drop_monitor: Move per-CPU data init/fini to separate functions (bsc#1154353). - qed: Add driver API for flashing the config attributes (jsc#SLE-8401). - qed: Add API for configuring NVM attributes (jsc#SLE-8401). - page_pool: fix logic in __page_pool_get_cached (bsc#1154353). - page_pool: remove unnecessary variable init (bsc#1154353). - net: devlink: remove redundant rtnl lock assert (bsc#1154353). - btf: rename /sys/kernel/btf/kernel into /sys/kernel/btf/vmlinux (bsc#1154353). - btf: expose BTF info through sysfs (bsc#1154353). - xdp: xdp_umem: fix umem pages mapping for 32bits systems (bsc#1154353). - bpf: always allocate at least 16 bytes for setsockopt hook (bsc#1154353). - bpf: add bpf_tcp_gen_syncookie helper (bsc#1154353). - tcp: add skb-less helpers to retrieve SYN cookie (bsc#1154353). - tcp: tcp_syn_flood_action read port from socket (bsc#1154353). - xdp: Add devmap_hash map type for looking up devices by hashed index (bsc#1154353). - xdp: Refactor devmap allocation code for reuse (bsc#1154353). - include/bpf.h: Remove map_insert_ctx() stubs (bsc#1154353). - bpf/flow_dissector: support ipv6 flow_label and BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL (bsc#1154353). - selftests/bpf: support BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG (bsc#1154353). - tools/bpf: sync bpf_flow_keys flags (bsc#1154353). - bpf/flow_dissector: support flags in BPF_PROG_TEST_RUN (bsc#1154353). - bpf/flow_dissector: pass input flags to BPF flow dissector program (bsc#1154353). - selftests/bpf: Add selftests for bpf_perf_event_output (bsc#1154353). - bpf: Allow bpf_skb_event_output for a few prog types (bsc#1154353). - selftests/bpf: remove perf buffer helpers (bsc#1154353). - selftests/bpf: switch test_tcpnotify to perf_buffer API (bsc#1154353). - selftests/bpf: convert test_get_stack_raw_tp to perf_buffer API (bsc#1154353). - devlink: send notifications for deleted snapshots on region destroy (bsc#1154353). - drop_monitor: Expose tail drop counter (bsc#1154353). - drop_monitor: Make drop queue length configurable (bsc#1154353). - drop_monitor: Add a command to query current configuration (bsc#1154353). - drop_monitor: Allow truncation of dropped packets (bsc#1154353). - drop_monitor: Add packet alert mode (bsc#1154353). - drop_monitor: Add alert mode operations (bsc#1154353). - drop_monitor: Require CAP_NET_ADMIN for drop monitor configuration (bsc#1154353). - drop_monitor: Reset per-CPU data before starting to trace (bsc#1154353). - drop_monitor: Initialize timer and work item upon tracing enable (bsc#1154353). - drop_monitor: Split tracing enable / disable to different functions (bsc#1154353). - nfp: no need to check return value of debugfs_create functions (bsc#1154353). - cxgb4: no need to check return value of debugfs_create functions (jsc#SLE-8389). - mlx5: no need to check return value of debugfs_create functions (jsc#SLE-8464). - net/mlx5e: Use refcount_t for refcount (jsc#SLE-8464). - net/mlx5e: Use vhca_id in generating representor port_index (jsc#SLE-8464). - net/mlx5e: Simplify querying port representor parent id (jsc#SLE-8464). - net/mlx5: E-switch, Removed unused hwid (jsc#SLE-8464). - net/mlx5e: Allow concurrent creation of encap entries (jsc#SLE-8464). - net/mlx5e: Protect encap hash table with mutex (jsc#SLE-8464). - net/mlx5e: Extend encap entry with reference counter (jsc#SLE-8464). - net/mlx5e: Allow concurrent creation of mod_hdr entries (jsc#SLE-8464). - net/mlx5e: Protect mod_hdr hash table with mutex (jsc#SLE-8464). - net/mlx5e: Protect mod header entry flows list with spinlock (jsc#SLE-8464). - net/mlx5e: Extend mod header entry with reference counter (jsc#SLE-8464). - net/mlx5e: Allow concurrent creation of hairpin entries (jsc#SLE-8464). - net/mlx5e: Protect hairpin hash table with mutex (jsc#SLE-8464). - net/mlx5e: Protect hairpin entry flows list with spinlock (jsc#SLE-8464). - net/mlx5e: Extend hairpin entry with reference counter (jsc#SLE-8464). - devlink: remove pointless data_len arg from region snapshot create (jsc#SLE-8460). - fq_codel: remove set but not used variables 'prev_ecn_mark' and 'prev_drop_count' (bsc#1154353). - flow_offload: support get multi-subsystem block (bsc#1154353). - flow_offload: move tc indirect block to flow offload (bsc#1154353). - cls_api: add flow_indr_block_call function (bsc#1154353). - cls_api: remove the tcf_block cache (bsc#1154353). - cls_api: modify the tc_indr_block_ing_cmd parameters (bsc#1154353). - net: use listified RX for handling GRO_NORMAL skbs (bsc#1154353). - sfc: falcon: don't score irq moderation points for GRO (jsc#SLE-8314). - sfc: don't score irq moderation points for GRO (jsc#SLE-8314). - qed: Add new ethtool supported port types based on media (jsc#SLE-8401). - cxgb4: smt: Use normal int for refcount (jsc#SLE-8389). - cxgb4: smt: Add lock for atomic_dec_and_test (jsc#SLE-8389). - nfp: flower: encode mac indexes with pre-tunnel rule check (bsc#1154353). - nfp: flower: remove offloaded MACs when reprs are applied to OvS bridges (bsc#1154353). - nfp: flower: offload pre-tunnel rules (bsc#1154353). - nfp: flower: verify pre-tunnel rules (bsc#1154353). - nfp: flower: detect potential pre-tunnel rules (bsc#1154353). - nfp: flower: push vlan after tunnel in merge (bsc#1154353). - net: sched: add ingress mirred action to hardware IR (bsc#1154353). - net: tc_act: add helpers to detect ingress mirred actions (bsc#1154353). - net: sched: add skbedit of ptype action to hardware IR (bsc#1154353). - net: tc_act: add skbedit_ptype helper functions (bsc#1154353). - fq_codel: Kill useless per-flow dropped statistic (bsc#1154353). - Increase fq_codel count in the bulk dropper (bsc#1154353). - drop_monitor: Use pre_doit / post_doit hooks (bsc#1154353). - drop_monitor: Add extack support (bsc#1154353). - drop_monitor: Avoid multiple blank lines (bsc#1154353). - drop_monitor: Document scope of spinlock (bsc#1154353). - drop_monitor: Rename and document scope of mutex (bsc#1154353). - drop_monitor: Use correct error code (bsc#1154353). - net/mlx5e: Allow dropping specific tunnel packets (jsc#SLE-8464). - net/mlx5e: TX reporter cleanup (jsc#SLE-8464). - net/mlx5e: Set tx reporter only on successful creation (jsc#SLE-8464). - net/mlx5e: Fix mlx5e_tx_reporter_create return value (jsc#SLE-8464). - net/mlx5e: Rx, checksum handling refactoring (jsc#SLE-8464). - net/mlx5e: Tx, Soften inline mode VLAN dependencies (jsc#SLE-8464). - net/mlx5e: XDP, Slight enhancement for WQE fetch function (jsc#SLE-8464). - net/mlx5e: XDP, Close TX MPWQE session when no room for inline packet left (jsc#SLE-8464). - net/mlx5e: Tx, Strict the room needed for SQ edge NOPs (jsc#SLE-8464). - net/mlx5: Add flow counter pool (jsc#SLE-8464). - net/mlx5: Add flow counter bulk infrastructure (jsc#SLE-8464). - net/mlx5: E-Switch, add ingress rate support (jsc#SLE-8464). - net/mlx5: E-switch, Tide up eswitch config sequence (jsc#SLE-8464). - net/mlx5: E-Switch, Remove redundant mc_promisc NULL check (jsc#SLE-8464). - net/mlx5: E-Switch, remove redundant error handling (jsc#SLE-8464). - net/mlx5: E-switch, Introduce helper function to enable/disable vports (jsc#SLE-8464). - net/mlx5: E-switch, Initialize TSAR Qos hardware block before its user vports (jsc#SLE-8464). - net/mlx5: E-switch, Combine metadata enable/disable functionality (jsc#SLE-8464). - net/mlx5: E-Switch, Verify support QoS element type (jsc#SLE-8464). - net/mlx5: Make load_one() and unload_one() symmetric (jsc#SLE-8464). - net/mlx5: Fix offset of tisc bits reserved field (jsc#SLE-8464). - net/mlx5: Add flow counter bulk allocation hardware bits and command (jsc#SLE-8464). - net/mlx5: Refactor and optimize flow counter bulk query (jsc#SLE-8464). - net/mlx5: fix -Wtype-limits compilation warnings (jsc#SLE-8464). - net/mlx5e: Protect tc flow table with mutex (jsc#SLE-8464). - net/mlx5e: Rely on rcu instead of rtnl lock when getting upper dev (jsc#SLE-8464). - net/mlx5e: Eswitch, use state_lock to synchronize vlan change (jsc#SLE-8464). - net/mlx5e: Eswitch, change offloads num_flows type to atomic64 (jsc#SLE-8464). - net/mlx5e: Protect unready flows with dedicated lock (jsc#SLE-8464). - net/mlx5e: Protect tc flows hashtable with rcu (jsc#SLE-8464). - net/mlx5e: Change flow flags type to unsigned long (jsc#SLE-8464). - net/mlx5e: Extend tc flow struct with reference counter (jsc#SLE-8464). - net/mlx5e: Simplify get_route_and_out_devs helper function (jsc#SLE-8464). - net/mlx5e: Fix unnecessary flow_block_cb_is_busy call (jsc#SLE-8464). - net/mlx5e: Improve ethtool rxnfc callback structure (jsc#SLE-8464). - net/mlx5e: Avoid warning print when not required (jsc#SLE-8464). - net/mlx5e: Print a warning when LRO feature is dropped or not allowed (jsc#SLE-8464). - linux: Remove bvec page_offset, use bv_offset (bsc#1154353). - mlx4/en_netdev: allow offloading VXLAN over VLAN (jsc#SLE-8460). - net: neigh: remove redundant assignment to variable bucket (bsc#1154353). - net: sfc: falcon: convert to i2c_new_dummy_device (jsc#SLE-8314). - mlx4: avoid large stack usage in mlx4_init_hca() (jsc#SLE-8460). - qed: reduce maximum stack frame size (jsc#SLE-8401). - sfc-falcon: Use dev_get_drvdata where possible (jsc#SLE-8314). - sfc: Use dev_get_drvdata where possible (jsc#SLE-8314). - nfp: flower: offload MPLS set action (bsc#1154353). - nfp: flower: offload MPLS pop action (bsc#1154353). - nfp: flower: offload MPLS push action (bsc#1154353). - net: sched: include mpls actions in hardware intermediate representation (bsc#1154353). - net/mlx5e: xsk: dynamically allocate mlx5e_channel_param (jsc#SLE-8464). - drivers: Introduce device lookup variants by fwnode (jsc#SLE-8449). - drivers: Introduce device lookup variants by of_node (jsc#SLE-8449). - drivers: Introduce device lookup variants by name (jsc#SLE-8449). - commit 1851aa6 - ipmi_ssif: avoid registering duplicate ssif interface (jsc#SLE-10031). - commit a68b3cc - tcp: fix slab-out-of-bounds in tcp_zerocopy_receive() (jsc#SLE-7979 jsc#SLE-7981). - bpf/xskmap: Return ERR_PTR for failure case instead of NULL (jsc#SLE-8025). - xsk: use state member for socket synchronization (jsc#SLE-8025). - staging: octeon: Fix build failure due to typo (jsc#SLE-7979 jsc#SLE-7981). - ftgmac100: Fix build (jsc#SLE-7979 jsc#SLE-7981). - commit 01068a7 - Btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713). - commit 3467605 - cfg80211: wext: avoid copying malformed SSIDs (bsc#1153158 CVE-2019-17133). - commit 3ac14b4 ++++ lz4: - security update - added patches CVE-2019-17543 [bsc#1153936] + lz4-CVE-2019-17543.patch merge LZ4_compress_destSize_generic and LZ4_compress_generic + lz4-merge-_destSize-variant-to-LZ4_compress_generic.patch ++++ openssh: - Update openssh-7.7p1-audit.patch to fix crash (bsc#1152730). Fix by Enzo Matsumiya (ematsumiya@suse.com). This was integrated in a separate code stream merged with the Oct. 10 update; the patch was also rebased and renamed to openssh-8.1p1-audit.patch. ++++ qemu: - use %gcc_version for cross compilers (boo#1153703) ------------------------------------------------------------------ ------------------ 2019-10-16 - Oct 16 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-12-80d14205f913cc67a98c562f988ea700a56c369b.patch * service: check if there is a second argument before using it (bsc#1051143) ++++ kernel-default: - bnxt_en: Add a new BNXT_FW_RESET_STATE_POLL_FW_DOWN state (jsc#SLE-8371 bsc#1153274). - bnxt_en: Update firmware interface spec. to 1.10.0.100 (jsc#SLE-8371 bsc#1153274). - bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands (jsc#SLE-8371 bsc#1153274). - bnxt_en: Don't proceed in .ndo_set_rx_mode() when device is not in open state (jsc#SLE-8371 bsc#1153274). - ixgbe: fix xdp handle calculations (jsc#SLE-7979 jsc#SLE-7981). - i40e: fix xdp handle calculations (jsc#SLE-8025). - ice: Bump version (jsc#SLE-7926). - ice: Enable DDP package download (jsc#SLE-7926). - ice: Initialize DDP package structures (jsc#SLE-7926). - ice: Implement Dynamic Device Personalization (DDP) download (jsc#SLE-7926). - ice: Fix FW version formatting in dmesg (jsc#SLE-7926). - ice: send driver version to firmware (jsc#SLE-7926). - i40e: fix potential RX buffer starvation for AF_XDP (jsc#SLE-8025). - net/ixgbevf: make array api static const, makes object smaller (jsc#SLE-7979 jsc#SLE-7981). - iavf: fix MAC address setting for VFs when filter is rejected (jsc#SLE-7940). - i40e: clear __I40E_VIRTCHNL_OP_PENDING on invalid min Tx rate (jsc#SLE-8025). - i40e: use BIT macro to specify the cloud filter field flags (jsc#SLE-8025). - i40e: Fix message for other card without FEC (jsc#SLE-8025). - i40e: fix missed "Negotiated" string in i40e_print_link_message() (jsc#SLE-8025). - i40e: mark additional missing bits as reserved (jsc#SLE-8025). - i40e: remove I40E_AQC_ADD_CLOUD_FILTER_OIP (jsc#SLE-8025). - i40e: use ktime_get_real_ts64 instead of ktime_to_timespec64 (jsc#SLE-8025). - ixgbe: use skb_get_queue_mapping in tx path (jsc#SLE-7979 jsc#SLE-7981). - ixgbe: fix memory leaks (jsc#SLE-7979 jsc#SLE-7981). - i40e: Add support for X710 device (jsc#SLE-8025). - igc: Add tx_csum offload functionality (jsc#SLE-7966). - ixgbe: sync the first fragment unconditionally (jsc#SLE-7979 jsc#SLE-7981). - i40e: Remove EMPR traces from debugfs facility (jsc#SLE-8025). - i40e: Implement debug macro hw_dbg using dev_dbg (jsc#SLE-8025). - i40e: fix hw_dbg usage in i40e_hmc_get_object_va (jsc#SLE-8025). - igc: Remove unneeded PCI bus defines (jsc#SLE-7966). - iavf: allow permanent MAC address to change (jsc#SLE-7940). - igc: Add NVM checksum validation (jsc#SLE-7966). - fm10k: use a local variable for the frag pointer (jsc#SLE-8009). - igc: Remove useless forward declaration (jsc#SLE-7966). - e1000e: Make speed detection on hotplugging cable more reliable (jsc#SLE-8100). - ixgbevf: Link lost in VM on ixgbevf when restoring from freeze or suspend (jsc#SLE-7979 jsc#SLE-7981). - iavf: remove unused debug function iavf_debug_d (jsc#SLE-7940). - ice: Rework around device/function capabilities (jsc#SLE-7926). - ice: change default number of receive descriptors (jsc#SLE-7926). - ice: Minor refactor in queue management (jsc#SLE-7926). - ice: Allow for delayed LLDP MIB change registration (jsc#SLE-7926). - ice: update Tx context struct (jsc#SLE-7926). - ice: Report VF link status with opcode to get resources (jsc#SLE-7926). - ice: Check for DCB capability before initializing DCB (jsc#SLE-7926). - ice: report link down for VF when PF's queues are not enabled (jsc#SLE-7926). - ice: Reliably reset VFs (jsc#SLE-7926). - ice: change work limit to a constant (jsc#SLE-7926). - ice: small efficiency fixes (jsc#SLE-7926). - ice: move code closer together (jsc#SLE-7926). - ice: clean up arguments (jsc#SLE-7926). - ice: Check root pointer for validity (jsc#SLE-7926). - ice: Add ice_get_main_vsi to get PF/main VSI (jsc#SLE-7926). - ice: Update fields in ice_vsi_set_num_qs when reconfiguring (jsc#SLE-7926). - ixgbe: fix xdp handle calculations (jsc#SLE-7979 jsc#SLE-7981). - i40e: fix xdp handle calculations (jsc#SLE-8025). - ixgbe: modify driver for handling offsets (jsc#SLE-7979 jsc#SLE-7981). - i40e: modify driver for handling offsets (jsc#SLE-8025). - xsk: add support to allow unaligned chunk placement (jsc#SLE-8025). - ixgbe: simplify Rx buffer recycle (jsc#SLE-7979 jsc#SLE-7981). - i40e: simplify Rx buffer recycle (jsc#SLE-8025). - xsk: remove AF_XDP socket from map when the socket is released (jsc#SLE-8025). - ixgbe: add support for AF_XDP need_wakeup feature (jsc#SLE-7979 jsc#SLE-7981). - i40e: add support for AF_XDP need_wakeup feature (jsc#SLE-8025). - xsk: add support for need_wakeup flag in AF_XDP rings (jsc#SLE-8025). - xsk: replace ndo_xsk_async_xmit with ndo_xsk_wakeup (jsc#SLE-7979 jsc#SLE-7981). - ixgbe: Use kzfree() rather than its implementation (jsc#SLE-7979 jsc#SLE-7981). - ice: Only disable VLAN pruning for the VF when all VLANs are removed (jsc#SLE-7926). - ice: Remove enable DCB when SW LLDP is activated (jsc#SLE-7926). - ice: Report stats when VSI is down (jsc#SLE-7926). - ice: Always notify FW of VF reset (jsc#SLE-7926). - ice: Correctly handle return values for init DCB (jsc#SLE-7926). - ice: Limit Max TCs on devices with more than 4 ports (jsc#SLE-7926). - ice: Cleanup defines in ice_type.h (jsc#SLE-7926). - ice: print extra message if topology issue (jsc#SLE-7926). - ice: add print of autoneg state to link message (jsc#SLE-7926). - ice: update driver unloading field for Queue Shutdown AQ command (jsc#SLE-7926). - ice: add needed PFR during driver unload (jsc#SLE-7926). - ice: Deduce TSA value from the priority value in the CEE mode (jsc#SLE-7926). - ice: Report what the user set for coalesce [tx|rx]-usecs (jsc#SLE-7926). - ice: Fix resource leak in ice_remove_rule_internal() (jsc#SLE-7926). - ice: Fix EMP reset handling (jsc#SLE-7926). - bnxt_en: Fix compile error regression with CONFIG_BNXT_SRIOV not set (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add FW fatal devlink_health_reporter (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add bnxt_fw_exception() to handle fatal firmware errors (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add RESET_FW state logic to bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Do not send firmware messages if firmware is in error state (jsc#SLE-8371 bsc#1153274). - bnxt_en: Retain user settings on a VF after RESET_NOTIFY event (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add devlink health reset reporter (jsc#SLE-8371 bsc#1153274). - bnxt_en: Handle firmware reset (jsc#SLE-8371 bsc#1153274). - bnxt_en: Handle RESET_NOTIFY async event from firmware (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add new FW devlink_health_reporter (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add BNXT_STATE_IN_FW_RESET state (jsc#SLE-8371 bsc#1153274). - bnxt_en: Enable health monitoring (jsc#SLE-8371 bsc#1153274). - bnxt_en: Pre-map the firmware health monitoring registers (jsc#SLE-8371 bsc#1153274). - bnxt_en: Discover firmware error recovery capabilities (jsc#SLE-8371 bsc#1153274). - bnxt_en: Handle firmware reset status during IF_UP (jsc#SLE-8371 bsc#1153274). - bnxt_en: Register buffers for VFs before reserving resources (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor bnxt_sriov_enable() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Prepare bnxt_init_one() to be called multiple times (jsc#SLE-8371 bsc#1153274). - bnxt_en: Suppress all error messages in hwrm_do_send_msg() in silent mode (jsc#SLE-8371 bsc#1153274). - bnxt_en: Simplify error checking in the SR-IOV message forwarding functions (jsc#SLE-8371 bsc#1153274). - bnxt_en: Convert error code in firmware message response to standard code (jsc#SLE-8371 bsc#1153274). - bnxt_en: Remove the -1 error return code from bnxt_hwrm_do_send_msg() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Use a common function to print the same ethtool -f error message (jsc#SLE-8371 bsc#1153274). - ice: fix adminq calls during remove (jsc#SLE-7926). - ice: Rework ice_ena_msix_range (jsc#SLE-7926). - ice: Fix VF configuration issues due to reset (jsc#SLE-7926). - ice: Alloc queue management bitmaps and arrays dynamically (jsc#SLE-7926). - ice: add support for virtchnl_queue_select.[tx|rx]_queues bitmap (jsc#SLE-7926). - ice: add support for enabling/disabling single queues (jsc#SLE-7926). - ice: fix potential infinite loop (jsc#SLE-7926). - ice: fix ice_is_tc_ena (jsc#SLE-7926). - ice: add validation in OP_CONFIG_VSI_QUEUES VF message (jsc#SLE-7926). - ice: Don't clog kernel debug log with VF MDD events errors (jsc#SLE-7926). - ice: Introduce a local variable for a VSI in the rebuild path (jsc#SLE-7926). - ice: shorten local and add debug prints (jsc#SLE-7926). - ice: Sanitize ice_ena_vsi and ice_dis_vsi (jsc#SLE-7926). - ice: added sibling head to parse nodes (jsc#SLE-7926). - ice: Fix ethtool port and PFC stats for 4x25G cards (jsc#SLE-7926). - ice: Don't allow VSI to remove unassociated ucast filter (jsc#SLE-7926). - ice: Fix issues updating VSI MAC filters (jsc#SLE-7926). - ice: update ethtool stats on-demand (jsc#SLE-7926). - ice: Add input handlers for virtual channel handlers (jsc#SLE-7926). - ice: Don't clear auto_fec bit in ice_cfg_phy_fec() (jsc#SLE-7926). - ice: Fix flag used for module query (jsc#SLE-7926). - ice: silence some bogus error messages (jsc#SLE-7926). - ice: Rename ethtool private flag for lldp (jsc#SLE-7926). - ice: reject VF attempts to enable head writeback (jsc#SLE-7926). - ice: Copy dcbx configuration only if mode is correct (jsc#SLE-7926). - ice: Treat DCBx state NOT_STARTED as valid (jsc#SLE-7926). - ice: Don't call synchronize_irq() for VF's from the host (jsc#SLE-7926). - ice: Account for all states of FW DCBx and LLDP (jsc#SLE-7926). - ice: Allow egress control packets from PF_VSI (jsc#SLE-7926). - bnxt_en: Fix allocation of zero statistics block size regression (jsc#SLE-8371 bsc#1153274). - =?UTF-8?q?ethernet:=20Delete=20unnecessary=20checks=20bef?= =?UTF-8?q?ore=20the=20macro=20call=20=E2=80=9Cdev=5Fkfree=5Fskb=E2=80=9D?= (jsc#SLE-7966). - i40e: fix retrying in i40e_aq_get_phy_capabilities (jsc#SLE-8025). - i40e: Persistent LLDP support (jsc#SLE-8025). - i40e: allow reset in recovery mode (jsc#SLE-8025). - i40e: Remove function i40e_update_dcb_config() (jsc#SLE-8025). - i40e: Fix crash caused by stress setting of VF MAC addresses (jsc#SLE-8025). - i40e: reset veb.tc_stats when resetting veb.stats (jsc#SLE-8025). - i40e: Update FW API version to 1.9 (jsc#SLE-8025). - i40e: check_recovery_mode had wrong if statement (jsc#SLE-8025). - i40e: Add drop mode parameter to set mac config (jsc#SLE-8025). - i40e: fix shifts of signed values (jsc#SLE-8025). - i40e: add check on i40e_configure_tx_ring() return value (jsc#SLE-8025). - i40e: Check if transceiver implements DDM before access (jsc#SLE-8025). - i40e: reduce stack usage in i40e_set_fc (jsc#SLE-8025). - ice: improve print for VF's when adding/deleting MAC filters (jsc#SLE-7926). - ice: Change type for queue counts (jsc#SLE-7926). - ice: Move VF resources definition to SR-IOV specific file (jsc#SLE-7926). - ice: Increase size of Mailbox receive queue for many VFs (jsc#SLE-7926). - ice: Reduce wait times during VF bringup/reset (jsc#SLE-7926). - ice: update GLINT_DYN_CTL and GLINT_VECT2FUNC register access (jsc#SLE-7926). - ice: Do not always bring up PF VSI in ice_ena_vsi() (jsc#SLE-7926). - ice: allow empty Rx descriptors (jsc#SLE-7926). - ice: Fix kernel hang with DCB reset in CEE mode (jsc#SLE-7926). - ice: Set WB_ON_ITR when we don't re-enable interrupts (jsc#SLE-7926). - ice: fix set pause param autoneg check (jsc#SLE-7926). - ice: Restructure VFs initialization flows (jsc#SLE-7926). - ice: Assume that more than one Rx queue is rare in ice_napi_poll (jsc#SLE-7926). - ice: Use the software based tail when checking for hung Tx ring (jsc#SLE-7926). - ixgbe: no need to check return value of debugfs_create functions (jsc#SLE-7979 jsc#SLE-7981). - i40e: no need to check return value of debugfs_create functions (jsc#SLE-8025). - fm10k: no need to check return value of debugfs_create functions (jsc#SLE-8009). - bnxt: no need to check return value of debugfs_create functions (jsc#SLE-8371 bsc#1153274). - i40e: Remove unicast log when VF is leaving multicast mode (jsc#SLE-8025). - i40e: verify string count matches even on early return (jsc#SLE-8025). - i40e: Log info when PF is entering and leaving Allmulti mode (jsc#SLE-8025). - i40e: Update visual effect for advertised FEC mode (jsc#SLE-8025). - i40e: fix code comments (jsc#SLE-8025). - i40e: don't report link up for a VF who hasn't enabled queues (jsc#SLE-8025). - i40e: Log disable-fw-lldp flag change by ethtool (jsc#SLE-8025). - i40e: fix incorrect ethtool statistics veb and veb.tc_ (jsc#SLE-8025). - fm10k: fix fm10k_get_fault_pf to read correct address (jsc#SLE-8009). - fm10k: convert NON_Q_VECTORS(hw) into NON_Q_VECTORS (jsc#SLE-8009). - fm10k: mark unused parameters with __always_unused (jsc#SLE-8009). - fm10k: cast page_addr to u8 * when incrementing it (jsc#SLE-8009). - fm10k: explicitly return 0 on success path in function (jsc#SLE-8009). - fm10k: remove needless initialization of size local variable (jsc#SLE-8009). - fm10k: remove needless assignment of err local variable (jsc#SLE-8009). - fm10k: remove unnecessary variable initializer (jsc#SLE-8009). - fm10k: reduce scope of the ring variable (jsc#SLE-8009). - fm10k: reduce the scope of the result local variable (jsc#SLE-8009). - fm10k: reduce the scope of the local msg variable (jsc#SLE-8009). - fm10k: reduce the scope of the local i variable (jsc#SLE-8009). - fm10k: reduce the scope of the err variable (jsc#SLE-8009). - fm10k: reduce the scope of the tx_buffer variable (jsc#SLE-8009). - fm10k: reduce the scope of the q_idx local variable (jsc#SLE-8009). - fm10k: reduce the scope of local err variable (jsc#SLE-8009). - fm10k: reduce the scope of qv local variable (jsc#SLE-8009). - fm10k: reduce scope of *p local variable (jsc#SLE-8009). - fm10k: reduce scope of the err variable (jsc#SLE-8009). - ice: Bump version number (jsc#SLE-7926). - ice: Remove flag to track VF interrupt status (jsc#SLE-7926). - ice: Remove unnecessary flag ICE_FLAG_MSIX_ENA (jsc#SLE-7926). - ice: Don't return error for disabling LAN Tx queue that does exist (jsc#SLE-7926). - ice: Remove duplicate code in ice_alloc_rx_bufs (jsc#SLE-7926). - ice: Add stats for Rx drops at the port level (jsc#SLE-7926). - ice: Update number of VF queue before setting VSI resources (jsc#SLE-7926). - ice: Set up Tx scheduling tree based on alloc VSI Tx queues (jsc#SLE-7926). - ice: Only bump Rx tail and release buffers once per napi_poll (jsc#SLE-7926). - ice: Disable VFs until reset is completed (jsc#SLE-7926). - ice: Do not configure port with no media (jsc#SLE-7926). - ice: separate out control queue lock creation (jsc#SLE-7926). - ice: Always set prefena when configuring an Rx queue (jsc#SLE-7926). - ice: Move vector base setup to PF VSI (jsc#SLE-7926). - ice: track hardware stat registers past rollover (jsc#SLE-7926). - ice: add lp_advertising flow control support (jsc#SLE-7926). - net: Use skb_frag_off accessors (jsc#SLE-7979 jsc#SLE-7981). - linux: Add skb_frag_t page_offset accessors (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add PCI IDs for 57500 series NPAR devices (jsc#SLE-8371 bsc#1153274). - bnxt_en: Support all variants of the 5750X chip family (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor bnxt_init_one() and turn on TPA support on 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Support TPA counters on 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Allocate the larger per-ring statistics block for 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor ethtool ring statistics logic (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add hardware GRO setup function for 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add TPA ID mapping logic for 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add fast path logic for TPA on 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Set TPA GRO mode flags on 57500 chips properly (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor tunneled hardware GRO logic (jsc#SLE-8371 bsc#1153274). - bnxt_en: Handle standalone RX_AGG completions (jsc#SLE-8371 bsc#1153274). - bnxt_en: Expand bnxt_tpa_info struct to support 57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Refactor TPA logic (jsc#SLE-8371 bsc#1153274). - bnxt_en: Add TPA structure definitions for BCM57500 chips (jsc#SLE-8371 bsc#1153274). - bnxt_en: Update firmware interface spec. to 1.10.0.89 (jsc#SLE-8371 bsc#1153274). - igc: Add more SKUs for i225 device (jsc#SLE-7966). - igc: Update the MAC reset flow (jsc#SLE-7966). - igc: Remove the unused field from a device specification structure (jsc#SLE-7966). - igc: Remove the polarity field from a PHY information structure (jsc#SLE-7966). - net/ixgbevf: fix a compilation error of skb_frag_t (jsc#SLE-7979 jsc#SLE-7981). - Build fixes for skb_frag_size conversion (jsc#SLE-7979 jsc#SLE-7981). - igb: Use dev_get_drvdata where possible (jsc#SLE-7967). - i40e: Use dev_get_drvdata (jsc#SLE-8025). - fm10k: Use dev_get_drvdata (jsc#SLE-8009). - e1000e: Use dev_get_drvdata where possible (jsc#SLE-8100). - net: broadcom: Use dev_get_drvdata (jsc#SLE-8371 bsc#1153274). - net: Convert skb_frag_t to bio_vec (jsc#SLE-7979 jsc#SLE-7981). - net: Rename skb_frag_t size to bv_len (jsc#SLE-7979 jsc#SLE-7981). - net: Rename skb_frag page to bv_page (jsc#SLE-7979 jsc#SLE-7981). - net: Reorder the contents of skb_frag_t (jsc#SLE-7979 jsc#SLE-7981). - net: Increase the size of skb_frag_t (jsc#SLE-7979 jsc#SLE-7981). - net: Use skb accessors in network core (jsc#SLE-7979 jsc#SLE-7981). - net: Use skb accessors in network drivers (jsc#SLE-8371 bsc#1153274). - commit b79d16a - arm64: topology: Use PPTT to determine if PE is a thread (jsc#SLE-10146). - ACPI/PPTT: Add support for ACPI 6.3 thread flag (jsc#SLE-10146). - commit 72dbea4 - arm64: synquacer: enable spi driver References: jsc#SLE-9968 - commit 6756790 - blk-wbt: fix performance regression in wbt scale_up/scale_down (bsc#1152489). - commit 214a4b1 - Update patches.suse/supported-flag references (add bsc#974406). - commit 6b909a8 - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#1151508). - commit b84a6ef - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665). - commit 8126faf - pinctrl: rockchip: Mark expected switch fall-through (bsc#1154208). - commit 284f3c9 - Refresh patches.suse/supported-flag. - Delete patches.suse/module-Inform-user-when-loading-externally-supported.patch. Squash module-Inform-user-when-loading-externally-supported.patch (bsc#974406) into supported-flag. - commit 5be4f6e - scsi: lpfc: Make function lpfc_defer_pt2pt_acc static (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.4.0.1 (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: cleanup: remove unused fcp_txcmlpq_cnt (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Complete removal of FCoE T10 PI support on SLI-4 adapters (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Update async event logging (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix list corruption detected in lpfc_put_sgl_per_hdwq (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix hdwq sgl locks and irq handling (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd() (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix host hang at boot or slow boot (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix coverity errors on NULL pointer checks (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix NVMe ABTS in response to receiving an ABTS (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix discovery failures when target device connectivity bounces (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix GPF on scsi command completion (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix locking on mailbox command completion (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix device recovery errors after PLOGI failures (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix rpi release when deleting vport (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix NVME io abort failures causing hangs (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix miss of register read failure check (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix premature re-enabling of interrupts in lpfc_sli_host_down (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix reset recovery paths that are not recovering (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Convert existing %pf users to %ps (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: fix 12.4.0.0 GPF at boot (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Remove bg debugfs buffers (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Resolve checker warning for lpfc_new_io_buf() (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Update lpfc version to 12.4.0.0 (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Merge per-protocol WQ/CQ pairs into single per-cpu pair (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Add NVMe sequence level error recovery support (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Support dynamic unbounded SGL lists on G7 hardware (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Add MDS driver loopback diagnostics support (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Add first and second level hardware revisions to sysfs reporting (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Migrate to %px and %pf in kernel print calls (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Add simple unlikely optimizations to reduce NVME latency (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix coverity warnings (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix nvme first burst module parameter description (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix BlockGuard enablement on FCoE adapters (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix reported physical link speed on a disabled trunked link (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix Max Frame Size value shown in fdmishow output (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix upcall to bsg done in non-success cases (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix sli4 adapter initialization with MSI (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix nvme sg_seg_cnt display if HBA does not support NVME (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix nvme target mode ABTSing a received ABTS (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix hang when downloading fw on port enabled for nvme (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix too many sg segments spamming in kernel log (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix crash due to port reset racing vs adapter error handling (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix deadlock on host_lock during cable pulls (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix error in remote port address change (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix driver nvme rescan logging (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix sg_seg_cnt for HBAs that don't support NVME (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix loss of remote port after devloss due to lack of RPIs (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix devices that don't return after devloss followed by rediscovery (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix FLOGI handling across multiple link up/down conditions (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix oops when fewer hdwqs than cpus (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix irq raising in lpfc_sli_hba_down (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix Oops in nvme_register with target logout/login (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix issuing init_vpi mbox on SLI-3 card (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix ADISC reception terminating login state if a NVME target (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix discovery when target has no GID_FT information (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix port relogin failure due to GID_FT interaction (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix leak of ELS completions on adapter reset (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix failure to clear non-zero eq_delay after io rate reduction (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix crash on driver unload in wq free (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix ELS field alignments (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Fix PLOGI failure with high remoteport count (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Limit xri count for kdump environment (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: remove NULL check before some freeing functions (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: use spin_lock_irqsave in IRQ context (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: remove redundant code (jsc#SLE-8284 jsc#SLE-8654). - scsi: lpfc: Remove unnecessary null check before kfree (jsc#SLE-8284 jsc#SLE-8654). - commit d8bfc1f - series.conf: Update qla2xxx patches The qla2xxx patches have been added to jebj's queue. - commit 1b97787 - Fix Patch-mainline tags: patches.suse/0001-ACPI-property-Add-two-new-Thunderbolt-property-GUIDs.patch patches.suse/0001-thunderbolt-Add-support-for-Intel-Ice-Lake.patch patches.suse/0001-thunderbolt-Correct-path-indices-for-PCIe-tunnel.patch patches.suse/0001-thunderbolt-Do-not-fail-adding-switch-if-some-port-i.patch patches.suse/0001-thunderbolt-Expose-active-parts-of-NVM-even-if-upgra.patch patches.suse/0001-thunderbolt-Hide-switch-attributes-that-are-not-set.patch patches.suse/0001-thunderbolt-Move-NVM-upgrade-support-flag-to-struct-.patch patches.suse/0001-thunderbolt-Show-key-using-pE-not-pEp.patch patches.suse/0001-thunderbolt-Switch-to-use-device_property_count_uXX.patch patches.suse/0001-thunderbolt-Use-32-bit-writes-when-writing-ring-prod.patch - commit 1318e50 - config: refresh after dependency changes - commit 4237191 - series.conf: cleanup Update upstream references and resort: patches.suse/scsi-qla2xxx-Remove-WARN_ON_ONCE-in-qla2x00_status_c.patch Move unsortable patches.suse/scsi-qla2xxx-fix-wait-condition-in-loop.patch out of sorted section. - commit 0133508 ++++ gpgme: - Build qt bindings separately to avoid build cycle with samba/libsoup. ++++ lz4: - turn on the testsuite - added sources + _multibuild ++++ supportutils: - Updated to version 3.1.4 + Removed LPM/DLPAR data for POWER (bsc#1111029) + prevent running 'systool -vb memory' by default on systems with 16TB or more #57 (bsc#1127734) + Tumbleweed support #50 + Added zypper orphaned packages check to updates.txt + Cpuset listing #52 + Docker disunite #53 + Added sed and gawk to spec requirements (bsc#1137336) + Added nstat to network + Add collection of livepatch information #63 + Check for missing ldap.conf file ------------------------------------------------------------------ ------------------ 2019-10-15 - Oct 15 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Consistently find btrfs snapshots on s390x. (bsc#1136970) * grub2-s390x-04-grub2-install.patch ++++ kernel-default: - scsi: qedf: Add port_id getter (jsc#SLE-9711). - scsi: qedf: Remove always false 'tmp_prio < 0' statement (jsc#SLE-9711). - scsi: qedf: Update the version to 8.42.3.0 (jsc#SLE-9711). - scsi: qedf: Fix race betwen fipvlan request and response path (jsc#SLE-9711). - scsi: qedf: Use discovery list to traverse rports (jsc#SLE-9711). - scsi: qedf: Decrease the LL2 MTU size to 2500 (jsc#SLE-9711). - scsi: qedf: Check for module unloading bit before processing link update AEN (jsc#SLE-9711). - scsi: qedf: Initiator fails to re-login to switch after link down (jsc#SLE-9711). - scsi: qedf: Add debug information for unsolicited processing (jsc#SLE-9711). - scsi: qedf: Add support for 20 Gbps speed (jsc#SLE-9711). - scsi: qedf: Interpret supported caps value correctly (jsc#SLE-9711). - scsi: qedf: Add shutdown callback handler (jsc#SLE-9711). - scsi: qedf: Update module description string (jsc#SLE-9711). - scsi: qedf: Fix crash during sg_reset (jsc#SLE-9711). - scsi: qedf: Stop sending fipvlan request on unload (jsc#SLE-9711). - scsi: qedf: Print message during bailout conditions (jsc#SLE-9711). - commit 723fe3b - x86/cpu: Add Comet Lake to the Intel CPU models header (jsc#SLE-7946). - commit e9d5845 - soundwire: depend on ACPI || OF (bsc#1148868). - soundwire: depend on ACPI (bsc#1148868). - commit 4ebb907 - btrfs: Remove metadata_uuid patches They are already in upstream 5.0. - Delete patches.suse/0001-btrfs-Introduce-support-for-FSID-change-without-meta.patch. - Delete patches.suse/0002-btrfs-Remove-fsid-metadata_fsid-fields-from-btrfs_in.patch. - Delete patches.suse/0003-btrfs-Add-handling-for-disk-split-brain-scenario-dur.patch. - Delete patches.suse/0004-btrfs-Introduce-2-more-members-to-struct-btrfs_fs_de.patch. - Delete patches.suse/0005-btrfs-Handle-one-more-split-brain-scenario-during-fs.patch. - Delete patches.suse/0006-btrfs-Handle-final-split-brain-possibility-during-fs.patch. - Delete patches.suse/btrfs-add-sysfs-support-for-metadata_uuid-feature.patch. - commit 1a7c8f7 - Update patches.suse/sched-core-Fix-CPU-controller-for-RT_GROUP_SCHED.patch (bnc#1151927 5.3.4 bnc#1135646). Add a bnc reference. - commit 05f45df - Delete patches.suse/0201-merge-tag-exynos-drm-fixes-for-v4-12. - Delete patches.suse/0586-merge-branch-drm-next-4-13-into-drm-next. - Delete patches.suse/0680-merge-tag-drm-for-v4-13-of-git-people-freedesktop-org-airlied-linux. - Delete patches.suse/1312-merge-tag-drm-msm-next-2017-08-22-into-drm-next. - Delete patches.suse/3619-merge-airlied-drm-next-into-drm-misc-next. - Delete patches.suse/3625-merge-drm-misc-next-2017-11-30-into-drm-next. - Delete patches.suse/3631-merge-tag-drm-intel-next-2017-11-17-1-into-drm-next. - Delete patches.suse/4330-merge-drm-armada-devel-4-15-into-drm-next. - Delete patches.suse/5994-backmerge-tag-v4-16-rc7-into-drm-next. - Delete patches.suse/7627-merge-drm-upstream-drm-next-into-drm-misc-next. - commit 1a3d42d - Delete patches.suse/x86-mm-fix-fast-gup-paravirt.patch. (The problem was solved differently upstream between 4.12 and 5.3) - commit 0329020 - arm64: cn99xx: enable patches for silicon revision Ax erratum References: PM-1408 Systems with Ax silicon still in use. - commit 012b115 - mm, page_owner: rename flag indicating that page is allocated (jsc#SLE-8959, bsc#1144653, VM Debug Functionality). - commit 1a8c019 - mm, page_owner: decouple freeing stack trace from debug_pagealloc (jsc#SLE-8959, bsc#1144653, VM Debug Functionality). - commit 0458b8c - mm, page_owner: fix off-by-one error in __set_page_owner_handle() (jsc#SLE-8959, bsc#1144653, VM Debug Functionality). - commit d9d2cb5 - mm, page_owner, debug_pagealloc: save and dump freeing stack trace (jsc#SLE-8959, bsc#1144653, VM Debug Functionality). - commit 88a816e - mm, page_owner: keep owner info when freeing the page (jsc#SLE-8959, bsc#1144653, VM Debug Functionality). - commit 59689b6 - mm, page_owner: record page owner for each subpage (jsc#SLE-8959, bsc#1144653, VM Debug Functionality). - commit 6920f27 - qla2xxx: Enable T10-DIF with FC-NVMe enabled (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit f8cfc4e - scsi: qla2xxx: Fix wait condition in loop (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit 39bb1be - scsi: qla2xxx: Update driver version to 10.01.00.20-k (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Improve logging for scan thread (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Set remove flag for all VP (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Dual FCP-NVMe target port support (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: remove redundant assignment to pointer host (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix Nport ID display value (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix N2N link up fail (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix N2N link reset (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Optimize NPIV tear down process (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix stale mem access on driver unload (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix unbound sleep in fcport delete path (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Silence fwdump template message (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Update driver version to 10.01.00.19-k (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix stale session (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix stuck login session (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix driver reload for ISP82xx (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix flash read for Qlogic ISPs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix message indicating vectors used by driver (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: fix spelling mistake "initializatin" -> "initialization" (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix a recently introduced kernel warning (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: cleanup trace buffer initialization (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: qla2x00_alloc_fw_dump: set ha->eft (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix a NULL pointer dereference (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Simplify qla24xx_async_abort_cmd() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove two superfluous if-tests (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Introduce qla2x00_els_dcmd2_free() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Inline the qla2x00_fcport_event_handler() function (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Report invalid mailbox status codes (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove superfluous sts_entry_* casts (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Let the compiler check the type of the SCSI command context pointer (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Complain if sp->done() is not called from the completion path (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Make sure that aborted commands are freed (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Introduce qla2xxx_get_next_handle() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Modify NVMe include directives (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Make qlt_handle_abts_completion() more robust (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix a race condition between aborting and completing a SCSI command (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Introduce the function qla2xxx_init_sp() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Enable type checking for the SRB free and done callback functions (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Rework key encoding in qlt_find_host_by_d_id() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Set the responder mode if appropriate for ELS pass-through IOCBs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Make it explicit that ELS pass-through IOCBs use little endian (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Check secondary image if reading the primary image fails (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Change the return type of qla24xx_read_flash_data() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Introduce the be_id_t and le_id_t data types for FC src/dst IDs (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Complain if a soft reset fails (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use memcpy() and strlcpy() instead of strcpy() and strncpy() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Check the PCI info string output buffer size (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Complain if waiting for pending commands times out (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Declare fourth qla2x00_set_model_info() argument const (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Suppress multiple Coverity complaint about out-of-bounds accesses (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Suppress a Coveritiy complaint about integer overflow (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove unreachable code from qla83xx_idc_lock() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Simplify a debug statement (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove dead code (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Complain if parsing the version string fails (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Complain if a mailbox command times out (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use strlcpy() instead of strncpy() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Do not corrupt vha->plogi_ack_list (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Report the firmware status code if a mailbox command fails (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Fix session lookup in qlt_abort_work() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Simplify qla24xx_abort_sp_done() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove two superfluous tests (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove a superfluous pointer check (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Simplify qlt_lport_dump() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Reduce the number of casts in GID list code (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Verify locking assumptions at runtime (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Change data_dsd into an array (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Declare qla_tgt_cmd.cdb const (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Reduce the scope of three local variables in qla2xxx_queuecommand() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Change the return type of qla2x00_update_ms_fdmi_iocb() into void (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Declare the fourth ql_dump_buffer() argument const (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove a superfluous forward declaration (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Remove an include directive from qla_mr.c (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Include the header file from qla_dsd.h (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Use tabs instead of spaces for indentation (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Improve Linux kernel coding style conformance (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Really fix qla2xxx_eh_abort() (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - scsi: qla2xxx: Make qla2x00_abort_srb() again decrease the sp reference count (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - qla2xxx: remove SGI SN2 support (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334). - commit 2a36545 - ACPI / property: Add two new Thunderbolt property GUIDs to the list (jsc#SLE-8714). - commit 11dee44 - thunderbolt: Add support for Intel Ice Lake (jsc#SLE-8714). - commit 815b577 - thunderbolt: Expose active parts of NVM even if upgrade is not supported (jsc#SLE-8714). - commit badef1c - thunderbolt: Hide switch attributes that are not set (jsc#SLE-8714). - commit 5b9d6f9 - thunderbolt: Do not fail adding switch if some port is not implemented (jsc#SLE-8714). - commit d0e61eb - thunderbolt: Use 32-bit writes when writing ring producer/consumer (jsc#SLE-8714). - commit df92f6a - thunderbolt: Move NVM upgrade support flag to struct icm (jsc#SLE-8714). - commit 476237e - thunderbolt: Correct path indices for PCIe tunnel (jsc#SLE-8714). - commit 0d8a0ac - thunderbolt: Show key using %*pE not %*pEp (jsc#SLE-8714). - commit 2388d46 - thunderbolt: Switch to use device_property_count_uXX() (jsc#SLE-8714). - commit 51e1030 - scsi: qla2xxx: Refresh patches ported from SLE15-SP1 - Refresh patches.suse/scsi-qla2xxx-Allow-NVMe-IO-to-resume-with-short-cabl.patch. - Refresh patches.suse/scsi-qla2xxx-Correct-error-handling-during-initializ.patch. - Refresh patches.suse/scsi-qla2xxx-Fix-DMA-unmap-leak.patch. - Refresh patches.suse/scsi-qla2xxx-Fix-NVMe-port-discovery-after-a-short-d.patch. - Refresh patches.suse/scsi-qla2xxx-Fix-abort-timeout-race-condition.patch. - Refresh patches.suse/scsi-qla2xxx-Fix-different-size-DMA-Alloc-Unmap.patch. - Refresh patches.suse/scsi-qla2xxx-Fix-hang-in-fcport-delete-path.patch. - Refresh patches.suse/scsi-qla2xxx-Fix-premature-timer-expiration.patch. - Refresh patches.suse/scsi-qla2xxx-Reject-EH_-abort-device_reset-target_re.patch. - Refresh patches.suse/scsi-qla2xxx-Remove-unnecessary-null-check.patch. - Refresh patches.suse/scsi-qla2xxx-Replace-vmalloc-memset-with-vzalloc.patch. - Refresh patches.suse/scsi-qla2xxx-Retry-fabric-Scan-on-IOCB-queue-full.patch. - Refresh patches.suse/scsi-qla2xxx-Skip-FW-dump-on-LOOP-initialization-err.patch. - Refresh patches.suse/scsi-qla2xxx-Update-driver-version-to-10.01.00.18-k.patch. - Refresh patches.suse/scsi-qla2xxx-Use-Correct-index-for-Q-Pair-array.patch. - Refresh patches.suse/scsi-qla2xxx-Use-common-update-firmware-options-rout.patch. - commit 44af015 - Linux 5.3.6 (bnc#1151927 5.3.6). - DTS: ARM: gta04: introduce legacy spi-cs-high to make display work again (bnc#1151927 5.3.6). - mac80211: keep BHs disabled while calling drv_tx_wake_queue() (bnc#1151927 5.3.6). - cfg80211: initialize on-stack chandefs (bnc#1151927 5.3.6). - cfg80211: validate SSID/MBSSID element ordering assumption (bnc#1151927 5.3.6). - nl80211: validate beacon head (bnc#1151927 5.3.6). - ieee802154: atusb: fix use-after-free at disconnect (bnc#1151927 5.3.6). - KVM: s390: fix __insn32_query() inline assembly (bnc#1151927 5.3.6). - KVM: nVMX: Fix consistency check on injected exception error code (bnc#1151927 5.3.6). - KVM: X86: Fix userspace set invalid CR4 (bnc#1151927 5.3.6). - xen/xenbus: fix self-deadlock after killing user process (bnc#1151927 5.3.6). - xen/balloon: Set pages PageOffline() in balloon_add_region() (bnc#1151927 5.3.6). - selftests: pidfd: Fix undefined reference to pthread_create() (bnc#1151927 5.3.6). - sched: Add __ASSEMBLY__ guards around struct clone_args (bnc#1151927 5.3.6). - drm/omap: fix max fclk divider for omap36xx (bnc#1151927 5.3.6). - drm/amd/powerplay: change metrics update period from 1ms to 100ms (bnc#1151927 5.3.6). - Revert "s390/dasd: Add discard support for ESE volumes" (bnc#1151927 5.3.6). - s390/dasd: Fix error handling during online processing (bnc#1151927 5.3.6). - vfs: Fix EOVERFLOW testing in put_compat_statfs64 (bnc#1151927 5.3.6). - tick: broadcast-hrtimer: Fix a race in bc_set_next (bnc#1151927 5.3.6). - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes (bnc#1151927 5.3.6). - mmc: tegra: Implement ->set_dma_mask() (bnc#1151927 5.3.6). - mmc: sdhci: Let drivers define their DMA mask (bnc#1151927 5.3.6). - mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bnc#1151927 5.3.6). - mmc: sdhci: improve ADMA error reporting (bnc#1151927 5.3.6). - libnvdimm: prevent nvdimm from requesting key when security is disabled (bnc#1151927 5.3.6). - libnvdimm/region: Initialize bad block for volatile namespaces (bnc#1151927 5.3.6). - libnvdimm/nfit_test: Fix acpi_handle redefinition (bnc#1151927 5.3.6). - =?UTF-8?q?libnvdimm:=20Fix=20endian=20conversion=20issues=C2=A0?= (bnc#1151927 5.3.6). - i2c: qcom-geni: Disable DMA processing on the Lenovo Yoga C630 (bnc#1151927 5.3.6). - iommu/amd: Fix downgrading default page-sizes in alloc_pte() (bnc#1151927 5.3.6). - nfp: abm: fix memory leak in nfp_abm_u32_knode_replace (bnc#1151927 5.3.6). - mlxsw: spectrum_flower: Fail in case user specifies multiple mirror actions (bnc#1151927 5.3.6). - net: dsa: microchip: Always set regmap stride to 1 (bnc#1151927 5.3.6). - netfilter: nf_tables: allow lookups in dynamic sets (bnc#1151927 5.3.6). - bpf: Fix bpf_event_output re-entry issue (bnc#1151927 5.3.6). - selftests/bpf: adjust strobemeta loop to satisfy latest clang (bnc#1151927 5.3.6). - libbpf: fix false uninitialized variable warning (bnc#1151927 5.3.6). - powerpc/mm: Fix an Oops in kasan_mmu_init() (bnc#1151927 5.3.6). - powerpc/mm: Add a helper to select PAGE_KERNEL_RO or PAGE_READONLY (bnc#1151927 5.3.6). - x86/purgatory: Disable the stackleak GCC plugin for the purgatory (bnc#1151927 5.3.6). - sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr() (bnc#1151927 5.3.6). - sched/membarrier: Call sync_core only before usermode for same mm (bnc#1151927 5.3.6). - sched/membarrier: Fix private expedited registration check (bnc#1151927 5.3.6). - ima: fix freeing ongoing ahash_request (bnc#1151927 5.3.6). - ima: always return negative code for error (bnc#1151927 5.3.6). - 9p: Transport error uninitialized (bnc#1151927 5.3.6). - 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bnc#1151927 5.3.6). - riscv: Avoid interrupts being erroneously enabled in handle_exception() (bnc#1151927 5.3.6). - Revert "locking/pvqspinlock: Don't wait if vCPU is preempted" (bnc#1151927 5.3.6). - pwm: stm32-lp: Add check in case requested period cannot be achieved (bnc#1151927 5.3.6). - blk-mq: move lockdep_assert_held() into elevator_exit (bnc#1151927 5.3.6). - drivers: thermal: qcom: tsens: Fix memory leak from qfprom read (bnc#1151927 5.3.6). - thermal: Fix use-after-free when unregistering thermal zone device (bnc#1151927 5.3.6). - thermal_hwmon: Sanitize thermal_zone type (bnc#1151927 5.3.6). - watchdog: aspeed: Add support for AST2600 (bnc#1151927 5.3.6). - watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bnc#1151927 5.3.6). - drm/amdgpu: Check for valid number of registers to read (bnc#1151927 5.3.6). - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed (bnc#1151927 5.3.6). - drm/atomic: Reject FLIP_ASYNC unconditionally (bnc#1151927 5.3.6). - drm/atomic: Take the atomic toys away from X (bnc#1151927 5.3.6). - ntb: point to right memory window index (bnc#1151927 5.3.6). - timer: Read jiffies once when forwarding base clk (bnc#1151927 5.3.6). - perf unwind: Fix libunwind build failure on i386 systems (bnc#1151927 5.3.6). - perf build: Add detection of java-11-openjdk-devel package (bnc#1151927 5.3.6). - perf probe: Fix to clear tev->nargs in clear_probe_trace_event() (bnc#1151927 5.3.6). - perf tools: Fix segfault in cpu_cache_level__read() (bnc#1151927 5.3.6). - perf stat: Fix a segmentation fault when using repeat forever (bnc#1151927 5.3.6). - perf stat: Reset previous counts on repeat with interval (bnc#1151927 5.3.6). - usercopy: Avoid HIGHMEM pfn warning (bnc#1151927 5.3.6). - selftests/seccomp: fix build on older kernels (bnc#1151927 5.3.6). - pNFS: Ensure we do clear the return-on-close layout stateid on fatal errors (bnc#1151927 5.3.6). - SUNRPC: Don't try to parse incomplete RPC messages (bnc#1151927 5.3.6). - SUNRPC: RPC level errors should always set task->tk_rpc_status (bnc#1151927 5.3.6). - xprtrdma: Send Queue size grows after a reconnect (bnc#1151927 5.3.6). - xprtrdma: Toggle XPRT_CONGESTED in xprtrdma's slot methods (bnc#1151927 5.3.6). - fs: nfs: Fix possible null-pointer dereferences in encode_attrs() (bnc#1151927 5.3.6). - s390/cio: exclude subchannels with no parent from pseudo check (bnc#1151927 5.3.6). - s390/cio: avoid calling strlen on null pointer (bnc#1151927 5.3.6). - s390/topology: avoid firing events before kobjs are created (bnc#1151927 5.3.6). - xen/pci: reserve MCFG areas earlier (bnc#1151927 5.3.6). - include/trace/events/writeback.h: fix -Wstringop-truncation warnings (bnc#1151927 5.3.6). - kernel/elfcore.c: include proper prototypes (bnc#1151927 5.3.6). - ceph: reconnect connection if session hang in opening state (bnc#1151927 5.3.6). - ceph: fetch cap_gen under spinlock in ceph_add_cap (bnc#1151927 5.3.6). - ceph: fix directories inode i_blkbits initialization (bnc#1151927 5.3.6). - fuse: fix memleak in cuse_channel_open (bnc#1151927 5.3.6). - fuse: fix request limit (bnc#1151927 5.3.6). - selftests/tpm2: Add the missing TEST_FILES assignment (bnc#1151927 5.3.6). - power: supply: sbs-battery: only return health when battery present (bnc#1151927 5.3.6). - power: supply: sbs-battery: use correct flags field (bnc#1151927 5.3.6). - MIPS: Treat Loongson Extensions as ASEs (bnc#1151927 5.3.6). - powerpc/603: Fix handling of the DIRTY flag (bnc#1151927 5.3.6). - powerpc/32s: Fix boot failure with DEBUG_PAGEALLOC without KASAN (bnc#1151927 5.3.6). - powerpc/kasan: Fix shadow area set up for modules (bnc#1151927 5.3.6). - powerpc/kasan: Fix parallel loading of modules (bnc#1151927 5.3.6). - powerpc/ptdump: Fix addresses display on PPC32 (bnc#1151927 5.3.6). - tracing: Make sure variable reference alias has correct var_ref_idx (bnc#1151927 5.3.6). - drm/nouveau/kms/nv50-: Don't create MSTMs for eDP connectors (bnc#1151927 5.3.6). - drm/i915: to make vgpu ppgtt notificaiton as atomic operation (bnc#1151927 5.3.6). - drm/i915/gvt: update vgpu workload head pointer correctly (bnc#1151927 5.3.6). - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bnc#1151927 5.3.6). - crypto: cavium/zip - Add missing single_release() (bnc#1151927 5.3.6). - crypto: skcipher - Unmap pages after an external error (bnc#1151927 5.3.6). - crypto: caam/qi - fix error handling in ERN handler (bnc#1151927 5.3.6). - crypto: caam - fix concurrency issue in givencrypt descriptor (bnc#1151927 5.3.6). - crypto: ccree - use the full crypt length value (bnc#1151927 5.3.6). - crypto: qat - Silence smp_processor_id() warning (bnc#1151927 5.3.6). - crypto: ccree - account for TEE not ready to report (bnc#1151927 5.3.6). - coresight: etm4x: Use explicit barriers on enable/disable (bnc#1151927 5.3.6). - staging: erofs: detect potential multiref due to corrupted images (bnc#1151927 5.3.6). - staging: erofs: avoid endless loop of invalid lookback distance 0 (bnc#1151927 5.3.6). - staging: erofs: add two missing erofs_workgroup_put for corrupted images (bnc#1151927 5.3.6). - staging: erofs: some compressed cluster should be submitted for corrupted images (bnc#1151927 5.3.6). - staging: erofs: fix an error handling in erofs_readdir() (bnc#1151927 5.3.6). - KVM: s390: Test for bad access register and size at the start of S390_MEM_OP (bnc#1151927 5.3.6). - PM / devfreq: tegra: Fix kHz to Hz conversion (bnc#1151927 5.3.6). - ASoC: sgtl5000: Improve VAG power and mute control (bnc#1151927 5.3.6). - ASoC: Define a set of DAPM pre/post-up events (bnc#1151927 5.3.6). - nbd: fix max number of supported devs (bnc#1151927 5.3.6). - s390/sclp: Fix bit checked for has_sipl (bnc#1151927 5.3.6). - s390/process: avoid potential reading of freed stack (bnc#1151927 5.3.6). - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure (bnc#1151927 5.3.6). - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file (bnc#1151927 5.3.6). - commit 09e8239 - mm, compaction: fix wrong pfn handling in __reset_isolation_pfn() (git-fixes (mm/compaction)). - commit b7593ee - Update patches.suse/0001-drm-msm-dsi-Fix-return-value-check-for-clk_get_paren.patch (bsc#1152472 bnc#1151927 5.3.6). - Update patches.suse/0002-drm-mali-dp-Mark-expected-switch-fall-through.patch (bsc#1152472 bnc#1151927 5.3.6). - Update patches.suse/0003-drm-i915-dp-Fix-dsc-bpp-calculations-v5.patch (bsc#1152472 bnc#1151927 5.3.6). - Update patches.suse/0004-drm-amdgpu-Fix-KFD-related-kernel-oops-on-Hawaii.patch (bsc#1152472 bnc#1151927 5.3.6). - Update patches.suse/KVM-PPC-Book3S-Enable-XIVE-native-capability-only-if.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/KVM-PPC-Book3S-HV-Check-for-MMU-ready-on-piggybacked.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/KVM-PPC-Book3S-HV-Don-t-lose-pending-doorbell-reques.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/KVM-PPC-Book3S-HV-Don-t-push-XIVE-context-when-not-u.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/KVM-PPC-Book3S-HV-Fix-race-in-re-enabling-XIVE-escal.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/KVM-PPC-Book3S-HV-XIVE-Free-escalation-interrupts-be.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/PCI-Restore-Resizable-BAR-size-bits-correctly-for-1M.patch (bsc#1143841 bnc#1151927 5.3.6). - Update patches.suse/PCI-vmd-Fix-config-addressing-when-using-bus-offsets.patch (git-fixes bnc#1151927 5.3.6). - Update patches.suse/PCI-vmd-Fix-shadow-offsets-to-reflect-spec-changes.patch (git-fixes bnc#1151927 5.3.6). - Update patches.suse/libnvdimm-altmap-track-namespace-boundaries-in-altmap.patch (bsc#1150305 bnc#1151927 5.3.6). - Update patches.suse/msft-hv-1911-PCI-hv-Avoid-use-of-hv_pci_dev-pci_slot-after-freein.patch (bsc#1142701 bnc#1151927 5.3.6). - Update patches.suse/powerpc-book3s64-mm-Don-t-do-tlbie-fixup-for-some-ha.patch (bsc#1152161 ltc#181664 bnc#1151927 5.3.6). - Update patches.suse/powerpc-book3s64-radix-Rename-CPU_FTR_P9_TLBIE_BUG-f.patch (bsc#1152161 ltc#181664 bnc#1151927 5.3.6). - Update patches.suse/powerpc-mce-Fix-MCE-handling-for-huge-pages.patch (jsc#SLE-7730 jsc#SLE-8330 bnc#1151927 5.3.6). - Update patches.suse/powerpc-mce-Schedule-work-from-irq_work.patch (jsc#SLE-7730 jsc#SLE-8330 bnc#1151927 5.3.6). - Update patches.suse/powerpc-mm-Fixup-tlbie-vs-mtpidr-mtlpidr-ordering-is.patch (bsc#1152161 ltc#181664 bnc#1151927 5.3.6). - Update patches.suse/powerpc-powernv-Restrict-OPAL-symbol-map-to-only-be-.patch (bsc#1152885 bnc#1151927 5.3.6). - Update patches.suse/powerpc-powernv-ioda-Fix-race-in-TCE-level-allocatio.patch (bsc#1061840 bnc#1151927 5.3.6). - Update patches.suse/powerpc-pseries-Fix-cpu_hotplug_lock-acquisition-in-.patch (bsc#1065729 bnc#1151927 5.3.6). - Update patches.suse/powerpc-xive-Implement-get_irqchip_state-method-for-.patch (bsc#1065729 bnc#1151927 5.3.6). - commit e5cdb69 ++++ bluez: - Add hcidump-Fixed-malformed-segment-frame-length.patch * Ensure the L2CAP SDUs whose length field match the actual frame length.(bsc#1013712)(CVE-2016-9798) - Modify bluez.changes: Remove (bsc#1013712)(CVE-2016-9798) tag from patch hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch ++++ ncurses: - Add patches CVE-2019-17594.patch for bsc#1154036 -- CVE-2019-17594: heap-based buffer over-read in _nc_find_entry function in tinfo/comp_hash.c CVE-2019-17595.patch for bsc#1154037 -- CVE-2019-17595: heap-based buffer over-read in fmt_entry function in tinfo/comp_hash.c ++++ snapper: - allow trailing comments in configuration files (bsc#1005342) - version 0.8.5 - allow to make snapshot from other snapshot that the current one (jsc#SLE-7333) - version 0.8.4 ++++ qemu: - Add upstream edk2 submodule fix for creating tarball - Switch to upstream patch for avoiding git ref in edk2 makefile - Fix failing block tests which aren't compatible with the configure option --enable-membarrier * Patches dropped: roms-Makefile.edk2-don-t-invoke-git-sinc.patch tests-block-io-test-130-needs-some-delay.patch * Patches added: make-release-pull-in-edk2-submodules-so-.patch roms-Makefile.edk2-don-t-pull-in-submodu.patch tests-Fix-block-tests-to-be-compatible-w.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ------------------------------------------------------------------ ------------------ 2019-10-14 - Oct 14 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: move local to extent inode logging into bmap helper (bsc#1153965). - commit f0be3ee - xfs: remove broken error handling on failed attr sf to leaf change (bsc#1153964). - commit 82cbfae - xfs: log the inode on directory sf to block format change (bsc#1153963). - commit 09a957a - xfs: get allocation alignment from the buftarg (bsc#1153962). - commit a48cb33 - xfs: assure zeroed memory buffers for certain kmem allocations (bsc#1153957). - commit 077c951 - xfs: add kmem_alloc_io() (bsc#1153956). - commit ef9a9c2 - xfs: add kmem allocation trace points (bsc#1153955). - commit 2ee9365 - fs: xfs: Remove KM_NOSLEEP and KM_SLEEP (bsc#1153954). - commit 5c16078 - KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840). - commit 5c3f332 - net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes). - commit 7298d5a - xfs: Fix tail rounding in xfs_alloc_file_space() (bsc#1153917). - commit 9a4ea01 - series.conf: refresh sorted section Update upstream reference: patches.suse/powerpc-pseries-Remove-confusing-warning-message.patch - commit dcc4e8b ++++ kernel-default-base: - Add Ceph modules (bsc#1149605) ++++ Mesa: - let Mesa-libEGL-devel require libX11 devel via "pkgconfig(x11)" since EGL/eglplatform.h includes X11/Xlib.h ++++ openssh: - Add openssh-7.9p1-keygen-preserve-perms.patch (bsc#1150574). This attempts to preserve the permissions of any existing known_hosts file when modified by ssh-keygen (for instance, with -R). - Added openssh-7.9p1-revert-new-qos-defaults.patch, which reverts an upstream commit that caused compatibility issues with other software (bsc#1136402). - Run 'ssh-keygen -A' on startup only if SSHD_AUTO_KEYGEN="yes" in /etc/sysconfig/ssh. This is set to "yes" by default, but can be changed by the system administrator (bsc#1139089). - Add openssh-7.9p1-keygen-preserve-perms.patch (bsc#1150574). This attempts to preserve the permissions of any existing known_hosts file when modified by ssh-keygen (for instance, with -R). ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#123 - Accept sysconfig values without quotes - 0.926 ++++ tftp: - Add tftp.socket requirement to the service unit section [bsc#1153625] ++++ toolbox: - Update to version 1.0+git20191014.3034fbc: * Make default shell configureable, use /bin/bash as default ------------------------------------------------------------------ ------------------ 2019-10-12 - Oct 12 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Depend on the specific Python ABI version the module was built with, as the _giscanner binary module is ABI dependent. Fixes boo#1153837 ++++ kernel-default: - Refresh patches.suse/powerpc-papr_scm-Fix-an-off-by-one-check-in-papr_scm.patch - commit 2e48c74 ++++ xkeyboard-config: - U_Updating-Old-Hungarian.patch * fix capslock in Old Hungarian layout (boo#1153774) ------------------------------------------------------------------ ------------------ 2019-10-11 - Oct 11 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/pseries: Remove confusing warning message (bsc#1109158). - commit 1ec9a94 ++++ openssl-1_1: - Fixed EVP_PBE_scrypt() to allow NULL salt values. * Revealed by nodejs12 during bsc#1149572. * Modified openssl-jsc-SLE-8789-backport_KDF.patch ++++ pango: - Switch to git-checkout via source service, explicit tag. Upstream tarball is borked. ++++ sudo: - Fix CVE-2019-14287 (bsc#1153674) * A user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do that in sudoers * add sudo-CVE-2019-14287.patch ------------------------------------------------------------------ ------------------ 2019-10-10 - Oct 10 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-11-b20083a930f766939f47dddc66d089c9fee5d38a.patch * check if variables can be set before modifying them to avoid warnings on login with a restricted shell (bsc#1138869) ++++ kernel-default: - supported.conf: sort No functional change, fix order only. - commit 624292b ++++ openssh: - Version update to 8.1p1: * ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys will therefore be incompatible with OpenSSH versions prior to 7.2 unless the default is overridden (using "ssh-keygen -t ssh-rsa -s ..."). * ssh(1): Allow %n to be expanded in ProxyCommand strings * ssh(1), sshd(8): Allow prepending a list of algorithms to the default set by starting the list with the '^' character, E.g. "HostKeyAlgorithms ^ssh-ed25519" * ssh-keygen(1): add an experimental lightweight signature and verification ability. Signatures may be made using regular ssh keys held on disk or stored in a ssh-agent and verified against an authorized_keys-like list of allowed keys. Signatures embed a namespace that prevents confusion and attacks between different usage domains (e.g. files vs email). * ssh-keygen(1): print key comment when extracting public key from a private key. * ssh-keygen(1): accept the verbose flag when searching for host keys in known hosts (i.e. "ssh-keygen -vF host") to print the matching host's random-art signature too. * All: support PKCS8 as an optional format for storage of private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less insecure key derivation function than PEM's. - Additional changes from 8.0p1 release: * scp(1): Add "-T" flag to disable client-side filtering of server file list. * sshd(8): Remove support for obsolete "host/port" syntax. * ssh(1), ssh-agent(1), ssh-add(1): Add support for ECDSA keys in PKCS#11 tokens. * ssh(1), sshd(8): Add experimental quantum-computing resistant key exchange method, based on a combination of Streamlined NTRU Prime 4591^761 and X25519. * ssh-keygen(1): Increase the default RSA key size to 3072 bits, following NIST Special Publication 800-57's guidance for a 128-bit equivalent symmetric security level. * ssh(1): Allow "PKCS11Provider=none" to override later instances of the PKCS11Provider directive in ssh_config, * sshd(8): Add a log message for situations where a connection is dropped for attempting to run a command but a sshd_config ForceCommand=internal-sftp restriction is in effect. * ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". This allows the user to paste a fingerprint obtained out of band at the prompt and have the client do the comparison for you. * ssh-keygen(1): When signing multiple certificates on a single command-line invocation, allow automatically incrementing the certificate serial number. * scp(1), sftp(1): Accept -J option as an alias to ProxyJump on the scp and sftp command-lines. * ssh-agent(1), ssh-pkcs11-helper(8), ssh-add(1): Accept "-v" command-line flags to increase the verbosity of output; pass verbose flags though to subprocesses, such as ssh-pkcs11-helper started from ssh-agent. * ssh-add(1): Add a "-T" option to allowing testing whether keys in an agent are usable by performing a signature and a verification. * sftp-server(8): Add a "lsetstat@openssh.com" protocol extension that replicates the functionality of the existing SSH2_FXP_SETSTAT operation but does not follow symlinks. * sftp(1): Add "-h" flag to chown/chgrp/chmod commands to request they do not follow symlinks. * sshd(8): Expose $SSH_CONNECTION in the PAM environment. This makes the connection 4-tuple available to PAM modules that wish to use it in decision-making. * sshd(8): Add a ssh_config "Match final" predicate Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. * sftp(1): Support a prefix of '@' to suppress echo of sftp batch commands. * ssh-keygen(1): When printing certificate contents using "ssh-keygen -Lf /path/certificate", include the algorithm that the CA used to sign the cert. - Rebased patches: * openssh-7.7p1-IPv6_X_forwarding.patch * openssh-7.7p1-X_forward_with_disabled_ipv6.patch * openssh-7.7p1-cavstest-ctr.patch * openssh-7.7p1-cavstest-kdf.patch * openssh-7.7p1-disable_openssl_abi_check.patch * openssh-7.7p1-fips.patch * openssh-7.7p1-fips_checks.patch * openssh-7.7p1-hostname_changes_when_forwarding_X.patch * openssh-7.7p1-ldap.patch * openssh-7.7p1-seed-prng.patch * openssh-7.7p1-sftp_force_permissions.patch * openssh-7.7p1-sftp_print_diagnostic_messages.patch * openssh-8.0p1-gssapi-keyex.patch (formerly openssh-7.7p1-gssapi_key_exchange.patch) * openssh-8.1p1-audit.patch (formerly openssh-7.7p1-audit.patch) - Removed patches (integrated upstream): * 0001-upstream-Fix-two-race-conditions-in-sshd-relating-to.patch * openssh-7.7p1-seccomp_ioctl_s390_EP11.patch * openssh-7.9p1-CVE-2018-20685.patch * openssh-7.9p1-brace-expansion.patch * openssh-CVE-2019-6109-force-progressmeter-update.patch * openssh-CVE-2019-6109-sanitize-scp-filenames.patch * openssh-CVE-2019-6111-scp-client-wildcard.patch - Removed patches (obsolete): * openssh-openssl-1_0_0-compatibility.patch ++++ python-libvirt-python: - Update to 5.8.0 - Add all new APIs and constants in libvirt 5.8.0 ++++ qemu: - Reduce the cross compiler versions we rely on - Fix some qemu-testsuite issues, reducing known error cases test-add-mapping-from-arch-of-i686-to-qe.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ------------------------------------------------------------------ ------------------ 2019-10-9 - Oct 9 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-08-9875dffab3ddda0c3e8399f935f059246c961f2a.patch * Add s390x compressed kernel support (bsc#1151023) - Add git-09-c6cd010dd8b6efddd71c30f00a923d8f2537584c.patch * Fix LC_NAME and LC_ADDRESS in sh.ssh - Add patch git-10-43091e644ff54997468a215b891dcaa75173f133.patch * fix string test to arithmetic test in /etc/profile.d/wsl.sh ++++ kernel-default: - patches.suse/jbd2-flush_descriptor-Do-not-decrease-buffer-head-s-ref-count.patch: Update tags. - commit 7a9890d - arm64: enable Nvidia Jetson TX2 References: SLE-9388 - commit 4c4ee96 - drm/amd/display: support "dummy pstate" (bsc#1152472) - commit f26d6de - drm/i915: Trust programmed MCR in read_subslice_reg (bsc#1152472) - commit ceae560 - net: stmmac: Avoid deadlock on suspend/resume (git-fixes). - commit 9c4865d - blacklist.conf: Append 'drm/amdgpu: hide another #warning' - commit 57d5b16 - drm/amdgpu: revert "disable bulk moves for now" (bsc#1152472) - commit 0df34be - drm/amd/display: Embed DCN2 SOC bounding box (bsc#1152472) - commit 095c537 - blacklist.conf: Append 'drm/i915: Allow sharing the idle-barrier from other kernel requests' - commit fdee26c - drm/i915: Fix g4x sprite scaling stride check with GTT remapping (bsc#1152472) - commit 2cb06d6 - drm/i915/dp: Fix dsc bpp calculations, v5. (bsc#1152472) - commit def17f6 - drm/i915: Fix and improve MCR selection logic (bsc#1152472) - commit f2d1229 - blacklist.conf: Append 'drm: Fix kerneldoc warns in connector-related docs' - commit a7d220e - PCI: vmd: Fix shadow offsets to reflect spec changes (git-fixes). - PCI: vmd: Fix config addressing when using bus offsets (git-fixes). - commit d1eff9d - Refresh patches.suse/PCI-Restore-Resizable-BAR-size-bits-correctly-for-1M.patch. Update upstream status and sort. - commit 586dc90 - blacklist.conf: add 0df3e42167ca - commit eb1317e - config: enable PCIE_BW also on armv7hl (jsc#SLE-9858) Refresh armv7hl configs. - commit 23f34d5 - config: refresh configs - commit 26e5ee3 - Fix references (v5.4-rc2 -> v5.4-rc3) patches.suse/0001-kernel-sysctl.c-do-not-override-max_threads-provided.patch. - Update references and move into sorted section patches.suse/PCI-mobiveil-Fix-the-CPU-base-address-setup-in-inbou.patch. patches.suse/scsi-qla2xxx-Fix-Relogin-to-prevent-modifying-scan_s.patch. - commit 6fdd32d ++++ brltty: - change udev rule again to also not automatically use the braille driver for USB IDs 10c4:ea60 and 10c4:ea80 as these are generic IDs of generic UART bridges and should not be used for higher level devices (bsc#1093378, bsc#1093455, bsc#1007652) ++++ freetype2: - Use the compiler default C std, since 2012 gcc defaults have changed, we now only need to get rid of ANSIFLAGS, override that variable instead. ++++ Mesa: - Update to version 19.2.1 * fixes all over the tree: intel, amd, nine, nir, egl, gallium, scons, meson, glsl, haiku, android, and nouveau all got fixes. ++++ NetworkManager: - Update to version 1.20.4: + Fix crash related to Wi-Fi-P2P. + Support rd.znet option in initrd generator to support s390. + Fix not creating default-wired-connection when a suitable profile exists which is not tied to the device by interface-name. + tui: support WPA3-Personal (SAE). + Fixes for OLPC Mesh Wi-Fi. + Various bug fixes. Notably, fix unit test and build issues. - Drop nm-fix-gtk-doc.patch: Fixed upstream. - Add nm-fix-gtk-doc.patch: Fix build with gtk-doc 1.32 and newer. - Update to version 1.20.2: + Don't ask wpa_supplicant to attempt to enable FT if the interface doesn't support it. + Various bug fixes and improvements. + Updated translations. - Update to version 1.20.0: + The libnm-glib library, deprecated in favor of libnm since NetworkManager 1.0, and disabled by default since NetworkManager 1.12, has now been removed. + The DHCP client now defaults to "internal". The default can be overriden at build time by using the --with-config-dhcp-default option of the configure script or at run time by setting the main.dhcp option in the configuration file. + Added support for configuring fq_codel line discipline and mirred action. + Added a possibility for distributions to ship dispatcher scripts in /usr/lib. + Drop deprecated setting "main.monitor-connection-files" in NetworkManager.conf. This setting now has no more effect and was disabled by default for a long time. Instead, after changes, load files explicitly with `nmcli connection load` or `nmcli connection reload`. + Rework parsing team JSON config in libnm and stricter validate settings. With this, NetworkManager rejects settings that it considers invalid while still allowing setting arbitrary JSON config directly. + Drop ibft settings plugin. This functionality is now covered by using nm-initrd-generator from initrd to pre-generate in-memory profiles. + Support "suppress_prefixlength" attribute for policy routing rules. + This is what wg-quick uses for the "Improved Rule-based Routing" solution, and the user can now manually configure such policy routing rules. + Support "wireguard.ip4-auto-default-route" and "wireguard.ip6-auto-default-route". This automatically implements the "Improved Rule-based Routing" of wg-quick to help avoiding routing loops when setting the default-route on the WireGuard interface. Note that this is now enabled by default, so there is a change in behavior if your WireGuard connection profiles from before had a default-route (/0) in allowed-ips. + Rework implementation of settings plugins and how profiles are presisted to disk. This is a large internal refactoring of the settings plugins that allows to migrate a connection profile between plugins. + In-memory profiles are now only handled by keyfile plugin and will also be persisted to /run directory. This allows to restart NetworkManager without loosing these profiles and it provides a file-system based API for creating in-memory profiles. + Keyfile plugin now supports a read-only directory of profiles under directory "/usr/lib/NetworkManager/system-connections". Such profiles still can be modified and deleted via D-Bus, which results in writing profiles to /etc or /run that shadow the read-only files. + Add new D-Bus method AddConnection2() that allows to block autoconnect of the profile at the moment when creating the profile. Also add support for this API to libnm. + Add flag "no-reapply" to Update2() D-Bus method. Normally, when a connection profile gets modified, this only changes the profile itself. When the profile is currently activated on a device, then the device's configuration does not update before the profile is fully re-activated or Reapply on the device is called. There is an exception to this: the "connection.zone" and the "connection.metered" properties take effect immediately. The "no-reapply" flag allows suppressing to reapply any properties, so that no changes take effect automatically. The purpose is to really only modify the profile itself without changes to the runtime configuration of the device. + Add "ipv6.method=disabled" to disable IPv6 on a device, like also possible for IPv4. Until now, the users could only set "ipv6.method=ignore" which means the users are free to set IPv6 related sysctl values themselves. + Added support for Wi-Fi Mesh network. - Stop passing --with-libnm-glib to configure, feature was dropped. - Drop sub-packages libnm-util2, libnm-glib4 and libnm-glib-vpn1 and obsolete them from the main package (also in baselibs.conf). - Drop typelib-1_0-NetworkManager-1_0 and typelib-1_0-NMClient-1_0. - Rebase some patches with quilt. - Disable nm-add-CAP_SYS_ADMIN-permission.patch: Needs rework or possibly dropping as the ibft plugin is dropped. - Pass --with-iwd=yes to configure, build experimental IWD backend support. Not recommended for endusers, only for testers willing to take the risk of broken wifi with no support from distro. - Update to version 1.18.4: + Improve handling of externally added policy routing rules and for rules that are taken over after a restart of NetworkManager service. + Fix taking over OVS devices after restart of NetworkManager. + Bugfix reapplying IP configuration while activating. + Allow reapplying Wi-Fi profile when seen-bssids changes. + Various other bugfixes for minor issues and memory leaks. + Various build and test fixes. ++++ salt: - Add missing 'fun' on events coming from salt-ssh wfunc executions (bsc#1151947) - Added: * add-missing-fun-for-returns-from-wfunc-executions.patch ++++ u-boot-rpiarm64: - Enable RaspberryPi4 builds ++++ yast2: - Fixed evaluating the available package versions, fixed crash when trying to download a non-existing package (bsc#1151824) - 4.2.27 ------------------------------------------------------------------ ------------------ 2019-10-8 - Oct 8 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: enable CONFIG_PCIE_BW (jsc#SLE-9858) - commit 4f573d4 - blacklist.conf: add a91bcc2b6537 - commit 4ff0ba8 - Linux 5.3.5 (bnc#1151927 5.3.5). - net: qlogic: Fix memory leak in ql_alloc_large_buffers (bnc#1151927 5.3.5). - nfc: fix memory leak in llcp_sock_bind() (bnc#1151927 5.3.5). - sch_dsmark: fix potential NULL deref in dsmark_init() (bnc#1151927 5.3.5). - ipv6: Handle missing host route in __ipv6_ifa_notify (bnc#1151927 5.3.5). - net: ipv4: avoid mixed n_redirects and rate_tokens usage (bnc#1151927 5.3.5). - cxgb4:Fix out-of-bounds MSI-X info array access (bnc#1151927 5.3.5). - rxrpc: Fix rxrpc_recvmsg tracepoint (bnc#1151927 5.3.5). - qmi_wwan: add support for Cinterion CLS8 devices (bnc#1151927 5.3.5). - udp: only do GSO if # of segs > 1 (bnc#1151927 5.3.5). - udp: fix gso_segs calculations (bnc#1151927 5.3.5). - ipv6: drop incoming packets having a v4mapped source address (bnc#1151927 5.3.5). - ptp_qoriq: Initialize the registers' spinlock before calling ptp_qoriq_settime (bnc#1151927 5.3.5). - net: dsa: sja1105: Fix sleeping while atomic in .port_hwtstamp_set (bnc#1151927 5.3.5). - net: dsa: sja1105: Initialize the meta_lock (bnc#1151927 5.3.5). - net/rds: Fix error handling in rds_ib_add_one() (bnc#1151927 5.3.5). - net: dsa: rtl8366: Check VLAN ID and not ports (bnc#1151927 5.3.5). - tipc: fix unlimited bundling of small messages (bnc#1151927 5.3.5). - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() (bnc#1151927 5.3.5). - tcp: adjust rto_base in retransmits_timed_out() (bnc#1151927 5.3.5). - vsock: Fix a lockdep warning in __vsock_release() (bnc#1151927 5.3.5). - hso: fix NULL-deref on tty open (bnc#1151927 5.3.5). - net: sched: cbs: Avoid division by zero when calculating the port rate (bnc#1151927 5.3.5). - net: sched: taprio: Avoid division by zero on invalid link speed (bnc#1151927 5.3.5). - net: socionext: netsec: always grab descriptor lock (bnc#1151927 5.3.5). - net: sched: taprio: Fix potential integer overflow in taprio_set_picos_per_byte (bnc#1151927 5.3.5). - net: dsa: sja1105: Prevent leaking memory (bnc#1151927 5.3.5). - net: dsa: sja1105: Ensure PTP time for rxtstamp reconstruction is not in the past (bnc#1151927 5.3.5). - net: Unpublish sk from sk_reuseport_cb before call_rcu (bnc#1151927 5.3.5). - erspan: remove the incorrect mtu limit for erspan (bnc#1151927 5.3.5). - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (bnc#1151927 5.3.5). - 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie (bnc#1151927 5.3.5). - kexec: bail out upon SIGKILL when allocating memory (bnc#1151927 5.3.5). - i2c: tegra: Move suspend handling to NOIRQ phase (bnc#1151927 5.3.5). - i2c-cht-wc: Fix lockdep warning (bnc#1151927 5.3.5). - pktcdvd: remove warning on attempting to register non-passthrough dev (bnc#1151927 5.3.5). - block, bfq: push up injection only after setting service time (bnc#1151927 5.3.5). - mips: properly account for stack randomization and stack guard gap (bnc#1151927 5.3.5). - arm: use STACK_TOP when computing mmap base address (bnc#1151927 5.3.5). - arm: properly account for stack randomization and stack guard gap (bnc#1151927 5.3.5). - arm64: consider stack randomization for mmap base only when necessary (bnc#1151927 5.3.5). - kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K (bnc#1151927 5.3.5). - ocfs2: wait for recovering done after direct unlock request (bnc#1151927 5.3.5). - kbuild: clean compressed initramfs image (bnc#1151927 5.3.5). - mm: add dummy can_do_mlock() helper (bnc#1151927 5.3.5). - fat: work around race with userspace's read via blockdev while mounting (bnc#1151927 5.3.5). - tools/power/x86/intel-speed-select: Fix high priority core mask over count (bnc#1151927 5.3.5). - hypfs: Fix error number left in struct pointer member (bnc#1151927 5.3.5). - mfd: intel-lpss: Remove D3cold delay (bnc#1151927 5.3.5). - PCI: tegra: Fix OF node reference leak (bnc#1151927 5.3.5). - PCI: histb: Propagate errors for optional regulators (bnc#1151927 5.3.5). - PCI: imx6: Propagate errors for optional regulators (bnc#1151927 5.3.5). - PCI: exynos: Propagate errors for optional PHYs (bnc#1151927 5.3.5). - PCI: rockchip: Propagate errors for optional regulators (bnc#1151927 5.3.5). - PCI: layerscape: Add the bar_fixed_64bit property to the endpoint driver (bnc#1151927 5.3.5). - PCI: pci-hyperv: Fix build errors on non-SYSFS config (bnc#1151927 5.3.5). - PCI: Use static const struct, not const static struct (bnc#1151927 5.3.5). - PCI: Add pci_info_ratelimited() to ratelimit PCI separately (bnc#1151927 5.3.5). - smack: use GFP_NOFS while holding inode_smack::smk_lock (bnc#1151927 5.3.5). - security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() (bnc#1151927 5.3.5). - Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set (bnc#1151927 5.3.5). - HID: wacom: Fix several minor compiler warnings (bnc#1151927 5.3.5). - HID: apple: Fix stuck function keys when using FN (bnc#1151927 5.3.5). - selinux: fix residual uses of current_security() for the SELinux blob (bnc#1151927 5.3.5). - crypto: hisilicon - Fix double free in sec_free_hw_sgl() (bnc#1151927 5.3.5). - power: supply: register HWMON devices with valid names (bnc#1151927 5.3.5). - rtc: pcf85363/pcf85263: fix regmap error in set_time (bnc#1151927 5.3.5). - rtc: snvs: fix possible race condition (bnc#1151927 5.3.5). - rtc: bd70528: fix driver dependencies (bnc#1151927 5.3.5). - soundwire: intel: fix channel number reported by hardware (bnc#1151927 5.3.5). - ARM: 8905/1: Emit __gnu_mcount_nc when using Clang 10.0.0 or newer (bnc#1151927 5.3.5). - ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address (bnc#1151927 5.3.5). - ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes (bnc#1151927 5.3.5). - ARM: 8875/1: Kconfig: default to AEABI w/ Clang (bnc#1151927 5.3.5). - mips/atomic: Fix smp_mb__{before,after}_atomic() (bnc#1151927 5.3.5). - mips/atomic: Fix loongson_llsc_mb() wreckage (bnc#1151927 5.3.5). - MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean (bnc#1151927 5.3.5). - MIPS: Don't use bc_false uninitialized in __mm_isBranchInstr (bnc#1151927 5.3.5). - MIPS: Ingenic: Disable broken BTB lookup optimization (bnc#1151927 5.3.5). - f2fs: fix to drop meta/node pages during umount (bnc#1151927 5.3.5). - ext4: fix potential use after free after remounting with noblock_validity (bnc#1151927 5.3.5). - scsi: core: Reduce memory required for SCSI logging (bnc#1151927 5.3.5). - dm raid: fix updating of max_discard_sectors limit (bnc#1151927 5.3.5). - dm zoned: fix invalid memory access (bnc#1151927 5.3.5). - ARM: dts: dir685: Drop spi-cpol from the display (bnc#1151927 5.3.5). - clk: sprd: add missing kfree (bnc#1151927 5.3.5). - clk: at91: select parent if main oscillator or bypass is enabled (bnc#1151927 5.3.5). - clk: Make clk_bulk_get_all() return a valid "id" (bnc#1151927 5.3.5). - clk: renesas: cpg-mssr: Set GENPD_FLAG_ALWAYS_ON for clock domain (bnc#1151927 5.3.5). - clk: renesas: mstp: Set GENPD_FLAG_ALWAYS_ON for clock domain (bnc#1151927 5.3.5). - clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks (bnc#1151927 5.3.5). - clk: imx: clk-pll14xx: unbypass PLL by default (bnc#1151927 5.3.5). - clk: imx: pll14xx: avoid glitch when set rate (bnc#1151927 5.3.5). - clk: imx8mq: Mark AHB clock as critical (bnc#1151927 5.3.5). - clk: sunxi: Don't call clk_hw_get_name() on a hw that isn't registered (bnc#1151927 5.3.5). - clk: zx296718: Don't reference clk_init_data after registration (bnc#1151927 5.3.5). - clk: sprd: Don't reference clk_init_data after registration (bnc#1151927 5.3.5). - clk: sirf: Don't reference clk_init_data after registration (bnc#1151927 5.3.5). - clk: meson: axg-audio: Don't reference clk_init_data after registration (bnc#1151927 5.3.5). - clk: actions: Don't reference clk_init_data after registration (bnc#1151927 5.3.5). - clk: ingenic/jz4740: Fix "pll half" divider not read/written properly (bnc#1151927 5.3.5). - clk: qcom: gcc-sdm845: Use floor ops for sdcc clks (bnc#1151927 5.3.5). - clk: qoriq: Fix -Wunused-const-variable (bnc#1151927 5.3.5). - vfio_pci: Restore original state on release (bnc#1151927 5.3.5). - powerpc/eeh: Clean up EEH PEs after recovery finishes (bnc#1151927 5.3.5). - selftests/powerpc: Retry on host facility unavailable (bnc#1151927 5.3.5). - powerpc/eeh: Clear stale EEH_DEV_NO_HANDLER flag (bnc#1151927 5.3.5). - powerpc/perf: fix imc allocation failure handling (bnc#1151927 5.3.5). - powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function (bnc#1151927 5.3.5). - powerpc/ptdump: fix walk_pagetables() address mismatch (bnc#1151927 5.3.5). - PCI: rpaphp: Avoid a sometimes-uninitialized warning (bnc#1151927 5.3.5). - arm64: fix unreachable code issue with cmpxchg (bnc#1151927 5.3.5). - kbuild: Do not enable -Wimplicit-fallthrough for clang for now (bnc#1151927 5.3.5). - drm/amdgpu/si: fix ASIC tests (bnc#1151927 5.3.5). - drm/amd/display: fix trigger not generated for freesync (bnc#1151927 5.3.5). - drm/amd/display: support spdif (bnc#1151927 5.3.5). - drm/amd/display: fix MPO HUBP underflow with Scatter Gather (bnc#1151927 5.3.5). - drm/amd/powerpaly: fix navi series custom peak level value error (bnc#1151927 5.3.5). - drm/amdgpu/sdma5: fix number of sdma5 trap irq types for navi1x (bnc#1151927 5.3.5). - drm/amd/display: Register VUPDATE_NO_LOCK interrupts for DCN2 (bnc#1151927 5.3.5). - drm/amd/display: reprogram VM config when system resume (bnc#1151927 5.3.5). - drm/amd/display: Fix frames_to_insert math (bnc#1151927 5.3.5). - drm/amd/display: fix issue where 252-255 values are clipped (bnc#1151927 5.3.5). - drm/nouveau/volt: Fix for some cards having 0 maximum voltage (bnc#1151927 5.3.5). - drm/nouveau/kms/tu102-: disable input lut when input is already FP16 (bnc#1151927 5.3.5). - dma-buf/sw_sync: Synchronize signal vs syncpt free (bnc#1151927 5.3.5). - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() (bnc#1151927 5.3.5). - drm/radeon: Fix EEH during kexec (bnc#1151927 5.3.5). - drm/amdgpu: Fix hard hang for S/G display BOs (bnc#1151927 5.3.5). - drm/amd/display: Copy GSL groups when committing a new context (bnc#1151927 5.3.5). - drm/amd/display: Clear FEC_READY shadow register if DPCD write fails (bnc#1151927 5.3.5). - drm/amd/display: fix not calling ppsmu to trigger PME (bnc#1151927 5.3.5). - drm/amd/display: Power-gate all DSCs at driver init time (bnc#1151927 5.3.5). - drm/amd/display: add monitor patch to add T7 delay (bnc#1151927 5.3.5). - drm/rockchip: Check for fast link training before enabling psr (bnc#1151927 5.3.5). - drm/panel: check failure cases in the probe func (bnc#1151927 5.3.5). - drm/stm: attach gem fence to atomic state (bnc#1151927 5.3.5). - drm/tinydrm/Kconfig: drivers: Select BACKLIGHT_CLASS_DEVICE (bnc#1151927 5.3.5). - drm/panel: simple: fix AUO g185han01 horizontal blanking (bnc#1151927 5.3.5). - drm/vkms: Avoid assigning 0 for possible_crtc (bnc#1151927 5.3.5). - drm/bridge: tc358767: Increase AUX transfer length limit (bnc#1151927 5.3.5). - drm/vkms: Fix crc worker races (bnc#1151927 5.3.5). - drm/mcde: Fix uninitialized variable (bnc#1151927 5.3.5). - pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c (bnc#1151927 5.3.5). - pinctrl: amd: disable spurious-firing GPIO IRQs (bnc#1151927 5.3.5). - pinctrl: tegra: Fix write barrier placement in pmx_writel (bnc#1151927 5.3.5). - pinctrl: stmfx: update pinconf settings (bnc#1151927 5.3.5). - ipmi_si: Only schedule continuously in the thread in maintenance mode (bnc#1151927 5.3.5). - mbox: qcom: add APCS child device for QCS404 (bnc#1151927 5.3.5). - mailbox: mediatek: cmdq: clear the event in cmdq initial flow (bnc#1151927 5.3.5). - pstore: fs superblock limits (bnc#1151927 5.3.5). - vfs: set fs_context::user_ns for reconfigure (bnc#1151927 5.3.5). - NFC: fix attrs checks in netlink interface (bnc#1151927 5.3.5). - commit 3f4d1b8 - Update patches.suse/0001-video-ssd1307fb-Start-page-range-at-page_offset.patch (bsc#1152472 bnc#1151927 5.3.5). - Update patches.suse/0003-drm-amd-display-Use-proper-enum-conversion-functions.patch (bsc#1152472 bnc#1151927 5.3.5). - Update patches.suse/0005-drm-bridge-sii902x-fix-missing-reference-to-mclk-clo.patch (bsc#1152472 bnc#1151927 5.3.5). - Update patches.suse/PCI-mobiveil-Fix-the-CPU-base-address-setup-in-inbou.patch (fate#326572 bnc#1151927 5.3.5). - Update patches.suse/livepatch-nullify-obj-mod-in-klp_module_coming-s-error-path.patch (bsc#1071995 fate#323487 bnc#1151927 5.3.5). - Update patches.suse/msft-hv-1950-KVM-hyperv-Fix-Direct-Synthetic-timers-assert-an-int.patch (fate#323887 bnc#1151927 5.3.5). - Update patches.suse/powerpc-64s-exception-machine-check-use-correct-cfar.patch (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251 bnc#1151927 5.3.5). - Update patches.suse/powerpc-64s-radix-Fix-memory-hotplug-section-page-ta.patch (bsc#1065729 bnc#1151927 5.3.5). - Update patches.suse/powerpc-dump-kernel-log-before-carrying-out-fadump-o.patch (bsc#1149940 ltc#179958 bnc#1151927 5.3.5). - Update patches.suse/powerpc-powernv-ioda2-Allocate-TCE-table-levels-on-d.patch (bsc#1061840 bnc#1151927 5.3.5). - Update patches.suse/powerpc-pseries-correctly-track-irq-state-in-default.patch (bsc#1150727 ltc#178925 bnc#1151927 5.3.5). - Update patches.suse/powerpc-pseries-mobility-use-cond_resched-when-updat.patch (bsc#1153112 ltc#181778 bnc#1151927 5.3.5). - Update patches.suse/powerpc-rtas-use-device-model-APIs-and-serialization.patch (bsc#1144123 ltc#178840 bnc#1151927 5.3.5). - Update patches.suse/powerpc-xmon-Check-for-HV-mode-when-dumping-XIVE-inf.patch (bsc#1142019 bnc#1151927 5.3.5). - commit 37e2aaf - Update patches.suse/0001-btrfs-Fix-a-regression-which-we-can-t-convert-to-SIN.patch (bsc#1152973 bnc#1151927 5.3.4). - Update patches.suse/0001-btrfs-qgroup-Fix-the-wrong-target-io_tree-when-freei.patch (bsc#1152974 bnc#1151927 5.3.4). - Update patches.suse/0001-ipmi-move-message-error-checking-to-avoid-deadlock.patch (bsc#1152489 bnc#1151927 5.3.4). - Update patches.suse/0002-btrfs-qgroup-Fix-reserved-data-space-leak-if-we-have.patch (bsc#1152975 bnc#1151927 5.3.4). - Update patches.suse/0002-drm-fix-module-name-in-edid_firmware-log-message.patch (bsc#1152472 bnc#1151927 5.3.4). - Update patches.suse/alarmtimer-Use-EOPNOTSUPP-instead-of-ENOTSUPP.patch (bsc#1151680 bnc#1151927 5.3.4). - Update patches.suse/edac-amd64-decode-syndrome-before-translating-address.patch (bsc#1152489 bnc#1151927 5.3.4). - Update patches.suse/edac-amd64-recognize-dram-device-type-ecc-capability.patch (bsc#1152489 bnc#1151927 5.3.4). - Update patches.suse/hwmon-k10temp-Add-support-for-AMD-family-17h-model-7.patch (bsc#1153137 bnc#1151927 5.3.4). - Update patches.suse/iommu-iova-avoid-false-sharing-on-fq_timer_on (bsc#1151675 bnc#1151927 5.3.4). - Update patches.suse/iommu-vt-d-fix-wrong-analysis-whether-devices-share-the-same-bus (bsc#1151679 bnc#1151927 5.3.4). - Update patches.suse/scsi-qla2xxx-Fix-Relogin-to-prevent-modifying-scan_s.patch (bsc#1082635 bsc#1141340 bsc#1143706 bnc#1151927 5.3.4). - Update patches.suse/scsi-scsi_dh_rdac-zero-cdb-in-send_mode_select.patch (bsc#1149313 bnc#1151927 5.3.4). - Update patches.suse/tpm_tis_core-Set-TPM_CHIP_FLAG_IRQ-before-probing-fo.patch (bsc#1082555 bnc#1151927 5.3.4). - Update patches.suse/x86-amd_nb-Add-PCI-device-IDs-for-family-17h-model-7.patch (bsc#1153137 bnc#1151927 5.3.4). - commit 78212b5 - Linux 5.3.4 (bnc#1151927 5.3.4). - Btrfs: fix race setting up and completing qgroup rescan workers (bnc#1151927 5.3.4). - btrfs: adjust dirty_metadata_bytes after writeback failure of extent buffer (bnc#1151927 5.3.4). - ARM: dts: am3517-evm: Fix missing video (bnc#1151927 5.3.4). - ARM: dts: logicpd-torpedo-baseboard: Fix missing video (bnc#1151927 5.3.4). - ARM: omap2plus_defconfig: Fix missing video (bnc#1151927 5.3.4). - CIFS: Fix oplock handling for SMB 2.1+ protocols (bnc#1151927 5.3.4). - CIFS: fix max ea value size (bnc#1151927 5.3.4). - smb3: fix leak in "open on server" perf counter (bnc#1151927 5.3.4). - i2c: riic: Clear NACK in tend isr (bnc#1151927 5.3.4). - tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state (bnc#1151927 5.3.4). - tcp_bbr: fix quantization code to not raise cwnd if not probing bandwidth (bnc#1151927 5.3.4). - net: phy: micrel: add Asym Pause workaround for KSZ9021 (bnc#1151927 5.3.4). - nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs (bnc#1151927 5.3.4). - nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs (bnc#1151927 5.3.4). - vrf: Do not attempt to create IPv6 mcast rule if IPv6 is disabled (bnc#1151927 5.3.4). - net/rds: Check laddr_check before calling it (bnc#1151927 5.3.4). - iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36 (bnc#1151927 5.3.4). - mt76: mt7615: fix mt7615 firmware path definitions (bnc#1151927 5.3.4). - ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule (bnc#1151927 5.3.4). - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (bnc#1151927 5.3.4). - net: stmmac: Fix page pool size (bnc#1151927 5.3.4). - macsec: drop skb sk before calling gro_cells_receive (bnc#1151927 5.3.4). - net/mlx5e: Fix matching on tunnel addresses type (bnc#1151927 5.3.4). - net/mlx5e: Fix traffic duplication in ethtool steering (bnc#1151927 5.3.4). - net/mlx5: Add device ID of upcoming BlueField-2 (bnc#1151927 5.3.4). - net/sched: cbs: Fix not adding cbs instance to list (bnc#1151927 5.3.4). - ppp: Fix memory leak in ppp_write (bnc#1151927 5.3.4). - skge: fix checksum byte order (bnc#1151927 5.3.4). - arcnet: provide a buffer big enough to actually receive packets (bnc#1151927 5.3.4). - nfc: enforce CAP_NET_RAW for raw sockets (bnc#1151927 5.3.4). - ieee802154: enforce CAP_NET_RAW for raw sockets (bnc#1151927 5.3.4). - ax25: enforce CAP_NET_RAW for raw sockets (bnc#1151927 5.3.4). - appletalk: enforce CAP_NET_RAW for raw sockets (bnc#1151927 5.3.4). - mISDN: enforce CAP_NET_RAW for raw sockets (bnc#1151927 5.3.4). - net: sched: fix possible crash in tcf_action_destroy() (bnc#1151927 5.3.4). - net_sched: add policy validation for action attributes (bnc#1151927 5.3.4). - net_sched: add max len check for TCA_KIND (bnc#1151927 5.3.4). - net: qrtr: Stop rx_worker before freeing node (bnc#1151927 5.3.4). - net/phy: fix DP83865 10 Mbps HDX loopback disable function (bnc#1151927 5.3.4). - usbnet: ignore endpoints with invalid wMaxPacketSize (bnc#1151927 5.3.4). - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bnc#1151927 5.3.4). - ipv6: fix a typo in fib6_rule_lookup() (bnc#1151927 5.3.4). - sch_netem: fix a divide by zero in tabledist() (bnc#1151927 5.3.4). - ipv4: Revert removal of rt_uses_gateway (bnc#1151927 5.3.4). - selftests: Update fib_nexthop_multiprefix to handle missing ping6 (bnc#1151927 5.3.4). - selftests: Update fib_tests to handle missing ping6 (bnc#1151927 5.3.4). - net/sched: act_sample: don't push mac header on ip6gre ingress (bnc#1151927 5.3.4). - usbnet: sanity checking of packet sizes and device mtu (bnc#1151927 5.3.4). - kvm: x86: Add "significant index" flag to a few CPUID leaves (bnc#1151927 5.3.4). - KVM: x86/mmu: Use fast invalidate mechanism to zap MMIO sptes (bnc#1151927 5.3.4). - block: fix null pointer dereference in blk_mq_rq_timed_out() (bnc#1151927 5.3.4). - drm/amdgpu/display: fix 64 bit divide (bnc#1151927 5.3.4). - drm/amd/display: Restore backlight brightness after system resume (bnc#1151927 5.3.4). - drm/amd/display: Add missing HBM support and raise Vega20's uclk (bnc#1151927 5.3.4). - drm/amd/display: dce11.x /dce12 update formula input (bnc#1151927 5.3.4). - SUNRPC: Fix buffer handling of GSS MIC without slack (bnc#1151927 5.3.4). - SUNRPC: Dequeue the request from the receive queue while we're re-encoding (bnc#1151927 5.3.4). - binfmt_elf: Do not move brk for INTERP-less ET_EXEC (bnc#1151927 5.3.4). - lib/lzo/lzo1x_compress.c: fix alignment bug in lzo-rle (bnc#1151927 5.3.4). - memcg, kmem: do not fail __GFP_NOFAIL charges (bnc#1151927 5.3.4). - fuse: fix beyond-end-of-page access in fuse_parse_cache() (bnc#1151927 5.3.4). - fuse: fix missing unlock_page in fuse_writepage() (bnc#1151927 5.3.4). - fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock (bnc#1151927 5.3.4). - tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bnc#1151927 5.3.4). - KEYS: trusted: correctly initialize digests and fix locking issue (bnc#1151927 5.3.4). - ALSA: hda/realtek - PCI quirk for Medion E4254 (bnc#1151927 5.3.4). - memcg, oom: don't require __GFP_FS when invoking memcg OOM killer (bnc#1151927 5.3.4). - mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone (bnc#1151927 5.3.4). - z3fold: fix memory leak in kmem cache (bnc#1151927 5.3.4). - z3fold: fix retry mechanism in page reclaim (bnc#1151927 5.3.4). - hwrng: core - don't wait on add_early_randomness() (bnc#1151927 5.3.4). - gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps (bnc#1151927 5.3.4). - quota: fix wrong condition in is_quota_modification() (bnc#1151927 5.3.4). - ext4: fix punch hole for inline_data file systems (bnc#1151927 5.3.4). - ext4: fix warning inside ext4_convert_unwritten_extents_endio (bnc#1151927 5.3.4). - mtd: rawnand: stm32_fmc2: avoid warnings when building with W=1 option (bnc#1151927 5.3.4). - RDMA: Fix double-free in srq creation error flow (bnc#1151927 5.3.4). - IB/mlx5: Free mpi in mp_slave mode (bnc#1151927 5.3.4). - IB/hfi1: Define variables as unsigned long to fix KASAN warning (bnc#1151927 5.3.4). - IB/hfi1: Do not update hcrc for a KDETH packet during fault injection (bnc#1151927 5.3.4). - randstruct: Check member structs in is_pure_ops_struct() (bnc#1151927 5.3.4). - printk: Do not lose last line in kmsg buffer dump (bnc#1151927 5.3.4). - ARM: samsung: Fix system restart on S3C6410 (bnc#1151927 5.3.4). - powerpc/imc: Dont create debugfs files for cpu-less nodes (bnc#1151927 5.3.4). - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bnc#1151927 5.3.4). - efifb: BGRT: Improve efifb_bgrt_sanity_check (bnc#1151927 5.3.4). - platform/chrome: cros_ec_rpmsg: Fix race with host command when probe failed (bnc#1151927 5.3.4). - smb3: fix unmount hang in open_shroot (bnc#1151927 5.3.4). - smb3: allow disabling requesting leases (bnc#1151927 5.3.4). - xfs: Fix stale data exposure when readahead races with hole punch (bnc#1151927 5.3.4). - fs: Export generic_fadvise() (bnc#1151927 5.3.4). - mm: Handle MADV_WILLNEED through vfs_fadvise() (bnc#1151927 5.3.4). - ovl: filter of trusted xattr results in audit (bnc#1151927 5.3.4). - ovl: Fix dereferencing possible ERR_PTR() (bnc#1151927 5.3.4). - btrfs: Relinquish CPUs in btrfs_compare_trees (bnc#1151927 5.3.4). - btrfs: fix allocation of free space cache v1 bitmap pages (bnc#1151927 5.3.4). - btrfs: Detect unbalanced tree with empty leaf before crashing btree operations (bnc#1151927 5.3.4). - Btrfs: fix use-after-free when using the tree modification log (bnc#1151927 5.3.4). - btrfs: tree-checker: Add ROOT_ITEM check (bnc#1151927 5.3.4). - btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type (bnc#1151927 5.3.4). - btrfs: delayed-inode: Kill the BUG_ON() in btrfs_delete_delayed_dir_index() (bnc#1151927 5.3.4). - ath10k: fix channel info parsing for non tlv target (bnc#1151927 5.3.4). - i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask (bnc#1151927 5.3.4). - cfg80211: Purge frame registrations on iftype change (bnc#1151927 5.3.4). - mt76: mt7615: always release sem in mt7615_load_patch (bnc#1151927 5.3.4). - mt76: round up length on mt76_wr_copy (bnc#1151927 5.3.4). - zd1211rw: remove false assertion from zd_mac_clear() (bnc#1151927 5.3.4). - rtw88: pci: Use DMA sync instead of remapping in RX ISR (bnc#1151927 5.3.4). - rtw88: pci: Rearrange the memory usage for skb in RX ISR (bnc#1151927 5.3.4). - libertas: Add missing sentinel at end of if_usb.c fw_table (bnc#1151927 5.3.4). - e1000e: add workaround for possible stalled packet (bnc#1151927 5.3.4). - /dev/mem: Bail out upon SIGKILL (bnc#1151927 5.3.4). - staging: erofs: cannot set EROFS_V_Z_INITED_BIT if fill_inode_lazy fails (bnc#1151927 5.3.4). - kvm: Nested KVM MMUs need PAE root too (bnc#1151927 5.3.4). - KVM: x86: set ctxt->have_exception in x86_decode_insn() (bnc#1151927 5.3.4). - KVM: x86: always stop emulation on page fault (bnc#1151927 5.3.4). - KVM: x86: Manually calculate reserved bits when loading PDPTRS (bnc#1151927 5.3.4). - KVM: x86: Disable posted interrupts for non-standard IRQs delivery modes (bnc#1151927 5.3.4). - ACPI / LPSS: Save/restore LPSS private registers also on Lynxpoint (bnc#1151927 5.3.4). - ACPI / PCI: fix acpi_pci_irq_enable() memory leak (bnc#1151927 5.3.4). - ACPI: custom_method: fix memory leaks (bnc#1151927 5.3.4). - ACPI / processor: don't print errors for processorIDs == 0xff (bnc#1151927 5.3.4). - ACPI / APEI: Release resources if gen_pool_add() fails (bnc#1151927 5.3.4). - ACPI / CPPC: do not require the _PSD method (bnc#1151927 5.3.4). - PM / devfreq: passive: fix compiler warning (bnc#1151927 5.3.4). - PM / devfreq: passive: Use non-devm notifiers (bnc#1151927 5.3.4). - PM / devfreq: exynos-bus: Correct clock enable sequence (bnc#1151927 5.3.4). - PM / devfreq: Fix kernel oops on governor module load (bnc#1151927 5.3.4). - cpufreq: imx-cpufreq-dt: Add i.MX8MN support (bnc#1151927 5.3.4). - cpufreq: ap806: Add NULL check after kcalloc (bnc#1151927 5.3.4). - sched/cpufreq: Align trace event behavior of fast switching (bnc#1151927 5.3.4). - cpuidle: teo: Allow tick to be stopped if PM QoS is used (bnc#1151927 5.3.4). - dmaengine: ti: edma: Do not reset reserved paRAM slots (bnc#1151927 5.3.4). - dmaengine: bcm2835: Print error in case setting DMA mask fails (bnc#1151927 5.3.4). - leds: lm3532: Fixes for the driver for stability (bnc#1151927 5.3.4). - led: triggers: Fix a memory leak bug (bnc#1151927 5.3.4). - leds: leds-lp5562 allow firmware files up to the maximum length (bnc#1151927 5.3.4). - media: videobuf-core.c: poll_wait needs a non-NULL buf pointer (bnc#1151927 5.3.4). - media: ov9650: add a sanity check (bnc#1151927 5.3.4). - media: aspeed-video: address a protential usage of an unitialized var (bnc#1151927 5.3.4). - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bnc#1151927 5.3.4). - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bnc#1151927 5.3.4). - media: saa7146: add cleanup in hexium_attach() (bnc#1151927 5.3.4). - media: cpia2_usb: fix memory leaks (bnc#1151927 5.3.4). - media: cec-notifier: clear cec_adap in cec_notifier_unregister (bnc#1151927 5.3.4). - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bnc#1151927 5.3.4). - media: dvb-core: fix a memory leak bug (bnc#1151927 5.3.4). - media: mceusb: fix (eliminate) TX IR signal length limit (bnc#1151927 5.3.4). - media: dvb-frontends: use ida for pll number (bnc#1151927 5.3.4). - media: gspca: zero usb_buf on error (bnc#1151927 5.3.4). - media: hdpvr: add terminating 0 at end of string (bnc#1151927 5.3.4). - media: radio/si470x: kill urb on error (bnc#1151927 5.3.4). - media: imx: mipi csi-2: Don't fail if initial state times-out (bnc#1151927 5.3.4). - media: i2c: ov5645: Fix power sequence (bnc#1151927 5.3.4). - media: omap3isp: Don't set streaming state on random subdevs (bnc#1151927 5.3.4). - media: omap3isp: Set device on omap3isp subdevs (bnc#1151927 5.3.4). - media: vsp1: fix memory leak of dl on error return path (bnc#1151927 5.3.4). - media: rc: imon: Allow iMON RC protocol for ffdc 7e device (bnc#1151927 5.3.4). - media: em28xx: modules workqueue not inited for 2nd device (bnc#1151927 5.3.4). - media: fdp1: Reduce FCP not found message level to debug (bnc#1151927 5.3.4). - media: i2c: tda1997x: prevent potential NULL pointer access (bnc#1151927 5.3.4). - media: mtk-mdp: fix reference count on old device tree (bnc#1151927 5.3.4). - media: media/platform: fsl-viu.c: fix build for MICROBLAZE (bnc#1151927 5.3.4). - media: staging: tegra-vde: Fix build error (bnc#1151927 5.3.4). - media: iguanair: add sanity checks (bnc#1151927 5.3.4). - media: don't drop front-end reference count for ->detach (bnc#1151927 5.3.4). - media: hantro: Set DMA max segment size (bnc#1151927 5.3.4). - media: i2c: ov5640: Check for devm_gpiod_get_optional() error (bnc#1151927 5.3.4). - media: vivid: fix device init when no_error_inj=1 and fb disabled (bnc#1151927 5.3.4). - media: hdpvr: Add device num check and handling (bnc#1151927 5.3.4). - media: exynos4-is: fix leaked of_node references (bnc#1151927 5.3.4). - media: vivid: work around high stack usage with clang (bnc#1151927 5.3.4). - media: vivid:add sanity check to avoid divide error and set value to 1 if 0 (bnc#1151927 5.3.4). - media: vb2: reorder checks in vb2_poll() (bnc#1151927 5.3.4). - media: dib0700: fix link error for dibx000_i2c_set_speed (bnc#1151927 5.3.4). - media: mtk-cir: lower de-glitch counter for rc-mm protocol (bnc#1151927 5.3.4). - ASoC: dt-bindings: sun4i-spdif: Fix dma-names warning (bnc#1151927 5.3.4). - ASoC: Intel: Haswell: Adjust machine device private context (bnc#1151927 5.3.4). - ASoC: sun4i-i2s: Don't use the oversample to calculate BCLK (bnc#1151927 5.3.4). - ASoC: SOF: reset DMA state in prepare (bnc#1151927 5.3.4). - ASoC: SOF: pci: mark last_busy value at runtime PM init (bnc#1151927 5.3.4). - ASoC: sgtl5000: Fix charge pump source assignment (bnc#1151927 5.3.4). - ASoC: sgtl5000: Fix of unmute outputs on probe (bnc#1151927 5.3.4). - ASoC: tlv320aic31xx: suppress error message for EPROBE_DEFER (bnc#1151927 5.3.4). - ASoC: SOF: Intel: hda: Make hdac_device device-managed (bnc#1151927 5.3.4). - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bnc#1151927 5.3.4). - ASoC: fsl_ssi: Fix clock control issue in master mode (bnc#1151927 5.3.4). - ASoC: es8316: fix headphone mixer volume table (bnc#1151927 5.3.4). - ASoC: Intel: NHLT: Fix debug print format (bnc#1151927 5.3.4). - ASoC: Intel: Fix use of potentially uninitialized variable (bnc#1151927 5.3.4). - ASoC: Intel: Skylake: Use correct function to access iomem space (bnc#1151927 5.3.4). - ASoC: mchp-i2s-mcc: Wait for RX/TX RDY only if controller is running (bnc#1151927 5.3.4). - ASoC: mchp-i2s-mcc: Fix unprepare of GCLK (bnc#1151927 5.3.4). - ASoC: uniphier: Fix double reset assersion when transitioning to suspend state (bnc#1151927 5.3.4). - ASoC: hdac_hda: fix page fault issue by removing race (bnc#1151927 5.3.4). - ASoC: rsnd: don't call clk_get_rate() under atomic context (bnc#1151927 5.3.4). - ALSA: firewire-motu: add support for MOTU 4pre (bnc#1151927 5.3.4). - ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bnc#1151927 5.3.4). - ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bnc#1151927 5.3.4). - ALSA: hda - Add a quirk model for fixing Huawei Matebook X right speaker (bnc#1151927 5.3.4). - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bnc#1151927 5.3.4). - ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bnc#1151927 5.3.4). - ALSA: hda - Show the fatal CORB/RIRB error more clearly (bnc#1151927 5.3.4). - ALSA: hda/hdmi - Don't report spurious jack state changes (bnc#1151927 5.3.4). - ALSA: hda: Flush interrupts on disabling (bnc#1151927 5.3.4). - ALSA: firewire-tascam: check intermediate state of clock status and retry (bnc#1151927 5.3.4). - ALSA: firewire-tascam: handle error code when getting current source of clock (bnc#1151927 5.3.4). - mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD (bnc#1151927 5.3.4). - mmc: mtk-sd: Re-store SDIO IRQs mask at system resume (bnc#1151927 5.3.4). - mmc: dw_mmc: Re-store SDIO IRQs mask at system resume (bnc#1151927 5.3.4). - mmc: core: Add helper function to indicate if SDIO IRQs is enabled (bnc#1151927 5.3.4). - mmc: sdhci: Fix incorrect switch to HS mode (bnc#1151927 5.3.4). - block: make rq sector size accessible for block stats (bnc#1151927 5.3.4). - md/raid0: avoid RAID0 data corruption due to layout confusion (bnc#1151927 5.3.4). - raid5: don't set STRIPE_HANDLE to stripe which is in batch list (bnc#1151927 5.3.4). - raid5: don't increment read_errors on EILSEQ return (bnc#1151927 5.3.4). - md/raid1: fail run raid1 array when active disk less than one (bnc#1151927 5.3.4). - closures: fix a race on wakeup from closure_sync (bnc#1151927 5.3.4). - block: mq-deadline: Fix queue restart handling (bnc#1151927 5.3.4). - nvme-multipath: fix ana log nsid lookup when nsid is not found (bnc#1151927 5.3.4). - nvmet: fix data units read and written counters in SMART log (bnc#1151927 5.3.4). - md: don't report active array_state until after revalidate_disk() completes (bnc#1151927 5.3.4). - md: only call set_in_sync() when it is expected to succeed (bnc#1151927 5.3.4). - nbd: add missing config put (bnc#1151927 5.3.4). - blk-mq: Fix memory leak in blk_mq_init_allocated_queue error handling (bnc#1151927 5.3.4). - loop: Add LOOP_SET_DIRECT_IO to compat ioctl (bnc#1151927 5.3.4). - md: don't call spare_active in md_reap_sync_thread if all member devices can't work (bnc#1151927 5.3.4). - md: don't set In_sync if array is frozen (bnc#1151927 5.3.4). - md/raid1: end bio when the device faulty (bnc#1151927 5.3.4). - md/raid6: Set R5_ReadError when there is read failure on parity disk (bnc#1151927 5.3.4). - scsi: implement .cleanup_rq callback (bnc#1151927 5.3.4). - blk-mq: add callback of .cleanup_rq (bnc#1151927 5.3.4). - libata/ahci: Drop PCS quirk for Denverton and beyond (bnc#1151927 5.3.4). - io_uring: fix wrong sequence setting logic (bnc#1151927 5.3.4). - s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding (bnc#1151927 5.3.4). - s390/kasan: provide uninstrumented __strlen (bnc#1151927 5.3.4). - posix-cpu-timers: Sanitize bogus WARNONS (bnc#1151927 5.3.4). - x86/apic/vector: Warn when vector space exhaustion breaks affinity (bnc#1151927 5.3.4). - x86/apic: Make apic_pending_intr_clear() more robust (bnc#1151927 5.3.4). - x86/apic: Soft disable APIC before initializing it (bnc#1151927 5.3.4). - x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (bnc#1151927 5.3.4). - irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices (bnc#1151927 5.3.4). - x86/mm/pti: Do not invoke PTI functions when PTI is disabled (bnc#1151927 5.3.4). - x86/mm/pti: Handle unaligned address gracefully in pti_clone_pagetable() (bnc#1151927 5.3.4). - tools/power/x86/intel-speed-select: Fix memory leak (bnc#1151927 5.3.4). - platform/x86: intel_int0002_vgpio: Fix wakeups not working on Cherry Trail (bnc#1151927 5.3.4). - platform/x86: intel_pmc_core_pltdrv: Module removal warning fix (bnc#1151927 5.3.4). - platform/x86: intel_pmc_core: Do not ioremap RAM (bnc#1151927 5.3.4). - x86/platform/intel/iosf_mbi Rewrite locking (bnc#1151927 5.3.4). - x86/mm: Fix cpumask_of_node() error condition (bnc#1151927 5.3.4). - x86/cpu: Add Tiger Lake to Intel family (bnc#1151927 5.3.4). - sched/psi: Correct overly pessimistic size calculation (bnc#1151927 5.3.4). - sched/fair: Use rq_lock/unlock in online_fair_sched_group (bnc#1151927 5.3.4). - rcu/tree: Fix SCHED_FIFO params (bnc#1151927 5.3.4). - sched/core: Fix CPU controller for !RT_GROUP_SCHED (bnc#1151927 5.3.4). - rcu/tree: Call setschedule() gp ktread to SCHED_FIFO outside of atomic region (bnc#1151927 5.3.4). - sched/deadline: Fix bandwidth accounting at all levels after offline migration (bnc#1151927 5.3.4). - time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint (bnc#1151927 5.3.4). - sched/fair: Fix imbalance due to CPU affinity (bnc#1151927 5.3.4). - kprobes: Prohibit probing on BUG() and WARN() address (bnc#1151927 5.3.4). - libtraceevent: Change users plugin directory (bnc#1151927 5.3.4). - perf evlist: Use unshare(CLONE_FS) in sb threads to let setns(CLONE_NEWNS) work (bnc#1151927 5.3.4). - perf script: Fix memory leaks in list_scripts() (bnc#1151927 5.3.4). - perf report: Fix --ns time sort key output (bnc#1151927 5.3.4). - perf trace beauty ioctl: Fix off-by-one error in cmd->string table (bnc#1151927 5.3.4). - libperf: Fix alignment trap with xyarray contents in 'perf stat' (bnc#1151927 5.3.4). - tools headers: Fixup bitsperlong per arch includes (bnc#1151927 5.3.4). - perf unwind: Fix libunwind when tid != pid (bnc#1151927 5.3.4). - perf record: Support aarch64 random socket_id assignment (bnc#1151927 5.3.4). - perf tools: Fix paths in include statements (bnc#1151927 5.3.4). - perf test vfs_getname: Disable ~/.perfconfig to get default output (bnc#1151927 5.3.4). - perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig (bnc#1151927 5.3.4). - efi: cper: print AER info of PCIe fatal error (bnc#1151927 5.3.4). - idle: Prevent late-arriving interrupts from disrupting offline (bnc#1151927 5.3.4). - rcu: Add destroy_work_on_stack() to match INIT_WORK_ONSTACK() (bnc#1151927 5.3.4). - arm64: dts: rockchip: limit clock rate of MMC controllers for RK3328 (bnc#1151927 5.3.4). - ARM: dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks (bnc#1151927 5.3.4). - arm64: dts: qcom: qcs404-evb: Mark WCSS clocks protected (bnc#1151927 5.3.4). - arm64: dts: meson: fix boards regulators states format (bnc#1151927 5.3.4). - arm64: dts: imx8mq: Correct OPP table according to latest datasheet (bnc#1151927 5.3.4). - ARM: dts: imx7-colibri: disable HS400 (bnc#1151927 5.3.4). - ARM: dts: imx7d: cl-som-imx7: make ethernet work again (bnc#1151927 5.3.4). - base: soc: Export soc_device_register/unregister APIs (bnc#1151927 5.3.4). - firmware: qcom_scm: Use proper types for dma mappings (bnc#1151927 5.3.4). - soc: amlogic: meson-clk-measure: protect measure with a mutex (bnc#1151927 5.3.4). - soc: renesas: Enable ARM_ERRATA_754322 for affected Cortex-A9 (bnc#1151927 5.3.4). - soc: renesas: rmobile-sysc: Set GENPD_FLAG_ALWAYS_ON for always-on domain (bnc#1151927 5.3.4). - firmware: arm_scmi: Check if platform has released shmem before using (bnc#1151927 5.3.4). - ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up (bnc#1151927 5.3.4). - ARM: OMAP2+: move platform-specific asm-offset.h to arch/arm/mach-omap2 (bnc#1151927 5.3.4). - ARM: at91: move platform-specific asm-offset.h to arch/arm/mach-at91 (bnc#1151927 5.3.4). - net: lpc-enet: fix printk format strings (bnc#1151927 5.3.4). - ARM: xscale: fix multi-cpu compilation (bnc#1151927 5.3.4). - dmaengine: iop-adma: use correct printk format strings (bnc#1151927 5.3.4). - parisc: Disable HP HSC-PCI Cards to prevent kernel crash (bnc#1151927 5.3.4). - ia64:unwind: fix double free for mod->arch.init_unw_table (bnc#1151927 5.3.4). - irqchip/sifive-plic: set max threshold for ignored handlers (bnc#1151927 5.3.4). - m68k: Prevent some compiler warnings in Coldfire builds (bnc#1151927 5.3.4). - arm64: Use correct ll/sc atomic constraints (bnc#1151927 5.3.4). - jump_label: Don't warn on __exit jump entries (bnc#1151927 5.3.4). - arm64: tlb: Ensure we execute an ISB following walk cache invalidation (bnc#1151927 5.3.4). - kasan/arm64: fix CONFIG_KASAN_SW_TAGS && KASAN_INLINE (bnc#1151927 5.3.4). - arm64: kpti: ensure patched kernel text is fetched from PoU (bnc#1151927 5.3.4). - arm64: entry: Move ct_user_exit before any other exception (bnc#1151927 5.3.4). - powerpc/Makefile: Always pass --synthetic to nm if supported (bnc#1151927 5.3.4). - arm64/efi: Move variable assignments after SECTIONS (bnc#1151927 5.3.4). - arm64/prefetch: fix a -Wtype-limits warning (bnc#1151927 5.3.4). - arm64: mm: free the initrd reserved memblock in a aligned manner (bnc#1151927 5.3.4). - iommu/amd: Silence warnings under memory pressure (bnc#1151927 5.3.4). - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bnc#1151927 5.3.4). - iommu/arm-smmu-v3: Disable detection of ATS and PRI (bnc#1151927 5.3.4). - gpio: madera: Add support for Cirrus Logic CS47L92 (bnc#1151927 5.3.4). - gpio: madera: Add support for Cirrus Logic CS47L15 (bnc#1151927 5.3.4). - spi: ep93xx: Repair SPI CS lookup tables (bnc#1151927 5.3.4). - spi: dw-mmio: Clock should be shut when error occurs (bnc#1151927 5.3.4). - spi: bcm2835: Work around DONE bit erratum (bnc#1151927 5.3.4). - spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours (bnc#1151927 5.3.4). - regulator: Defer init completion for a while after late_initcall (bnc#1151927 5.3.4). - regulator: lm363x: Fix n_voltages setting for lm36274 (bnc#1151927 5.3.4). - regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg (bnc#1151927 5.3.4). - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bnc#1151927 5.3.4). - RAS: Build debugfs.o only when enabled in Kconfig (bnc#1151927 5.3.4). - EDAC/amd64: Support more than two controllers for chip selects handling (bnc#1151927 5.3.4). - EDAC, pnd2: Fix ioremap() size in dnv_rd_reg() (bnc#1151927 5.3.4). - EDAC/altera: Use the proper type for the IRQ status bits (bnc#1151927 5.3.4). - EDAC/mc: Fix grain_bits calculation (bnc#1151927 5.3.4). - tpm_tis_core: Turn on the TPM before probing IRQ's (bnc#1151927 5.3.4). - Update patches.suse/tpm_tis_core-Set-TPM_CHIP_FLAG_IRQ-before-probing-fo.patch - commit 44d74c4 - kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875). - commit c8680bd ++++ polkit: - polkit-keyinit.patch: add pam_keyinit to the polkit configuration (bsc#1144053) ++++ libvirt: - Update to libvirt 5.8.0 - bsc#1149100 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html ++++ u-boot-rpiarm64: - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.10 * Patches added: 0009-libfdt-fdt_address_cells-and-fdt_si.patch 0010-libfdt-return-correct-value-if-size.patch 0011-libfdt-Allow-size-cells-of-0.patch 0012-dm-Fix-default-address-cells-return.patch - Update to v2019.10: * Platforms fixes: Amlogic, Atmel, Exynos5, Marvell, NXP, Rockchip, SunXi, TI * add support for RPi4 * RPi4: Fix amount of memory seen by the kernel * RPi: Fix USB 1.1 keyboard (boo#1139351, boo#1131064) * I2C fixes * MMC fixes * NET fixes * SPI fixes * UEFI fixes * USB fixes - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.10 * Patches dropped (upstreamed): 0009-ARM-exynos5-Try-to-boot-on-mmc2-bef.patch ------------------------------------------------------------------ ------------------ 2019-10-7 - Oct 7 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778). - powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778). - commit 6d0719a - powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186). - commit 90a9436 - block: drop device references in bsg_queue_rq() (bsc#1153217). - commit b02e448 - Re-activated still not upstream mvpp2 patch (bsc#1117016) - commit 6e10d56 - Delete patches.suse/lustre-Simplify-ib_post_-send-recv-srq_recv-calls.patch. No longer needed. - commit 8d0fb6b - libnvdimm/altmap: Track namespace boundaries in altmap (bsc#1150305). - commit 458a137 - Linux 5.3.3 (bnc#1151927 5.3.3). - commit d0d68ea - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (bsc#1151680). - commit 87f78af - scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (fate#323887). - commit 96ad9b0 ++++ Mesa: - pickup gl, egl, glesv1_cm and glesv2 pkgconfig files from libglvnd build and add them to the appropriate devel subpackages - reintroduce GL, EGL, GLES* devel subpackages since corresponding header and pkgconfig files from libglvnd didn't work out ... ++++ libglvnd: - move gl, egl, glesv1_cm and glesv2 pkgconfig files to doc directory, so these can be picked up by Mesa build; no longer require Mesa devel subpackages ... - reverting inclusion of GL, EGL, GLES, GLES2, GLES3 headers; no longer let libglvnd-devel package provide and obsolete corresponding Mesa gl, egl, gles* devel subpackages; headers just aren't compatible; instead require them ... - supersedes patches: * n_0001-eglplatform-fix-mesa-specific-defines.patch * u_add-gl3ext.h ++++ toolbox: - Update to version 1.0+git20191007.e038337: * Initial version ++++ yast2: - Remove old values from /etc/sysctl.conf (jsc#SLE-9077). - 4.2.26 ------------------------------------------------------------------ ------------------ 2019-10-6 - Oct 6 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - hwmon: (k10temp) Add support for AMD family 17h, model 70h CPUs (bsc#1153137). - x86/amd_nb: Add PCI device IDs for family 17h, model 70h (bsc#1153137). - commit 6e407a5 ++++ libglvnd: - let libglvnd-devel also provide/obsolete Mesa-libGLESv3-devel ++++ harfbuzz: - add upstream sigining keyring and verify source signature ------------------------------------------------------------------ ------------------ 2019-10-5 - Oct 5 2019 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.62.1: + Fix two memory leaks. ++++ icu: - Update to release 65.1 (jsc#SLE-11118). * Updated to CLDR 36 locale data with many additions and corrections, and some new measurement units. * The Java LocaleMatcher API is improved, and ported to C++. - Drop 075cefb2e21f57f4cac1bc2868e93dd1b8c077cc.patch (merged) ++++ runc: - Upgrade to runc v1.0.0~rc9. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc9 - Remove upstreamed patches: - CVE-2019-16884.patch ------------------------------------------------------------------ ------------------ 2019-10-4 - Oct 4 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Update to version 2.62.1: + Fix regression in g_file_copy() when passing `G_FILE_COPY_TARGET_DEFAULT_PERMS` flag; the destination permissions would be private rather than following the process’ umask. + Several `GDateTime` parsing fixes. + Always build the tests if installed-tests are enabled, so that the tests can actually be installed. + Bugs fixed: glgo#GNOME/GLib#174, glgo#GNOME/GLib#1865, glgo#GNOME/GLib#1875, glgo#GNOME/GLib#1887, glgo#GNOME/GLib#1888, glgo#GNOME/GLib!1021, glgo#GNOME/GLib!1094, glgo#GNOME/GLib!1101, glgo#GNOME/GLib!1102, glgo#GNOME/GLib!1103, glgo#GNOME/GLib!1127, glgo#GNOME/GLib!1128, glgo#GNOME/GLib!1140, glgo#GNOME/GLib!1141, glgo#GNOME/GLib!1142. + Updated translations. ++++ kernel-default: - powerpc/64s/radix: tidy up TLB flushing code (bsc#1152885). - powerpc/64s: remove register_process_table callback (bsc#1152885). - commit 33f6003 - Linux 5.3.2 (bnc#1151927 5.3.2). - ALSA: usb-audio: Add DSD support for EVGA NU Audio (bnc#1151927 5.3.2). - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bnc#1151927 5.3.2). - ALSA: hda - Apply AMD controller workaround for Raven platform (bnc#1151927 5.3.2). - ALSA: usb-audio: Add Hiby device family to quirks for native DSD support (bnc#1151927 5.3.2). - ALSA: dice: fix wrong packet parameter for Alesis iO26 (bnc#1151927 5.3.2). - Revert "mm/z3fold.c: fix race between migration and destruction" (bnc#1151927 5.3.2). - platform/x86: i2c-multi-instantiate: Derive the device name from parent (bnc#1151927 5.3.2). - HID: Add quirk for HP X500 PIXART OEM mouse (bnc#1151927 5.3.2). - HID: prodikeys: Fix general protection fault during probe (bnc#1151927 5.3.2). - HID: sony: Fix memory corruption issue on cleanup (bnc#1151927 5.3.2). - HID: logitech-dj: Fix crash when initial logi_dj_recv_query_paired_devices fails (bnc#1151927 5.3.2). - HID: logitech: Fix general protection fault caused by Logitech driver (bnc#1151927 5.3.2). - HID: hidraw: Fix invalid read in hidraw_ioctl (bnc#1151927 5.3.2). - crypto: talitos - fix missing break in switch statement (bnc#1151927 5.3.2). - mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword() (bnc#1151927 5.3.2). - clk: imx: imx8mm: fix audio pll setting (bnc#1151927 5.3.2). - drm/amd/display: Don't replace the dc_state for fast updates (bnc#1151927 5.3.2). - drm/amd/display: Skip determining update type for async updates (bnc#1151927 5.3.2). - drm/amd/display: Allow cursor async updates for framebuffer swaps (bnc#1151927 5.3.2). - drm/amd/display: readd -msse2 to prevent Clang from emitting libcalls to undefined SW FP routines (bnc#1151927 5.3.2). - netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file (bnc#1151927 5.3.2). - clocksource/drivers: Do not warn on probe defer (bnc#1151927 5.3.2). - clocksource/drivers/timer-of: Do not warn on deferred probe (bnc#1151927 5.3.2). - objtool: Clobber user CFLAGS variable (bnc#1151927 5.3.2). - commit 8866153 - Update references (add bnc#1151927 5.3.2) and refresh patches.suse/powerpc-xive-Fix-bogus-error-code-returned-by-OPAL.patch - commit cf3b8a7 - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls (bsc#1152975). - commit 453d0eb - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space (bsc#1152974). - commit f48e436 - btrfs: Fix a regression which we can't convert to SINGLE profile (bsc#1152973). - commit eee41e6 - btrfs: relocation: fix use-after-free on dead relocation roots (bsc#1152972). - commit 39b83a8 ++++ mozjs60: - Update to version 60.9.0 - rebased riscv-support.patch - Remove source modifications that made some private functions public. Probably not needed anymore, and was introducing a build error - Regenerate icudt60b.dat.xz - Added some upstream bug fixes included in Debian and Fedora: Always-use-the-equivalent-year-to-determine-the-time-zone.patch emitter.patch emitter_test.patch init_patch.patch enddianness.patch jsproperty-endian.patch Save-x28-before-clobbering-it-in-the-regex-compiler.patch Save-and-restore-non-volatile-x28-on-ARM64-for-generated-unboxed-object-constructor.patch ++++ systemd: - Import commit 428b937f917ae177f2315e8469800941885e441a 0026b58744 pid1: fix DefaultTasksMax initialization ++++ podman: - Update podman to v1.6.1 * Features - The podman network create, podman network rm, podman network inspect, and podman network ls commands have been added to manage CNI networks used by Podman - The podman volume create command can now create and mount volumes with options, allowing volumes backed by NFS, tmpfs, and many other filesystems - Podman can now run containers without CGroups for better integration with systemd by using the --cgroups=disabled flag with podman create and podman run. This is presently only supported with the crun OCI runtime - The podman volume rm and podman volume inspect commands can now refer to volumes by an unambiguous partial name, in addition to full name (e.g. podman volume rm myvol to remove a volume named myvolume) (#3891) - The podman run and podman create commands now support the - -pull flag to allow forced re-pulling of images (#3734) - Mounting volumes into a container using --volume, --mount, and - -tmpfs now allows the suid, dev, and exec mount options (the inverse of nosuid, nodev, noexec) (#3819) - Mounting volumes into a container using --mount now allows the relabel=Z and relabel=z options to relabel mounts. - The podman push command now supports the --digestfile option to save a file containing the pushed digest - Pods can now have their hostname set via podman pod create - -hostname or providing Pod YAML with a hostname set to podman play kube (#3732) - The podman image sign command now supports the --cert-dir flag - The podman run and podman create commands now support the - -security-opt label=filetype:$LABEL flag to set the SELinux label for container files - The remote Podman client now supports healthchecks * Bugfixes - Fixed a bug where remote podman pull would panic if a Varlink connection was not available (#4013) - Fixed a bug where podman exec would not properly set terminal size when creating a new exec session (#3903) - Fixed a bug where podman exec would not clean up socket symlinks on the host (#3962) - Fixed a bug where Podman could not run systemd in containers that created a CGroup namespace - Fixed a bug where podman prune -a would attempt to prune images used by Buildah and CRI-O, causing errors (#3983) - Fixed a bug where improper permissions on the ~/.config directory could cause rootless Podman to use an incorrect directory for storing some files - Fixed a bug where the bash completions for podman import threw errors - Fixed a bug where Podman volumes created with podman volume create would not copy the contents of their mountpoint the first time they were mounted into a container (#3945) - Fixed a bug where rootless Podman could not run podman exec when the container was not run inside a CGroup owned by the user (#3937) - Fixed a bug where podman play kube would panic when given Pod YAML without a securityContext (#3956) - Fixed a bug where Podman would place files incorrectly when storage.conf configuration items were set to the empty string (#3952) - Fixed a bug where podman build did not correctly inherit Podman's CGroup configuration, causing crashed on CGroups V2 systems (#3938) - Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator (#3829) - Fixed a bug where remote podman run --rm would exit before the container was completely removed, allowing race conditions when removing container resources (#3870) - Fixed a bug where rootless Podman would not properly handle changes to /etc/subuid and /etc/subgid after a container was launched - Fixed a bug where rootless Podman could not include some devices in a container using the --device flag (#3905) - Fixed a bug where the commit Varlink API would segfault if provided incorrect arguments (#3897) - Fixed a bug where temporary files were not properly cleaned up after a build using remote Podman (#3869) - Fixed a bug where podman remote cp crashed instead of reporting it was not yet supported (#3861) - Fixed a bug where podman exec would run as the wrong user when execing into a container was started from an image with Dockerfile USER (or a user specified via podman run --user) (#3838) - Fixed a bug where images pulled using the oci: transport would be improperly named - Fixed a bug where podman varlink would hang when managed by systemd due to SD_NOTIFY support conflicting with Varlink (#3572) - Fixed a bug where mounts to the same destination would sometimes not trigger a conflict, causing a race as to which was actually mounted - Fixed a bug where podman exec --preserve-fds caused Podman to hang (#4020) - Fixed a bug where removing an unmounted container that was unmounted might sometimes not properly clean up the container (#4033) - Fixed a bug where the Varlink server would freeze when run in a systemd unit file (#4005) - Fixed a bug where Podman would not properly set the $HOME environment variable when the OCI runtime did not set it - Fixed a bug where rootless Podman would incorrectly print warning messages when an OCI runtime was not found (#4012) - Fixed a bug where named volumes would conflict with, instead of overriding, tmpfs filesystems added by the --read-only-tmpfs flag to podman create and podman run - Fixed a bug where podman cp would incorrectly make the target directory when copying to a symlink which pointed to a nonexistent directory (#3894) - Fixed a bug where remote Podman would incorrectly read STDIN when the -i flag was not set (#4095) - Fixed a bug where podman play kube would create an empty pod when given an unsupported YAML type (#4093) - Fixed a bug where podman import --change improperly parsed CMD (#4000) - Fixed a bug where rootless Podman on systems using CGroups V2 would not function with the cgroupfs CGroups manager - Fixed a bug where rootless Podman could not correctly identify the DBus session address, causing containers to fail to start (#4162) - Fixed a bug where rootless Podman with slirp4netns networking would fail to start containers due to mount leaks * Misc - Significant changes were made to Podman volumes in this release. If you have pre-existing volumes, it is strongly recommended to run podman system renumber after upgrading. - Version 0.8.1 or greater of the CNI Plugins is now required for Podman - Version 2.0.1 or greater of Conmon is strongly recommended - Updated vendored Buildah to v1.11.2 - Updated vendored containers/storage library to v1.13.4 - Improved error messages when trying to create a pod with no name via podman play kube - Improved error messages when trying to run podman pause or podman stats on a rootless container on a system without CGroups V2 enabled - TMPDIR has been set to /var/tmp by default to better handle large temporary files - podman wait has been optimized to detect stopped containers more rapidly - Podman containers now include a ContainerManager annotation indicating they were created by libpod - The podman info command now includes information about slirp4netns and fuse-overlayfs if they are available - Podman no longer sets a default size of 65kb for tmpfs filesystems - The default Podman CNI network has been renamed in an attempt to prevent conflicts with CRI-O when both are run on the same system. This should only take effect on system restart - The output of podman volume inspect has been more closely matched to docker volume inspect - Removed CVE-2019-10214.patch as it was merged upstream ++++ salt: - Fix failing unit tests for batch async - Added: * fix-failing-unit-tests-for-batch-async.patch ++++ raspberrypi-firmware: - add RPi4 config options ++++ raspberrypi-firmware-config: - add RPi4 config options ++++ raspberrypi-firmware-dt: - Update to aa9b526123 (2019-09-19) * based on rpi-5.3.y * updates rpi-ft5406-overlay ++++ wicked: - version 0.6.60 - libwicked: fix versioning and packaging (bsc#1143182,bsc#1132977) shipping the internal helper library inside of the wicked package. ------------------------------------------------------------------ ------------------ 2019-10-3 - Oct 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc: add machine check safe copy_to_user (jsc#SLE-7730 jsc#SLE-8330). Update config files. - powerpc/memcpy: Add memcpy_mcsafe for pmem (jsc#SLE-7730 jsc#SLE-8330). - powerpc/mce: Handle UE event for memcpy_mcsafe (jsc#SLE-7730 jsc#SLE-8330). - extable: Add function to search only kernel exception table (jsc#SLE-7730 jsc#SLE-8330). - powerpc/mce: Make machine_check_ue_event() static (jsc#SLE-7730 jsc#SLE-8330). - powerpc/mce: Fix MCE handling for huge pages (jsc#SLE-7730 jsc#SLE-8330). - powerpc/mce: Schedule work from irq_work (jsc#SLE-7730 jsc#SLE-8330). - commit 12b3809 - powerpc/powernv: Restrict OPAL symbol map to only be readable by root (bsc#1152885). - powerpc/rtas: Unexport rtas_online_cpus_mask, rtas_offline_cpus_mask (bsc#1152885). - commit a002009 - KVM: PPC: Book3S: Enable XIVE native capability only if OPAL has required functions (bsc#1061840). - commit c8b5967 - dma-mapping: explicitly wire up ->mmap and ->get_sgtable (bsc#1152879). - commit 4e5b600 - powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window (bsc#1061840). - commit af7925a - powerpc/pseries: Call H_BLOCK_REMOVE when supported (bsc#1109158). - powerpc/pseries: Read TLB Block Invalidate Characteristics (bsc#1109158). - commit 4883057 - config: refresh configs - commit b8eafb3 ++++ harfbuzz: - Update to version 2.6.2: + Misc small fixes, mostly to build-related issues. ++++ salt: - Fix memory consumption problem on BatchAsync (bsc#1137642) - Added: * use-current-ioloop-for-the-localclient-instance-of-b.patch ++++ yast2: - Add a CFA based class to adjust sysctl settings (jsc#SLE-9077). - 4.2.25 ------------------------------------------------------------------ ------------------ 2019-10-2 - Oct 2 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Fix LV activation issues (boo#1152378, rh#1727270) + bug-1152378-md-component-detection-for-differing-PV-and-device-s.patch + bug-1152378-pvscan-fix-PV-online-when-device-has-a-different-siz.patch ++++ python-kiwi: - Fixed rpmdb compat link setup On older versions of zypper the path /var/lib/rpm was hardcoded and not used from the rpm macro definition. For such systems and to support them properly on hosts that have the rpm database already moved a compat link was created. However if the host has the rpm database at /var/lib/rpm the link doesn't make sense. This patch fixes this and therefore bsc#1150190 ++++ gpg2: - Remove self-buildrequire [bsc#1152755] ++++ kernel-default: - powerpc/xive: Fix bogus error code returned by OPAL (bsc#1065729). - commit 9e22168 - blacklist.conf: Add duplicate commit id. - commit f9863f0 - powerpc/papr_scm: Fix an off-by-one check in papr_scm_meta_{get, set} (bsc#1152243 ltc#181472). - net/ibmvnic: prevent more than one thread from running in reset (bsc#1152457 ltc#174432). - net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run (bsc#1152457 ltc#174432). - powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 (bsc#1152161 ltc#181664). - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag (bsc#1152161 ltc#181664). - powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions (bsc#1152161 ltc#181664). - commit 4d9184c - irqdomain: Add the missing assignment of domain->fwnode for named fwnode (fate#323887). - commit e4b9c3f - KVM: vmx: fix build warnings in hv_enable_direct_tlbflush() on i386 (fate#323887). - KVM: x86: announce KVM_CAP_HYPERV_ENLIGHTENED_VMCS support only when it is available (fate#323887). - KVM/Hyper-V: Add new KVM capability KVM_CAP_HYPERV_DIRECT_TLBFLUSH (fate#323887). - commit 68b44d1 - cpu/SMT: create and export cpu_smt_possible() (fate#323887). - smp/hotplug: Track booted once CPUs in a cpumask (fate#323887). - commit 48d9519 - KVM: x86: hyper-v: set NoNonArchitecturalCoreSharing CPUID bit when SMT is impossible (fate#323887). - commit 231241b - KVM: hyperv: Fix Direct Synthetic timers assert an interrupt w/o lapic_in_kernel (fate#323887). - commit 8f924d6 - KVM/Hyper-V/VMX: Add direct tlb flush support (fate#323887). - commit ef750e3 - x86/Hyper-V: Fix definition of struct hv_vp_assist_page (fate#323887). - commit 1239e74 - Drivers: hv: vmbus: Resume after fixing up old primary channels (fate#323887). - commit 9e12e34 - Drivers: hv: vmbus: Suspend after cleaning up hv_sock and sub channels (fate#323887). - commit 36c8dd5 - Drivers: hv: vmbus: Clean up hv_sock channels by force upon suspend (fate#323887). - commit 9f06b05 - Drivers: hv: vmbus: Suspend/resume the vmbus itself for hibernation (fate#323887). - commit 4bd7f09 - Drivers: hv: vmbus: Ignore the offers when resuming from hibernation (fate#323887). - commit fe8f660 - Drivers: hv: vmbus: Implement suspend/resume for VSC drivers for hibernation (fate#323887). - commit 344d3ff - Drivers: hv: vmbus: Add a helper function is_sub_channel() (fate#323887). - commit 3b1ed7d - Drivers: hv: vmbus: Suspend/resume the synic for hibernation (fate#323887). - commit 121172c - Drivers: hv: vmbus: Break out synic enable and disable operations (fate#323887). - commit 561f047 - HID: hv: Remove dependencies on PAGE_SIZE for ring buffer (fate#323887). - commit 60e6c9f - Tools: hv: move to tools buildsystem (fate#323887). - commit a3f0abd - hv_balloon: Reorganize the probe function (fate#323887). - commit 8480408 - hv_balloon: Use a static page for the balloon_up send buffer (fate#323887). - commit 9e12837 - PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (fate#323887). - commit 113e837 - PCI: hv: Detect and fix Hyper-V PCI domain number collision (fate#323887, bsc#1150423). - commit a0e547e - hv_netvsc: Sync offloading features to VF NIC (fate#323887). - commit 392e859 - hv_netvsc: Allow scatter-gather feature to be tunable (fate#323887). - commit 0aa9a52 - PCI: hv: Add a Hyper-V PCI interface driver for software backchannel interface (fate#323887). - commit 381f060 - PCI: hv: Add a paravirtual backchannel in software (fate#323887). - commit 9b88ba8 - x86/hyperv: Hide pv_ops access for CONFIG_PARAVIRT=n (fate#323887). - commit 334c380 - clocksource/drivers/hyperv: Enable TSC page clocksource on 32bit (fate#323887). - commit ddf471b - clocksource/drivers/hyperv: Add Hyper-V specific sched clock function (fate#323887). - commit 0442bbf - clocksource/drivers/hyperv: Allocate Hyper-V TSC page statically (fate#323887). - commit 8fc74ac - PCI: hv: Allocate a named fwnode instead of an address-based one (fate#323887). - commit 38fe080 - drivers: hv: vmbus: Replace page definition with Hyper-V specific one (fate#323887). - commit a1e5f69 - x86/hyperv: Add functions to allocate/deallocate page for Hyper-V (fate#323887). - commit 357181d - x86/hyperv: Create and use Hyper-V page definitions (fate#323887). - commit 0a58e81 - add mainline tag to a hyperv patch - commit 994aada - series.conf: cleanup Move unsortable patch out of sorted section. - commit 636b696 ++++ libcontainers-common: - Update to image 4.0.0 - Add http response to log - Add tests for parsing OpenShift kubeconfig files - Compress: define some consts for the compression algos - Compression: add support for the zstd - Compression: allow to specify the compression format - Copy: add nil checks - Copy: compression: default to gzip - Copy: don't lose annotations of BlobInfo - Copy: fix options.DestinationCtx nil check - Copy: use a bigger buffer for the compression - Fix cross-compilation by vendoring latest c/storage - Internal/testing/explicitfilepath-tmpdir: handle unset TMPDIR - Keyctl: clean up after tests - Make container tools work with go+openssl - Make test-skopeo: replace c/image module instead of copying code - Media type checks - Move keyctl to internal & func remove auth from keyring - Replace vendor.conf by go.mod - Update dependencies - Update test certificates - Update to mergo v0.3.5 - Vendor.conf: update reference for containers/storage - Update to storage 1.13.4 - Update generated files - ImageBigData: distinguish between no-such-image and no-such-item - ImageSize: don't get tripped up by images with no layers - tarlogger: disable raw accouting - Update to libpod 1.6.0 - Nothing changed regarding the OCI hooks documentation provided by this package ++++ rdma-core: - Have rsocket conflicts with older librdmacm-tools (bsc#1137140) - Have librdmacm-utils obsolete and provide librdmacm-tools (bsc#1137138) ++++ lvm2: - Fix LV activation issues (boo#1152378, rh#1727270) + bug-1152378-md-component-detection-for-differing-PV-and-device-s.patch + bug-1152378-pvscan-fix-PV-online-when-device-has-a-different-siz.patch ++++ qemu: - Since our spec file has bashisms, include the following in the spec file: %define _buildshell /bin/bash - Disable some block tests which randomly fail. This is in context of the build service build of qemu-testsuite tests-Disable-some-block-tests-for-now.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ++++ raspberrypi-firmware: - Update to a16470ad4 (2019-09-30) * firmware: platform: Set up emmc clock earlier * firmware: hdmi: Implement platform_display_power on 2711 See: #1224 * firmware: arm_loader: Pass overscan settings to the kernel * firmware: arm_loader: Add option disable_fw_kms_setup to stop FKMS setup by FW * firmware: hdmi: Use pixel clock multiplier to determine the core clock * firmware: Fixups for composite output mode See: #1223 * firmware: platform: Allow display_power to be queried from gencmd See: #1224 * firmware: arm_loader: Fix no-DT and upstream handling See: #1250 * firmware: Round up HDMI0 minimum core clock * firmware: board_info: Support bcm2710- and bcm2837- Pi 2 DTBs See: raspberrypi/linux#3234 * firmware: power: bcm2711: Rescale the GPIO pad power * firmware: brfs: Add GENET driver for 2711 * firmware: bootloader_state: Add network state and bootmode configuration * firmware: bootloader_state: Fix mask for EEPROM header magic * firmware: arm_loader: Fix initial_turbo getting stuck See: #1005 * firmware: ldconfig: Support [edid=*] to mean any HDMI monitor See: #1136 * firmware: image_fx: Remove restriction that output stride must match input stride * firmware: image_fx: Remove spamming log line * firmware: platform: Switch to divide by one when arm_freq exceeds 2GHz * firmware: Add EMMC support to 2711 Arasan EMMC driver * firmware: arm_loader: Use /memory@0 if found See: raspberrypi/linux#3244 * firmware: bootloader_state: Fix length for bootloader_config * firmware: arasan_emmc: Fix STB_GPIOOVERRIDE for MMC1 in network boot * firmware: bfs: Verify that eth FS has not been closed before using ++++ raspberrypi-firmware-config: - Update to a16470ad4 (2019-09-30) * firmware: platform: Set up emmc clock earlier * firmware: hdmi: Implement platform_display_power on 2711 See: #1224 * firmware: arm_loader: Pass overscan settings to the kernel * firmware: arm_loader: Add option disable_fw_kms_setup to stop FKMS setup by FW * firmware: hdmi: Use pixel clock multiplier to determine the core clock * firmware: Fixups for composite output mode See: #1223 * firmware: platform: Allow display_power to be queried from gencmd See: #1224 * firmware: arm_loader: Fix no-DT and upstream handling See: #1250 * firmware: Round up HDMI0 minimum core clock * firmware: board_info: Support bcm2710- and bcm2837- Pi 2 DTBs See: raspberrypi/linux#3234 * firmware: power: bcm2711: Rescale the GPIO pad power * firmware: brfs: Add GENET driver for 2711 * firmware: bootloader_state: Add network state and bootmode configuration * firmware: bootloader_state: Fix mask for EEPROM header magic * firmware: arm_loader: Fix initial_turbo getting stuck See: #1005 * firmware: ldconfig: Support [edid=*] to mean any HDMI monitor See: #1136 * firmware: image_fx: Remove restriction that output stride must match input stride * firmware: image_fx: Remove spamming log line * firmware: platform: Switch to divide by one when arm_freq exceeds 2GHz * firmware: Add EMMC support to 2711 Arasan EMMC driver * firmware: arm_loader: Use /memory@0 if found See: raspberrypi/linux#3244 * firmware: bootloader_state: Fix length for bootloader_config * firmware: arasan_emmc: Fix STB_GPIOOVERRIDE for MMC1 in network boot * firmware: bfs: Verify that eth FS has not been closed before using ------------------------------------------------------------------ ------------------ 2019-10-1 - Oct 1 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049+git114.058e566c: * 35network-legacy: only skip waiting for interfaces if netroot is set (bsc#1152006) * fixup "Dracut: only login to one target at a time" (bsc#1152650) ++++ kernel-default: - scsi: scsi_dh_rdac: zero cdb in send_mode_select() (bsc#1149313). - commit e7cd81e - Removed guarded st driver patch: already upstream - commit b34f3cb - arm64: mmc: remove patches already applied to v5.3 Both patches landed in v5.0 - commit 075db4d - arm64: remove 0001-irqchip-gic-v3-its-fix-build-warnings.patch Not required on v5.3 - commit db9714b - config: arm64: lx2160: enable mobiveil pcie controller driver - commit 21c2539 - PCI: mobiveil: Add PCIe Gen4 RC driver for NXP Layerscape SoCs (fate#326572). - PCI: mobiveil: Add 8-bit and 16-bit CSR register accessors (fate#326572). - PCI: mobiveil: Make mobiveil_host_init() can be used to re-init host (fate#326572). - PCI: mobiveil: Refactor Mobiveil PCIe Host Bridge IP driver (fate#326572). - PCI: mobiveil: Fix the CPU base address setup in inbound window (fate#326572). - commit 1e982e0 - arm64: lx2160: remove mobiveil PCIe driver v5 Preparing to bring in v8. Most of the patches are already included in v5.3. - commit 136f3e5 - PCI: Add quirk to disable MSI-X support for Amazon's Annapurna Labs Root Port (bsc#1152187,bsc#1152525). - PCI/VPD: Prevent VPD access for Amazon's Annapurna Labs Root Port (bsc#1152187,bsc#1152525). - PCI: Add ACS quirk for Amazon Annapurna Labs root ports (bsc#1152187,bsc#1152525). - PCI: Add Amazon's Annapurna Labs vendor ID (bsc#1152187,bsc#1152525). - commit cb75ccf - usb: typec: tps6598x: Fix build error without CONFIG_REGMAP_I2C (bsc#1152489). - commit 50acd22 - usb: dwc3: meson-g12a: fix suspend resume regulator unbalanced disables (bsc#1152489). - commit f417fe7 - b2c2-flexcop-usb: add sanity checking (bsc#1146540 CVE-2019-15291). - commit 300993f - ipmi: move message error checking to avoid deadlock (bsc#1152489). - commit 78528fd - x86/cpufeatures: Enable a new AVX512 CPU feature (jsc#SLE-7925). - commit 400d642 - Update config files. Enable CONFIG_X86_5LEVEL (jsc#SLE-9308). - commit fad1d7e - drm/mgag200: Don't unpin the current cursor image's buffer. (bsc#1152472) - commit 6389bb6 - drm/mgag200: Set cursor scanout address to correct BO (bsc#1152472) - commit fba11f2 - drm/mgag200: Pin displayed cursor BO to video memory (bsc#1152472) - commit 1cd88ec - drm/mgag200: add in missing { } around if block (bsc#1152472) - commit 5ad6864 - series.conf: cleanup Let's keep the number of top level sections reasonable. Update tags (do not use "Patch-mainline: no"): patches.suse/printk-console-Correctly-mark-console-that-is-used-w.patch patches.suse/printk-panic-Avoid-deadlock-in-printk-after-stopping-CPUs-by-NMI.patch - commit 9121df0 ++++ gmp: - Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) - Run spec-cleaner on the spec ++++ libnettle: - Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) ++++ salt: - Fix dependencies for RHEL 8 ++++ qemu: - Add some post v4.1.0 upstream stable patches * Patches added: mirror-Keep-mirror_top_bs-drained-after-.patch s390x-tcg-Fix-VERIM-with-32-64-bit-eleme.patch target-alpha-fix-tlb_fill-trap_arg2-valu.patch target-arm-Free-TCG-temps-in-trans_VMOV_.patch target-arm-Don-t-abort-on-M-profile-exce.patch qcow2-Fix-the-calculation-of-the-maximum.patch block-file-posix-Reduce-xfsctl-use.patch pr-manager-Fix-invalid-g_free-crash-bug.patch vpc-Return-0-from-vpc_co_create-on-succe.patch block-nfs-tear-down-aio-before-nfs_close.patch block-create-Do-not-abort-if-a-block-dri.patch curl-Keep-pointer-to-the-CURLState-in-CU.patch curl-Keep-socket-until-the-end-of-curl_s.patch curl-Check-completion-in-curl_multi_do.patch curl-Pass-CURLSocket-to-curl_multi_do.patch curl-Report-only-ready-sockets.patch curl-Handle-success-in-multi_check_compl.patch blockjob-update-nodes-head-while-removin.patch memory-Provide-an-equality-function-for-.patch vhost-Fix-memory-region-section-comparis.patch hw-arm-boot.c-Set-NSACR.-CP11-CP10-for-N.patch s390-PCI-fix-IOMMU-region-init.patch hw-core-loader-Fix-possible-crash-in-rom.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ------------------------------------------------------------------ ------------------ 2019-9-30 - Sep 30 2019 ------------------- ------------------------------------------------------------------ ++++ e2fsprogs: - libsupport-add-checks-to-prevent-buffer-overrun-bugs.patch: add checks to prevent buffer overrun bugs in quota code (bsc#1152101, CVE-2019-5094) ++++ iptables: - Add Conflicts with iptables-nft = 1.6.2 as during the update to iptables 1.8 ip6tables-restore-translate, ip6tables-translate, iptables-restore-translate and iptables-translate were moved from iptables-nft subpackage (now iptables-backend-nft) to the main package. So we need to add a conflict here otherwise we hit file conflicts error during the update. ++++ kernel-default: - EDAC/amd64: Recognize DRAM device type ECC capability (bsc#1152489). - commit abc7ef1 - EDAC/amd64: Decode syndrome before translating address (bsc#1152489). - commit 3c4a52a - drm/amdgpu: Fix KFD-related kernel oops on Hawaii (bsc#1152472) - commit 3c6a999 - drm/amdkfd: fix a use after free race with mmu_notifer unregister (bsc#1152472) - commit 792d1c5 - drm/mcde: Fix DSI transfers (bsc#1152472) - commit a87cce0 - drm/msm: Use the correct dma_sync calls harder (bsc#1152472) - commit 33411e0 - drm/msm/dsi: Fix return value check for clk_get_parent (bsc#1152472) - commit b591595 - Refresh patches.suse/printk-console-Correctly-mark-console-that-is-used-w.patch - commit d007d29 - blacklist.conf: Append 'drm/amdgpu: fix GFXOFF on Picasso and Raven2' - commit 0b48ba5 - Revert "drm/amdgpu: free up the first paging queue v2" (bsc#1152472) - commit beca648 - Revert "drm/amd/display: Fix underscan not using proper scaling" (bsc#1152472) - commit 6bc7400 - Revert "drm/amd/display: add global master update lock for DCN2" (bsc#1152472) - commit 13bba8c - Revert "drm/amd/display: navi10 bring up skip dsc encoder config" (bsc#1152472) - commit f5b512e - Revert "drm/amd/display: skip dsc config for navi10 bring up" (bsc#1152472) - commit e06dd1d - blacklist.conf: Append 'drm/amd/display: Calculate bpc based on max_requested_bpc' - commit ba7e6fb - Update config files. Enable CONFIG_DEBUG_PAGEALLOC. - commit c9d1113 - blacklist.conf: Append 'drm/amdgpu/gfx9: update pg_flags after determining if gfx off is possible' - commit 1687748 - blacklist.conf: Append 'Revert "drm/amdgpu: fix transform feedback GDS hang on gfx10 (v2)"' - commit 1b720a9 - drm: fix module name in edid_firmware log message (bsc#1152472) - commit b1ccfe7 - drm/imx: Drop unused imx-ipuv3-crtc.o build (bsc#1152472) - commit c76be29 - x86/kconfig: Remove X86_DIRECT_GBPAGES dependency on !DEBUG_PAGEALLOC (PM-1168, bsc#1144653, VM Debug Functionality). - commit bebf778 - blacklist.conf: Append 'drm/i915: Do not create a new max_bpc prop for MST connectors' - commit 2f54da8 - blacklist.conf: Append 'drm/i915: Fix HW readout for crtc_clock in HDMI mode' - commit d17d39c - blacklist.conf: Append 'drm/i915: Fix wrong escape clock divisor init for GLK' - commit de225fb - blacklist.conf: Append 'drm/i915: fix possible memory leak in intel_hdcp_auth_downstream()' - commit 81e8a9e - drm: rcar-du: lvds: Fix bridge_to_rcar_lvds (bsc#1152472) - commit 7243441 - drm/amd/display: Use proper enum conversion functions (bsc#1152472) - commit 8362493 - drm/amd/display: Support uclk switching for DCN2 (bsc#1152472) - commit 4b2f15b - drm/rockchip: fix VOP_WIN_GET macro (bsc#1152472) - commit 6dccec7 - drm: mali-dp: Mark expected switch fall-through (bsc#1152472) - commit d5b02fc - drm/syncobj: fix leaking dma_fence in drm_syncobj_query_ioctl (bsc#1152472) - commit f87cd1c - blacklist.conf: Append 'drm/connector: Fix warning in debug message' - commit 99fb862 - drm/bridge: sii902x: fix missing reference to mclk clock (bsc#1152472) - commit 33a37f2 - drm/panel: make drm_panel.h self-contained (bsc#1152472) - commit 24e6b1f - drm/lima: Reduce the amount of logs on deferred probe (bsc#1152472) - commit 7fc211d - drm/lima: Mark 64-bit number as ULL (bsc#1152472) - commit a47d898 - blacklist.conf: Append 'drm/i915: Fix GEN8_MCR_SELECTOR programming' - commit 7f9b12e - blacklist.conf: Append 'drm/i915/vbt: Fix VBT parsing for the PSR section' - commit d8eb2fd - blacklist.conf: Append 'drm/i915: Lock the engine while dumping the active request' - commit eaa408b - blacklist.conf: Append 'drm/i915/perf: add missing delay for OA muxes configuration' - commit 3e3bf58 - blacklist.conf: Append 'drm/i915/perf: ensure we keep a reference on the driver' - commit 2030c79 - blacklist.conf: Append 'drm/i915/gtt: Mark the freed page table entries with scratch' - commit 1cbd1c3 - blacklist.conf: Append 'drm/i915/gtt: Defer the free for alloc error paths' - commit 68741a8 - blacklist.conf: Append 'drm/i915: Deal with machines that expose less than three QGV points' - commit 984d843 - blacklist.conf: Append 'drm/i915: Fix memleak in runtime wakeref tracking' - commit e990311 - blacklist.conf: Append 'drm/i915: fix whitelist selftests with readonly registers' - commit 8c63a7c - blacklist.conf: Append 'drm/i915: Fix the TBT AUX power well enabling' - commit e962027 - blacklist.conf: Append 'drm/i915: Lift intel_engines_resume() to callers' - commit b42e83a - blacklist.conf: Append 'drm/i915: Only recover active engines' - commit 562ba01 - blacklist.conf: Append 'drm/i915: Fix various tracepoints for gen2' - commit 53b1384 - blacklist.conf: Append 'drm/i915/perf: fix ICL perf register offsets' - commit f94a6d1 - blacklist.conf: Append 'drm/i915: Keep rings pinned while the context is active' - commit ddd1ccc - video: backlight: Drop default m for {LCD,BACKLIGHT_CLASS_DEVICE} (bsc#1152472) - commit 85cda2a - video: ssd1307fb: Start page range at page_offset (bsc#1152472) - commit 8809ebe - printk/panic: Avoid deadlock in printk() after stopping CPUs by NMI (bsc#1148712). - commit dd62e61 - blacklist.conf: blacklist 34cd83bb8a46 - commit e519fc0 - series.conf: cleanup - commit 56e35ef - KEYS: Make use of platform keyring for module signature verify (FATE#314508, FATE#316531). - commit 0722d07 ++++ Mesa: - Rebase n_opencl_dep_libclang.patch after update. - Update to version 19.2.0 including changes to * release-infastructure * the build * drivers: turnip, radv, android, intel and amd common code * new features: check Phoronix https://www.phoronix.com/scan.php?page=news_item&px=Mesa-19.2-Released - supersedes U_llvmpipe-Don-t-use-u_ringbuffer-for-lp_scene_queue.patch - adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch - supersedes n_glesv1_cm-glesv2.patch ++++ systemd: - Import commit ed81f69153488279957268e247a5c81b678da491 (changes from v243-stable) fab6f010ac dhcp6: use unaligned_read_be32() f2d9af4322 dhcp6: add missing option length check ccf797511e ndisc: make first solicit delayed randomly f2275b6e12 dhcp6: read OPTION_INFORMATION_REFRESH_TIME option 6dfbe58ee7 l10n: update Czech Translation d4cd0e9d32 sd-radv: if lifetime < SD_RADV_DEFAULT_MAX_TIMEOUT_USEC, adjust timeout (#13491) dbefe59259 polkit: fix typo a321507476 sd-netlink: fix invalid assertion 45dca7fe86 network: do not enter failed state if device's sysfs entry does not exist yet dd83d58796 network: add missing link->network checks b294305888 path: stop watching path specs once we triggered the target unit 2cd636c437 hwdb: add Medion Akoya E2292 (#13498) d133bdd1fa po: update Brazilian Portuguese translation 530e09b594 po: update Polish translation 0c5c3e34c1 polkit: change "revert settings" to "reset settings" 73e0f372d8 man: fix description of ARPIntervalSec= units 5412cc54a1 hwdb: axis override for Dell 9360 touchpad 9d4e658529 test: drop the missed || exit 1 expression 7ed7ea82f6 udevadm: use usec_add() 477bf86c91 udevadm: missing initialization of descriptor 19ac31c989 networkd: unbreak routing_policy_rule_compare_func() a20a2157a8 core: coldplug possible nop_job eb55241742 tty-ask-pwd-agent: fix message forwarded to wall(1) 1a3c53c06c core: Fix setting StatusUnitFormat from config files 91db81e4dd network DHCP4: Dont mislead the logs. 6af590838b Update m4 for selective utmp support. modified: tmpfiles.d/systemd.conf.m4 6823c907cf core: restore initialization of u->source_mtime 29308bcc13 mount-setup: relabel items mentioned directly in relabel-extra.d 8ca1e56165 Call getgroups() to know size of supplementary groups array to allocate 5d84a7ad1c test: add test cases for empty string match 1536348cc8 udev: fix multi match 3ccafef0ad man: move TimeoutCleanSec= entry from .service to .exec 8c0c30a820 zsh: udpate bootctl completions 0556c247a2 resolved: fix abort when recv() returns 0 9a25d75520 man: remove repeated words be3be29347 hwdb: Also mark lis3lv02d sensors in "HP" laptops as being in the base 4b92ffccaa udev: also logs file permission 75a2845e5a udev: add missing flag for OPTIONS=static_node 19e9fc4262 network: do not abort execution when a config file cannot be loaded 3e1267cf50 fileio: update warning message 1b3156edd2 pstore: fix use after free f500d2fa81 journal: Make the output of --update-catalog deterministic 64d0f7042d travis: protect the systemd organization on Fuzzit from forks 4247938ee1 hwdb: Mark lis3lv02d sensors in HP laptops as being in the base 379158684a po: update Japanese translation 31e1bbd1ca docs: fix push recipe in RELEASE.md f06530d86b man/systemctl.xml: fix missing "not" 22aba2b969 docs: fix typo in boot loader doc 000e08ca70 pstore: fix typo in error message - directoy -> directory f7f9c69ac5 Fix typo in comment: overide -> override ca8ba8f8c0 po: update Polish translation ++++ salt: - Prevent systemd-run description issue when running aptpkg (bsc#1152366) - Added: * prevent-systemd-run-description-issue-when-running-a.patch ------------------------------------------------------------------ ------------------ 2019-9-28 - Sep 28 2019 ------------------- ------------------------------------------------------------------ ++++ Mesa: - no longer build * Mesa-libGL-devel * Mesa-libEGL-devel * Mesa-libGLESv1_CM-devel * Mesa-libGLESv2-devel * Mesa-libGLESv3-devel Instead of requiring these let Mesa-devel package require libglvnd-devel >= 1.2.0, which provides the contents of these packages now (header files for OpenGL, GLES, EGL, and GLX). Adjusted baselibs.conf accordingly. - modified check for llvm version in a way so it works also with older llvm packages (by making use of "llvm-config -version"), where there is %{_llvm_sonum} macro defined yet - moved manual pages to Mesa-devel package ------------------------------------------------------------------ ------------------ 2019-9-27 - Sep 27 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.0.1+git20190925.641ec6a: * selinux: use /run/systemd/relabel-extra.d for etc * resource/url: Don't use a tmpfile in FetchToBuffer * resource/url: use only needed ifaces in fetchFrom* * resource/url: make FetchFrom* private * Add a `fetch` stage * build: Add `make install` * tests: fix bb tests for size/start 0 * Continue on empty GPT partition label * files/selinux: deglob user/group related paths * stages/files: relabel masking symlinks for systemd * engine: Write `/run/ignition.json` atomically * vendor: Add github.com/google/renameio * stages/filesystems: drop stray debug print * doc/supported-platforms: mention qemu version requirements * Source build file correctly * resource/url: update schema version in Accept header * fix check path mount - Drop 0001-Continue-on-empty-GPT-partition-label.patch: Added upstream ++++ kernel-default: - config.conf: disable vanilla flavour on armv7hl With stable backports being handled the same way as other mainline backports, we no longer build kernel-vanilla. Disable vanilla flavor also on armv7hl architecture. - commit 2628641 - livepatch: Nullify obj->mod in klp_module_coming()'s error path (bsc#1071995 fate#323487). - commit a28c007 ++++ libglvnd: - let libglvnd-devel provide/obsolete some of previous Mesa devel packages: * Mesa-libGL-devel * Mesa-libEGL-devel * Mesa-libGLESv1_CM-devel * Mesa-libGLESv2-devel * Mesa-KHR-devel - u_add-gl3ext.h * adds missing include/GLES/gl3ext.h ------------------------------------------------------------------ ------------------ 2019-9-26 - Sep 26 2019 ------------------- ------------------------------------------------------------------ ++++ iproute2: - upgrade to upstream version 5.3 (jsc#SLE-7290) * replace upstream tarball and signature * import specfile updates from Factory package * drop mainline backports contained in 5.3: - bpf-remove-obsolete-samples.patch - utils-return-default-family-when-rtm_family-is-not-R.patch - Really-fix-get_addr-and-get_prefix-error-messages.patch - iproute-Add-support-for-extended-ack-to-rtnl_talk.patch - ss-enclose-IPv6-address-in-brackets.patch - lib-fix-extended-ack-with-and-without-libmnl.patch - lib-need-to-pass-LIBMNL-flag.patch - tc-ip-more-Makefile-updates-for-LIBMNL.patch - change-how-Config-is-used-in-Makefile-s.patch - lib-Dump-ext-ack-string-by-default.patch - bpf-unbreak-libelf-linkage-for-bpf-obj-loader.patch - libnetlink-Fix-extack-attribute-parsing.patch - ifstat-Fix-memleak-in-dump_kern_db-for-json-output.patch - ss-Fix-potential-memleak-in-unix_stats_print.patch - utils-Move-BIT-macro-to-common-header.patch - rdma-Add-basic-infrastructure-for-RDMA-tool.patch - rdma-Add-dev-object.patch - rdma-Add-link-object.patch - rdma-Add-json-and-pretty-outputs.patch - rdma-Implement-json-output-for-dev-object.patch - rdma-Add-json-output-to-link-object.patch - rdma-Add-initial-manual-for-the-tool.patch - iproute-Fix-for-missing-Oifs-display.patch - ipmaddr-Avoid-accessing-uninitialized-data.patch - rdma-fix-duplicate-initialization-in-port_names.patch - ss-Fix-for-added-diag-support-check.patch - link_gre6-Fix-for-changing-tclass-flowlabel.patch - iplink-check-for-message-truncation-in-iplink_get.patch - iplink-double-the-buffer-size-also-in-iplink_get.patch - tc-actions-store-and-dump-correct-length-of-user-coo.patch - json_writer-add-new-json-handlers-null-float-with-fo.patch - doc-remove-obsolete-ip-tunnels-documentation.patch - doc-remove-outdated-ss-documentation.patch - doc-remove-outdated-arpd-documentation.patch - doc-remove-outdated-nstat-rtstat-documentation.patch - doc-remove-outdated-tc-filters-documentation.patch - doc-remove-outdated-IPv6-flow-label-document.patch - doc-drop-old-ip-command-documentation.patch - ss-Distinguish-between-IPv4-and-IPv6-wildcard-socket.patch - ip-maddr-fix-filtering-by-device.patch - man-add-additional-explainations-for-ss.patch - lib-libnetlink-re-malloc-buff-if-size-is-not-enough.patch - lib-libnetlink-update-rtnl_talk-to-support-malloc-bu.patch - tc-move-action-cookie-print-out-of-the-stats-if.patch - tc-remove-action-cookie-len-from-printout.patch - link_gre6-Detect-invalid-encaplimit-values.patch - man-tc-csum.8-Fix-inconsistency-in-example-descripti.patch - tc-bash-completion-add-missing-classid-keyword.patch - tc-fix-command-tc-actions-del-hang-issue.patch - gre-ip6tnl-tunnel-Fix-noencap-support.patch - Restore-no-print-directory-option-for-silent-builds.patch - iplink-Validate-minimum-tx-rate-is-less-than-maximum.patch - ipaddress-Make-sure-VF-min-max-rate-API-is-supported.patch - rdma-Reduce-scope-of-_dev_map_lookup-call.patch - rdma-Protect-dev_map_lookup-from-wrong-input.patch - rdma-Move-per-device-handler-function-to-generic-cod.patch - rdma-Fix-misspelled-SYS_IMAGE_GUID.patch - rdma-Check-that-port-index-exists-before-operate-on-.patch - rdma-Rename-free-function-to-be-rd_cleanup.patch - rdma-Rename-rd_free_devmap-to-be-rd_free.patch - rdma-Move-link-execution-logic-to-common-code.patch - rdma-Add-option-to-provide-sign-for-the-port-number.patch - rdma-Make-visible-the-number-of-arguments.patch - rdma-Add-filtering-infrastructure.patch - rdma-Set-pointer-to-device-name-position.patch - rdma-Add-resource-tracking-summary.patch - rdma-Add-QP-resource-tracking-information.patch - rdma-Check-return-value-of-strdup-call.patch - README-update-location-of-git-repositories-remove-br.patch - Remove-leftovers-from-removed-Latex-documentation.patch - README-re-add-updated-information-link.patch - rdma-Avoid-memory-leak-for-skipper-resource.patch - ip-link-Fix-use-after-free-in-nl_get_ll_addr_len.patch - ip-address-Fix-negative-prints-of-large-TX-rate-limi.patch - devlink-fix-port-new-monitoring-message-typo.patch - rdma-Add-CM_ID-resource-tracking-information.patch - rdma-Add-CQ-resource-tracking-information.patch - rdma-Add-MR-resource-tracking-information.patch - rdma-Add-PD-resource-tracking-information.patch - rdma-Ignore-unknown-netlink-attributes.patch - bridge-fix-typo-in-hairpin-error-message.patch - iproute-Abort-if-nexthop-cannot-be-parsed.patch - iplink_vrf-Save-device-index-from-response-for-retur.patch - rdma-Print-net-device-name-and-index-for-RDMA-device.patch - rdma-print-driver-resource-attributes.patch - rdma-sync-some-IP-headers-with-glibc.patch - devlink-CTRL_ATTR_FAMILY_ID-is-a-u16.patch - ip-Add-violation-counters-to-VF-statisctics.patch - ip-route-Fix-segfault-with-many-nexthops.patch - rdma-Fix-representation-of-PortInfo-CapabilityMask.patch - macsec-fix-off-by-one-when-parsing-attributes.patch - rdma-Fix-for-ineffective-check-in-add_filter.patch - ip-route-Fix-for-memleak-in-error-path.patch - rdma-Don-t-pass-garbage-to-rd_check_is_filtered.patch - ip-route-Fix-parse_encap_seg6-srh-parsing.patch - rdma-Refresh-help-section-of-resource-information.patch - tc-f_u32-allow-skip_hw-and-skip_sw-flags-to-be-last.patch - ip-route-Fix-nexthop-encap-parsing.patch - rdma-Fix-broken-32-bit-compilation.patch - rdma-Fix-incorrectly-handled-NLA-validation.patch - rdma-Introduce-command-execution-helper-with-require.patch - rdma-Add-an-option-to-rename-IB-device-interface.patch - rdma-Add-print-of-link-CapabilityMask2-flags.patch * drop non-upstream patches obsoleted by rebase to 5.3: - sync-UAPI-header-copies-with-SLE15-SP1.patch - man-fix-documentation-references-in-manual-pages.patch * refresh remaining patches: - adjust-installation-directories-for-openSUSE-SLE.patch - use-sysconf-_SC_CLK_TCK-if-HZ-undefined.patch - add-explicit-typecast-to-avoid-gcc-warning.patch - xfrm-support-displaying-transformations-used-for-Mob.patch - split-link-and-compile-steps-for-binaries.patch - examples-fix-bashisms-in-example-script.patch ++++ kernel-default: - Delete patches.suse/0006-modsign-Use-secondary-trust-keyring-for-module-signi.patch. This patch be replaced by e84cd7ee63 in v5.0-rc1. - commit e937c06 - Delete patches.suse/0001-KEYS-Allow-unrestricted-boot-time-addition-of-keys-t.patch. This patch be replaced by 60740accf78 in v5.0-rc1. The UEFI keys will be add to platform keyring instead of secondary certificates keyring. - commit bc249e1 - Delete patches.suse/0005-MODSIGN-Allow-the-db-UEFI-variable-to-be-suppressed.patch. This patch be replaced by 386b49f51dc in v5.0-rc1 - commit 58a4a2d - Delete patches.suse/0003-efi-Add-an-EFI-signature-blob-parser.patch. This patch be replaced by 0bc9ae395b in v5.0-rc1. - commit 1c1cc93 - Delete patches.suse/0002-efi-Add-EFI-signature-data-types.patch. This patch be replaced by 5c126ba22f in v5.0-rc1. - commit 3868a56 ++++ libeconf: - Update to version 0.3.2+git20190926.fea4a03: * Release version 0.3.2 * Fix merging an empty file (#105) * Add test cases for merge function ++++ libglvnd: - Update to version 1.2.0: * Changes: + Libglvnd now includes and installs the header files for OpenGL, GLES, EGL, and GLX. + Added pkg-config files for each library. + The X11 libraries are now an optional dependency if you're not building GLX. - n_0001-GL-Bump-GL-version-to-9-2.patch * with a version of 1.2 the XServer build fails; set the version accordingly to allow XServer builds again. - n_0001-eglplatform-fix-mesa-specific-defines.patch * the XServer fails to build; add the mesa specific defines to eglplatform, to let it build again. ++++ libzypp: - Revert "Use CURL_HTTP_VERSION_2TLS if available" (bsc#1146027) - doc: add service example using variables - Fix build with rpm >= 4.15 (fixes #172) - version 17.14.1 (12) ++++ permissions: - Updated permissons for amanda, added 0006-bsc1110797_amanda.patch (bsc#1110797) ++++ salt: - Take checksums arg into account for postgres.datadir_init (bsc#1151650) - Added: * take-checksums-arg-into-account-for-postgres.datadir.patch - Improve batch_async to release consumed memory (bsc#1140912) - Fix memory leak produced by batch async find_jobs mechanism (bsc#1140912) - Grant read and execute permission to others (bsc#1150447) - Added: * improve-batch_async-to-release-consumed-memory-bsc-1.patch * fix-memory-leak-produced-by-batch-async-find_jobs-me.patch ++++ runc: - Add backported fix for CVE-2019-16884. bsc#1152308 + CVE-2019-16884.patch - Add runc-rpmlintrc to drop runc-test rpmlint warnings. ------------------------------------------------------------------ ------------------ 2019-9-25 - Sep 25 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Delete patches.suse/squashfs-3.4.patch. Deprecate squashfs-3.4 legacy fs format support (jsc#SLE-9416) - commit e1d0aab - Delete patches.suse/0004-MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch. This patch be replaced by 15ea0e1e3e in v5.0-rc1. - commit d558f60 - config: Enable dual-role modes for DWC on arm64 as well - CONFIG_USB_DWC2_DUAL_ROLE=y and CONFIG_USB_DWC3_DUAL_ROLE=y - Previously that was only enabled on armv6/armv7 - commit a9c5486 - supported.conf: cleanup - drop obsolete mask sound/oss/* - drop removed module nf_conntrack_slp - commit 30def80 - config.conf: disable vanilla flavour As was discussed on the labs conf 2019, vanilla flavour is barely used. Given we are not going to use stable patches when building kernel-vanilla, it becomes a yet bit more useless. So disable it for now only. If nobody cares, we can drop also the configs later. - commit 4223115 - Linux 5.3.1 (bnc#1151927 5.3.1). - ovl: fix regression caused by overlapping layers detection (bnc#1151927 5.3.1). - xen-netfront: do not assume sk_buff_head list is empty in error handling (bnc#1151927 5.3.1). - net: stmmac: Hold rtnl lock in suspend/resume callbacks (bnc#1151927 5.3.1). - ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit (bnc#1151927 5.3.1). - udp: correct reuseport selection with connected sockets (bnc#1151927 5.3.1). - net_sched: let qdisc_put() accept NULL pointer (bnc#1151927 5.3.1). - net: dsa: Fix load order between DSA drivers and taggers (bnc#1151927 5.3.1). - net/sched: fix race between deactivation and dequeue for NOLOCK qdisc (bnc#1151927 5.3.1). - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bnc#1151927 5.3.1). - firmware: google: check if size is valid when decoding VPD data (bnc#1151927 5.3.1). - phy: qcom-qmp: Correct ready status, again (bnc#1151927 5.3.1). - phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in over-current (bnc#1151927 5.3.1). - serial: sprd: correct the wrong sequence of arguments (bnc#1151927 5.3.1). - tty/serial: atmel: reschedule TX after RX was started (bnc#1151927 5.3.1). - USB: usbcore: Fix slab-out-of-bounds bug during device reset (bnc#1151927 5.3.1). - KVM: coalesced_mmio: add bounds checking (bnc#1151927 5.3.1). - media: tm6000: double free if usb disconnect while streaming (bnc#1151927 5.3.1). - media: technisat-usb2: break out of loop at end of buffer (bnc#1151927 5.3.1). - floppy: fix usercopy direction (bnc#1151927 5.3.1). - Documentation: sphinx: Add missing comma to list of strings (bnc#1151927 5.3.1). - Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}" (bnc#1151927 5.3.1). - commit af71771 ++++ Mesa: - n_opencl_dep_libclang.patch * Link OpenCL library with libclang-cpp.so instead of the component libraries for LLVM >= 9. ++++ transactional-update: - Update to version 2.17 - Provide network in shell on systems where resolv.conf is pointing to /run directly [boo#1151081] - Print new snapshot number at the end - Always mount /root subvolume when using shell command to preserve history ++++ yast2: - Fix module name inference when reading .desktop files (bsc#1151954) - 4.2.24 ------------------------------------------------------------------ ------------------ 2019-9-24 - Sep 24 2019 ------------------- ------------------------------------------------------------------ ++++ gstreamer: - Update to version 1.16.1: + GStreamer-vaapi: fix green frames and decoding artefacts in some cases. + OpenGL: fix wayland event source burning CPU in certain circumstances. + Memory leak fixes and memory footprint improvements. + Performance improvements. + Stability and security fixes. + Fix enum for GST_MESSAGE_DEVICE_CHANGED which is technically an API break, but this is only used internally in GStreamer and duplicated another message enum. + hls: Make crypto dependency optional when hls-crypto is auto. + player: fix switching back and forth between forward and reverse playback. + decklinkaudiosink: Drop late buffers. + openh264enc: Fix compilation with openh264 v2.0. + wasapisrc: fix segtotal value being always 2. ++++ gstreamer-plugins-base: - Update to version 1.16.1: + See main gstreamer package for changelog. - Drop upstream fixed patches: + gst-plugins-base-doc-build-fix.patch. + gstreamer-plugins-base-arm-neon-configuration.patch. ++++ kernel-default: - enable VFIO-CCW and CCW IOMMU (bsc#1151192 jsc#SLE-6138) - config changes (s390x only) - VFIO_CCW=m - S390_CCW_IOMMU=y - supported.conf: add vfio_ccw as externally supported (by IBM) supported.conf: Add vfio_ccw (bsc#1151192 jsc#SLE-6138). - commit bbfc15f - Compile nvme.ko as module (bsc#1150846, bsc#1150850, bsc#1161889) - commit 12cab35 ++++ libeconf: - Update to version 0.3.1+git20190924.822cf5b: * release version 0.3.1 * Set delimiter in readFile * Change parser interface to store file name and line numbers per key * Update ccpp.yml ++++ gnutls: - Install checksums for binary integrity verification which are required when running in FIPS mode (bsc#1152692, jsc#SLE-9518) ++++ patterns-base: - Need to explicitly have glibc-locale-base in patterns to make 32bit pattern have it too (boo#1142156). ------------------------------------------------------------------ ------------------ 2019-9-23 - Sep 23 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049+git112.fe41ccd9: * dracut: move /var/run and /var/lock from directory to symlink (bsc#1149103, ECO#323) * 35network-legacy: signalize the setup in ifup when dhcp (bsc#1146661) * 35network-legacy: fix typo * 35network-legacy: install hostname required by ifup.sh (bsc#1146661) ++++ kernel-default: - powerpc/64s/radix: Fix memory hotplug section page table creation (bsc#1065729). - commit 431bc28 - powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() (bsc#1065729). - commit e574522 - powerpc/xive: Implement get_irqchip_state method for XIVE to fix shutdown race (bsc#1065729). - commit a9647b9 - tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts (bsc#1082555). - commit d3b1602 - powerpc/64s/radix: Fix memory hot-unplug page table split (bsc#1065729). - powerpc/powernv/ioda: Fix race in TCE level allocation (bsc#1061840). - KVM: PPC: Book3S HV: Don't lose pending doorbell request on migration on P9 (bsc#1061840). - KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores (bsc#1061840). - KVM: PPC: Book3S HV: Don't push XIVE context when not using XIVE device (bsc#1061840). - KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts (bsc#1061840). - KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP (bsc#1061840). - commit 3411cdc - iommu/dma: Fix for dereferencing before null checking (bsc#1151674). - iommu/iova: Avoid false sharing on fq_timer_on (bsc#1151675). - iommu/vt-d: Fix wrong analysis whether devices share the same bus (bsc#1151679). - iommu/ipmmu-vmsa: Move IMTTBCR_SL0_TWOBIT_* to restore sort order (bsc#1151676). - iommu/mediatek: Fix VLD_PA_RNG register backup when suspend (bsc#1151678). - iommu/mediatek: Fix iova_to_phys PA start for 4GB mode (bsc#1151677). - commit 6809156 - powerpc/64s/exception: reduce page fault unnecessary loads (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Remove pointless KVM handler name bifurcation (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: program check handler do not branch into a macro (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: move interrupt entry code above the common handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: INT_COMMON add DAR, DSISR, reconcile options (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Expand EXCEPTION_PROLOG_COMMON_1 and 2 into caller (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Expand EXCEPTION_COMMON macro into caller (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Add INT_COMMON gas macro to generate common exception code (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Merge EXCEPTION_PROLOG_COMMON_2/3 (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: KVM_HANDLER reorder arguments to match other macros (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Add INT_KVM_HANDLER gas macro (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: INT_HANDLER support HDAR/HDSISR and use it in HDSI (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Add the virt variant of the denorm interrupt handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: remove EXCEPTION_PROLOG_0/1, rename _2 (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exceptions: Use keyword params to shorten arg lists (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Replace PROLOG macros and EXC helpers with a gas macro (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: remove 0xb00 handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Fix performance monitor virt handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Add EXC_HV_OR_STD, which selects HSRR if HVMODE (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: move head-64.h exception code to exception-64s.S (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: Fix DAR load for handle_page_fault error case (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check improve labels and comments (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: untangle early machine check handler branch (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check move unrecoverable handling out of line (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: simplify machine check early path (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check move tramp code (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check restructure to reuse common macros (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check pseries should skip the late handler for kernel MCEs (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/pseries: machine check convert to use common event code (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/powernv: machine check dump SLB contents (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check use correct cfar for late handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check remove machine_check_pSeries_0 branch (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check pseries should always run the early handler (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check adjust RFI target (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check fix KVM guest test (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check remove bitrotted comment (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - powerpc/64s/exception: machine check fwnmi remove HV case (jsc#PM-1334 jsc#SLE-9246 jsc#SLE-9251). - commit 0e08ffb - kexec_elf: support 32 bit ELF files (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - kexec_elf: remove unused variable in kexec_elf_load() (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - kexec_elf: remove Elf_Rel macro (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - kexec_elf: remove PURGATORY_STACK_SIZE (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - kexec_elf: remove parsing of section headers (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - kexec_elf: change order of elf_*_to_cpu() functions (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - kexec: add KEXEC_ELF (jsc#PM-1333 jsc#SLE-9255 jsc#SLE-9527). - new config options: - KEXEC_ELF=y (ppc64le only, autoselected) - commit 2985288 - powerpc/fadump: support holes in kernel boot memory area (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: remove RMA_START and RMA_END macros (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: update documentation about option to release opalcore (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: consider f/w load area (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/opalcore: provide an option to invalidate /sys/firmware/opal/core file (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/opalcore: export /sys/firmware/opal/core for analysing opal crashes (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - new config options: - OPAL_CORE=n (ppc64le only) - powerpc/fadump: update documentation about CONFIG_PRESERVE_FA_DUMP (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: add support to preserve crash data on FADUMP disabled kernel (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: improve how crashed kernel's memory is reserved (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: consider reserved ranges while releasing memory (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: make crash memory ranges array allocation generic (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: process architected register state data provided by firmware (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: make use of memblock's bottom up allocation mode (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: Update documentation about OPAL platform support (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: handle invalidation of crashdump and re-registraion (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: Warn before processing partial crashdump (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: process the crashdump by exporting it as /proc/vmcore (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: support copying multiple kernel boot memory regions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: define OPAL register/un-register callback functions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: reset metadata address during clean up (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: register kernel metadata address with opal (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: improve fadump_reserve_mem() (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: add fadump support on powernv (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/opal: add MPIPL interface definitions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: use FADump instead of fadump for how it is pronounced (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - pseries/fadump: move out platform specific support from generic code (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - Refresh patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch. - powerpc/fadump: release all the memory above boot memory size (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: add source info while displaying region contents (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - pseries/fadump: define RTAS register/un-register callback functions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - Refresh patches.suse/powerpc-fadump-when-fadump-is-supported-register-the.patch. - powerpc/fadump: introduce callbacks for platform specific operations (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: move rtas specific definitions to platform code (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: use helper functions to reserve/release cpu notes buffer (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: Improve fadump documentation (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: declare helper functions in internal header file (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: add helper functions (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - powerpc/fadump: move internal macros/definitions to a new header (jsc#PM-1318 jsc#SLE-9099 jsc#SLE-9176). - commit deefc64 - Refresh sorted section. - Refresh patches.suse/powerpc-dump-kernel-log-before-carrying-out-fadump-o.patch with upstream status. - commit 9991920 ++++ libcontainers-common: - Update to image 1.4.4 - Hard-code the kernel keyring use to be disabled for now - Update to libpod 1.5.1 - The hostname of pods is now set to the pod's name - Minor bugfixes - Update to storage 1.12.16 - Ignore ro mount options in btrfs and windows drivers - Check /var/lib/containers if possible before setting btrfs backend (bsc#1151028) ++++ systemd: - Some files related to the portable stuff were missing some %exclude ++++ yast2: - Use "display_name" tag for the product label, "label" marks a translatable text (jsc#SLE-7214) - 4.2.23 ------------------------------------------------------------------ ------------------ 2019-9-19 - Sep 19 2019 ------------------- ------------------------------------------------------------------ ++++ kbd: - Allow YaST to select Iranian (Persian, Farsi) keyboard layout (bsc#1092920) ++++ libpwquality: - Update to version 1.4.1: + Minor bugfix update of the library. - Drop libpwquality-pythons.patch: Fixed upstream. Following this, drop autoconf, automake and libtool BuildRequires and autoreconf call. - Use modern macros. - Do not recommend lang package. The lang package already has a supplements. ++++ python3-core: - Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes bsc#1149792 - Add bpo36263-Fix_hashlib_scrypt.patch which works around bsc#1151490 ++++ systemd: - Allow YaST to select Iranian (Persian, Farsi) keyboard layout (bsc#1092920) ++++ python3: - Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes bsc#1149792 - Add bpo36263-Fix_hashlib_scrypt.patch which works around bsc#1151490 ++++ wicked: - version 0.6.57 - dhcp6: omit noprefixroute with address-length (bsc#1150972) Permit to assume that the address prefix-length override specified in the config is a valid on-link prefix length, to let the kernel create a route for this prefix. - dhcp6: differentiated mode=auto resolving from RA (bsc#1150183) Fixed to not trigger to report an error when ipv6 RA is not available or the received RA disables dhcp while mode is set to auto, but to deliver a 'deferred' results. ++++ yast2: - Added support for reading products from control.xml file (jsc#SLE-7104) - 4.2.22 ------------------------------------------------------------------ ------------------ 2019-9-18 - Sep 18 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update config files. Disable CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT. Not all drivers are ready for this yet, so enabling this config option causes regressions. See bsc#1150577 for an example. - commit 76ac02e ++++ Mesa: - Update to version 19.1.7 * another bugfix release .... ++++ systemd: - split off networkd and resolved into separate network subpackage - use separate lang package for translations - Import commit 9e41d7ec3572d8d5ea1e00f683e9fbf8108e85b4 fb1b9d54f9 tty-ask-pwd-agent: fix message forwarded to wall(1) dd14da3bb6 core: restore initialization of u->source_mtime d62f30f647 resolved: create /etc/resolv.conf symlink at runtime - Slighly rework (mostly reorganization) the portable stuff ++++ policycoreutils: - Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052) ++++ python-M2Crypto: - bsc#1149792 jsc#SLE-9135 Update to 0.35.2, bugfixes only. Changes cumulatively: - fix compatibility with OpenSSL 1.1.1c. Thank you, Sebastian Andrzej Siewior from the Debian team for resolving it. - Stop pretending to support Python 3.4. - The project is now Linux-distribution agnostic - Replace all old-style classes with the new ones (it shouldn't cause any problems, but feel free to file an issue, if it does) - Do not by-pass a potential transfer decoding in m2urllib2 - SSLv3 just removed. - Various fixes of the build system and internal errors. - Patch fix_urlunsplit.patch is removed, because it is included in the upstream tarball. ------------------------------------------------------------------ ------------------ 2019-9-16 - Sep 16 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Set masterfd_stdout before registering ctrl_cb ++++ kernel-default: - Delete patches.suse/0001-iommu-vt-d-Fix-race-condition-in-add_unmap.patch. - commit b0363d2 - Update to 5.3 final - Eliminated 3 patches - Refresh configs - NF_CONNTRACK_SLP is gone - commit 6baef36 ++++ python3-core: - Add CVE-2019-16056-email-parse-addr.patch fixing the email module wrongly parses email addresses [bsc#1149955, bnc#1149955, CVE-2019-16056] ++++ python3: - Add CVE-2019-16056-email-parse-addr.patch fixing the email module wrongly parses email addresses [bsc#1149955, bnc#1149955, CVE-2019-16056] ++++ python-urllib3: - Add missing dependency on python-six (bsc#1150895) ++++ raspberrypi-firmware: - Do not run %preun scripts on upgrade (boo#1150408) ++++ raspberrypi-firmware-config: - Do not run %preun scripts on upgrade (boo#1150408) ------------------------------------------------------------------ ------------------ 2019-9-14 - Sep 14 2019 ------------------- ------------------------------------------------------------------ ++++ pango: - Modernize spec, prepare for possible spliting of package. ------------------------------------------------------------------ ------------------ 2019-9-13 - Sep 13 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Upgraded to upstream version 2.0.878, which becomes 2.0.878-suse with our (few) SUSE-specific changes needed for our build system. Changes include: * general bug fixes in iscsid, iscsiadm, and libopeniscsiusr, including better lock handling for multiple instances of iscsiadm * iscsiuio/qedi updates * systemd service-file updates/cleanups This replaces open-iscsi-2.0.877-suse.tar.bz2 with open-iscsi-2.0.878-suse.tar.bz2, and it resets open-iscsi-SUSE-latest.diff.bz2 with fixes after 2.0.878. ++++ kernel-default: - Move guarded patch into it's own out of tree section - commit 081b55b - powerpc/pseries: correctly track irq state in default idle (bsc#1150727 ltc#178925). - commit 97a4665 ++++ harfbuzz: - Update to version 2.6.1: + Fix regression with hb_font_create_sub_font scaling introduced in 2.6.0. + Change interpretation of font PTEM size / CoreText font size handling. + hb-ot-font: Prefer symbol cmap subtable if present. + Apply 'dist'/'abvm'/'blwm' features to all scripts. + Drop experimental DirectWrite API. - Changes from version 2.6.0: + New OpenType metrics, baseline, and metadata table access APIs. + New API to set font variations to a named-instance. + New hb-gdi.h header and API for creating hb_face_t from HFONT. + Amalgam: Provide a single-file harfbuzz.cc file for easier alternate building. + More size-reduction configurable options, enabled by HB_TINY. ------------------------------------------------------------------ ------------------ 2019-9-12 - Sep 12 2019 ------------------- ------------------------------------------------------------------ ++++ openslp: - Add missing zlib build dependency, which used to be pulled in by libopenssl-devel. The package fails to build since the openssl upgrade to 1.1.1 (bsc#1149792) ++++ openssl: - Update to 1.1.1d release ++++ timezone: - timezone update 2019c (bsc#1150451) * Fiji observes DST from 2019-11-10 to 2020-01-12. * Norfolk Island starts observing Australian-style DST. ------------------------------------------------------------------ ------------------ 2019-9-11 - Sep 11 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Update to 7.66.0 [bsc#1149496, CVE-2019-5482][bsc#1149495, CVE-2019-5481] [bsc#1149604, bsc#1149572, jsc#SLE-9295] * Changes: - CURLINFO_RETRY_AFTER: parse the Retry-After header value - HTTP3: initial (experimental still not working) support - curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool - curl: support parallel transfers with -Z - curl_multi_poll: a sister to curl_multi_wait() that waits more - sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID * Bugfixes: - CVE-2019-5481: FTP-KRB double-free - CVE-2019-5482: TFTP small blocksize heap buffer overflow - CMake: remove needless newlines at end of gss variables - CMake: use platform dependent name for dlopen() library - CURLINFO docs: mention that in redirects times are added - CURLOPT_ALTSVC.3: use a "" file name to not load from a file - CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED - CURLOPT_HEADERFUNCTION.3: clarify - CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly - CURLOPT_READFUNCTION.3: provide inline example - CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2 - Curl_addr2string: take an addrlen argument too - Curl_fillreadbuffer: avoid double-free trailer buf on error - HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown - alt-svc: add protocol version selection masking - alt-svc: fix removal of expired cache entry - alt-svc: make it use h3-22 with ngtcp2 as well - alt-svc: more liberal ALPN name parsing - alt-svc: send Alt-Used: in redirected requests - alt-svc: with quiche, use the quiche h3 alpn string - asyn-thread: create a socketpair to wait on - cleanup: move functions out of url.c and make them static - cleanup: remove the 'numsocks' argument used in many places - configure: avoid undefined check_for_ca_bundle - curl.h: add CURL_HTTP_VERSION_3 to the version enum - curl: cap the maximum allowed values for retry time arguments - curl: handle a libcurl build without netrc support - curl: make use of CURLINFO_RETRY_AFTER when retrying - curl: use CURLINFO_PROTOCOL to check for HTTP(s) - curl_global_init_mem.3: mention it was added in 7.12.0 - curl_version: bump string buffer size to 250 - curl_version_info.3: mentioned ALTSVC and HTTP3 - curl_version_info: offer quic (and h3) library info - curl_version_info: provide nghttp2 details - defines: avoid underscore-prefixed defines - docs/ALTSVC: remove what works and the experimental explanation - docs/EXPERIMENTAL: explain what it means and what's experimental now - docs/MANUAL.md: converted to markdown from plain text - docs/examples/curlx: fix errors - docs: s/curl_debug/curl_dbg_debug in comments and docs - easy: resize receive buffer on easy handle reset - examples: Avoid reserved names in hiperfifo examples - examples: add http3.c, altsvc.c and http3-present.c - http09: disable HTTP/0.9 by default in both tool and library - http2: when marked for closure and wanted to close == OK - http2_recv: trigger another read when the last data is returned - http: fix use of credentials from URL when using HTTP proxy - http_negotiate: improve handling of gss_init_sec_context() failures - md4: Use our own MD4 when no crypto libraries are available - multi: call detach_connection before Curl_disconnect - nss: use TLSv1.3 as default if supported - openssl: build warning free with boringssl - openssl: use SSL_CTX_set__proto_version() when available - plan9: add support for running on Plan 9 - progress: reset download/uploaded counter between transfers - readwrite_data: repair setting the TIMER_STARTTRANSFER stamp - scp: fix directory name length used in memcpy - smb: init *msg to NULL in smb_send_and_recv() - smtp: check for and bail out on too short EHLO response - source: remove names from source comments - spnego_sspi: add typecast to fix build warning - src/makefile: fix uncompressed hugehelp.c generation - ssh-libssh: do not specify O_APPEND when not in append mode - ssh: move code into vssh for SSH backends - sspi: fix memory leaks - tests: Replace outdated test case numbering documentation - tftp: return error when packet is too small for options - timediff: make it 64 bit (if possible) even with 32 bit time_t - travis: reduce number of torture tests in 'coverage' - url: make use of new HTTP version if alt-svc has one - urlapi: verify the IPv6 numerical address - urldata: avoid 'generic', use dedicated pointers - vauth: Use CURLE_AUTH_ERROR for auth function errors * Removed patches: - curl-CVE-2018-0500.patch - curl-CVE-2018-14618.patch - curl-CVE-2018-16839.patch - curl-CVE-2018-16840.patch - curl-CVE-2018-16842.patch - curl-CVE-2018-16890.patch - curl-CVE-2019-3822.patch - curl-CVE-2019-3823.patch - curl-CVE-2019-5436.patch - curl-CVE-2019-5481.patch - curl-CVE-2019-5482.patch ++++ kernel-default: - series.conf: Add note on why pcc-cpufreq patch is being held for evaluation - commit a514b48 ++++ openssl-1_1: - Update to 1.1.1d (bsc#1133925, jsc#SLE-6430) * Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. (bsc#1150247, CVE-2019-1549) * Compute ECC cofactors if not provided during EC_GROUP construction. Before this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. (bsc#1150003, CVE-2019-1547) * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. (bsc#1150250, CVE-2019-1563) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters, when loading a serialized key or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters(). * Early start up entropy quality from the DEVRANDOM seed source has been improved for older Linux systems. * Changed DH_check to accept parameters with order q and 2q subgroups. With order 2q subgroups the bit 0 of the private key is not secret but DH_generate_key works around that by clearing bit 0 of the private key for those. This avoids leaking bit 0 of the private key. * Significantly reduce secure memory usage by the randomness pools. * Revert the DEVRANDOM_WAIT feature for Linux systems - drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream) - refresh patches * openssl-1.1.0-no-html.patch * openssl-jsc-SLE-8789-backport_KDF.patch ++++ qemu: - Include more tweaks to our packaging workflow scripts - Produce qemu-linux-user and qemu-testsuite via the build service multibuild capability, instead of duplicating the spec file and using package link in build service * combine qemu-linux-user spec file into main qemu spec file. Since this model uses a single changelog, here are some historicial mentions from the now unused qemu-linux-user.changes (delta from qemu's was quite minimal): - Adjust to a v5.2 linux kernel change regarding SIOCGSTAMP - Fix pwrite64/pread64 to return 0 over -1 for a zero length NULL buffer in qemu (bsc#1121600) * bsc#1112499 * Since qemu-testsuite.spec and qemu-testsuite.changes were just copies of the main qemu version nothing needs to be done there ------------------------------------------------------------------ ------------------ 2019-9-10 - Sep 10 2019 ------------------- ------------------------------------------------------------------ ++++ gsettings-desktop-schemas: - Update to version 3.34.0: + Translation updates. ++++ libguestfs: - Use -ffat-lto-objects when building static libraries. ++++ kernel-default: - Delete patches.suse/netfilter-ip_conntrack_slp.patch (FATE#324143 jsc#SLE-8944 bsc#1127886). This veteran out of tree patch is no longer needed since the userspace conntrack helper (in conntrack-tools / conntrackd) has reached Factory. - commit d6f0b71 - Update and reenable patches.suse/Revert-netfilter-conntrack-remove-helper-hook-again.patch (FATE#324143 jsc#SLE-8944 bsc#1127886). - commit 029452e - powerpc: dump kernel log before carrying out fadump or kdump (bsc#1149940 ltc#179958). - commit 4b365d2 - Refresh patches.suse/net-ibmvnic-Fix-missing-in-__ibmvnic_reset.patch. - commit 0ebba63 - series.conf: update sorted section banner Make the commit above sorted section less ambiguous. In particular, state clearly that patches without Git-commit which cannot be handled by git-sort do not belong in it. - commit 1506bb8 - series.conf: move unsortable patch out of sorted section Patch without Git-commit cannot be sorted so that there is no point having it into the sorted section. - commit f18376e ++++ sqlite3: - bsc#1150137, CVE-2019-16168, sqlite3-CVE-2019-16168.patch: Improper validation of qlite_stat1 sz field leads to division by zero. ++++ yast2: - support reading licenses from tar archive (jsc#SLE-7214) - 4.2.21 ------------------------------------------------------------------ ------------------ 2019-9-9 - Sep 9 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Update lvm2.spec: make baselibs.conf to a common source. - Avoid creation of mixed-blocksize PV on LVM volume groups (bsc#1149408) + bug-1149408_Fix-rounding-writes-up-to-sector-size.patch + bug-1149408_vgcreate-vgextend-restrict-PVs-with-mixed-block-size.patch - Update lvm.conf files - add devices/allow_mixed_block_sizes item ++++ gobject-introspection: - Update to version 1.62.0: + No changes since 1.61.2. ++++ libguestfs: - Added lvm2 to Requires for using virt-resize of xfs images. (bsc#1138860) ++++ kernel-default: - net/ibmvnic: Fix missing { in __ibmvnic_reset (bsc#1149652 ltc#179635). - commit a3cd2bf - net/ibmvnic: free reset work of removed device from queue (bsc#1149652 ltc#179635). - commit e64984b - Refresh patches.suse/xfs-repair-malformed-inode-items-during-log-recovery.patch. - commit cbb6da0 - config: enable SLAB_FREELIST_HARDENED (bsc#1127808) Enable SLAB_FREELIST_HARDENED on all architectures. This obscures the free object pointer on a per-cache basis making it more difficult to locate kernel objects via exploits probing the cache metadata. This change was requested by the upstream openSUSE community to make the kernel more resistent to slab freelist attacks. Tests conducted by the kernel performance teams confirmed that the performance impact is detectable but negligible. - commit 39e9013 - rpm/constraints.in: lower disk space required for ARM With a requirement of 35GB, only 2 slow workers are usable for ARM. Current aarch64 build requires 27G and armv6/7 requires 14G. Set requirements respectively to 30GB and 20GB. - commit f84c163 - Update to 5.3-rc8 - refresh armv6hl configs (IXP4xx drivers no longer visible) - commit 3dea797 - config: enable STACKPROTECTOR_STRONG also on armv6hl Recently reenabled armv6hl architecture has STACKPROTECTOR_STRONG disabled, enable it here as well. - commit 8c0677d ++++ Mesa: - Add ppc64 for radeonsi to avoid build error ++++ graphene: - Update to version 1.10.0: + API additions, mostly driven by Gthree: - Add graphene_matrix_decompose(). - Add intersection methods to graphene_ray_t. - graphene_triangle_init_from_float(). - graphene_triangle_get_uv(). + Fix graphene_ray_transform(). + Documentation fixes. ++++ lvm2: - Update lvm2.spec: make baselibs.conf to a common source. - Avoid creation of mixed-blocksize PV on LVM volume groups (bsc#1149408) + bug-1149408_Fix-rounding-writes-up-to-sector-size.patch + bug-1149408_vgcreate-vgextend-restrict-PVs-with-mixed-block-size.patch - Update lvm.conf files - add devices/allow_mixed_block_sizes item ++++ openssl-1_1: - To avoid seperate certification of openssh server / client move the SSH KDF (Key Derivation Function) into openssl. * jsc#SLE-8789 * Sourced from commit 8d76481b189b7195ef932e0fb8f0e23ab0120771#diff-a9562bc75317360a2e6b8b0748956e34 in openssl master (introduce the SSH KDF) and commit 5a285addbf39f91d567f95f04b2b41764127950d in openssl master (backport EVP/KDF API framework) * added openssl-jsc-SLE-8789-backport_KDF.patch ++++ python3-core: - jsc#PM-1350 bsc#1149121 Update python3 to the last version of the 3.6 line. This is just a bugfix release with no changes in functionality. - The following patches were included in the upstream release as so they can be removed in the package: - CVE-2018-20852-cookie-domain-check.patch - CVE-2019-5010-null-defer-x509-cert-DOS.patch - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-9636-urlsplit-NFKC-norm.patch - CVE-2019-9947-no-ctrl-char-http.patch - Patch bpo23395-PyErr_SetInterrupt-signal.patch has been reapplied on the upstream base without changing any functionality. - Add patch aarch64-prolong-timeout.patch to fix failing test_utime_current_old test. ++++ python3: - jsc#PM-1350 bsc#1149121 Update python3 to the last version of the 3.6 line. This is just a bugfix release with no changes in functionality. - The following patches were included in the upstream release as so they can be removed in the package: - CVE-2018-20852-cookie-domain-check.patch - CVE-2019-5010-null-defer-x509-cert-DOS.patch - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-9636-urlsplit-NFKC-norm.patch - CVE-2019-9947-no-ctrl-char-http.patch - Patch bpo23395-PyErr_SetInterrupt-signal.patch has been reapplied on the upstream base without changing any functionality. - Add patch aarch64-prolong-timeout.patch to fix failing test_utime_current_old test. ++++ python-gobject: - Update to version 3.34.0: + No changes since 3.33.1. ++++ rebootmgr: - Fix %config for backward compatibility ++++ transactional-update: - Update to version 2.16 - Use default command if options, but no command was given [boo#1146116] - Make sure only one process appears in `ps` output [boo#1111897] - Move update check: If a new repository is added (and ZYPPER_AUTO_IMPORT_KEYS is set) adding the new repository key won't fail any more - Avoid unnecessary snapshots / reboots by detecting zypper operations without changes more reliably (e.g. when installing an already installed package) - Update the manpage accordingly - Bugfixes: - Ignore commented lines in fstab when checking for shadowed files - Avoid warning when copying network config - Remove Perl dependency - Building documentation requires Python 3 now ------------------------------------------------------------------ ------------------ 2019-9-7 - Sep 7 2019 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.62.0: + Revert broken queued data fix for glgo#GNOME/glib-networking#15. ++++ libsigc++2: - Drop conditional libsigc++-std-c11.patch: No longer needed for any currently supported version of openSUSE. - Use make_build macro. ------------------------------------------------------------------ ------------------ 2019-9-6 - Sep 6 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version up to 9.18.16 This version upgrade includes several fixes: * Add --add-bootstrap-packages option (bsc#1149686) The prepare and build commands now allows to specify additional packages to be installed as part of the early bootstrap phase This Fixes #1151 * Avoid default installation of dracut kiwi modules With this commit dracut modules won't be installed by default in the initrd unless they are requested by the commandline calling dracut or by a dracut configuration file. Fixes bsc#1142899 bsc#1136444 Fixes #1103 * Add support for custom fstab script extension In addition to fstab append and patch features we also allow an fstab.script file that is called chrooted. The change is needed to support overlay mounting of filesystems as part of the initrd. If system filesystems needs to be changed in a way that they can be used in an overlay mount, the standard mount entry has to take the x-initrd.mount capability which requires a modification of the fstab which is cumbersome to handle as a patch file. This concept is currently used as part of the MicroOS project in SUSE and is applied in the integration test build maintained for this target. This Fixes bsc#1129566 * Add crypt dependency to kiwi-lib dracut module This commit fixes the dependencies of the kiwi-lib dracut module to include crypt module required by kiwi-luks-lib.sh. In addition it also updates the check() section to return 255 instead of 0. In check section a return code of 0 means install it, 255 install only if required by another module, anything else, do not install. Related with bsc#1142899 * 99-kiwi-lib requires rmdir, install it Fixes bsc#1143033 * Do not crash on missing HOME Fixes bsc#1149686 * Extend spare partition setup The spare partition could be used to introduce one additional partition table entry. With this patch the following new type attributes will be added: * spare_part_fs="fsname" * spare_part_mountpoint="/location" * spare_part_is_last="true|false" Along with the setup of the partition size the filesystem and its mountpoint can be specified. If set the contents of the rootfs at the specified spare location will be synced to that partition. The spare_part_is_last attribute will place the spare partition at the end of the disk. Note this attribute is only available for the simple vmx disk type. This is related to bsc#1129566 * Preserve licenses/other txt files by baseStripFirmware (bsc#1132455) (Fixes #1063) LICENSES are usually not large and should be kept alongside of the binaries. Also some firmware files sideload additional txt files (like for example brcmfmac43430 needs the sdio description txt files). We should just always include them because they're not listed as needed files. Co-Authored-By: Dan Čermák * Delete check_grub_efi_installed_for_efi_firmware The motivation is nice to check if the required grub module package is part of the package list if the efi firmware is requested, but as long as there is no distribution wide standard for packaging grub this check will cause more trouble than it is of help. Currently it failed for the arm architecture and the grub2-arm64-efi package. We decided to prevent checking against static lists and dropped this runtime check. Missing grub modules will be recognized at the grub stage when we search for them. Fixes bsc#1149686 * Support optional fstab.patch file In addition to the support for fstab.append, users can now also provide a patch file to change the contents of the fstab file as it got written by kiwi. The feature is probably rarely used but needed in the area of suse's transactional update mechanism. This Fixes bsc#1129566 and Fixes #945 * Write sha256sum --check compatible shasum format Change the output format of the bundler shasum file to be compatible with a 'sha256sum --check' call. This fixes bsc#1127173 * Fixed import of signing keys In reference to bsc#1112357 it was required to add the compat symlink /var/lib/rpm such that zypper can read the signing keys. Unfortunately zypper does not use the configured rpmdb from the rpm macro setup. * Fix location of grub unicode font This is a follow up patch for #f5bac4495d34. The change of the location of the font file was not applied if an iso target, live or install image is being built. This patch completes the change and Fixes bsc#1124885 * Handle location of the rpm DB on the macro level The location of the rpm database is no longer a standard path one can trust. Some distributions put it to /var/lib others to /usr/lib. This introduces the problem of dealing with different locations between the bootstrapping (host rpm) phase and the image installation (image rpm) phase. This commit implements a solution based on an intermediate rpm database configuration. KIWI creates the macros.kiwi file inside of the image root which is read by any call of rpm in the inner and outer system. During bootstrap phase the rpm dbpath from the host system is used and later in the install phase the dbpath from the rpm package as it was installed by the target image distribution is used. In case of a dbpath difference the database is automatically moved to the new location by setting the _dbpath_rebuild macro to the correct location. At the end the custom KIWI macro is deleted. As this process allows custom macro defintions during the KIWI run it also serves as the base for a solution to Issue #771 which will be done in a follow up request to this commit. Also the workaround for bsc#1112357 which uses a static dbpath to store an optionally given signing key will be addressed with this commit. The macro setup happens before the import_trusted_keys method which makes any specification for a strict dbpath obsolete. Last the implementation deletes the obsolete dump_reload_package_database code. rpm is able to automatically do the conversion of different db versions such that the code in kiwi is obsolete. In addition that code only worked for rather old db versions. The public API has not changed though, but the method is marked obsolete and does nothing anymore. In addition to the deletion of obsolete code a new API method post_process_install_requests_bootstrap has been introduced to handle actions required after bootstrap and before installing of packages from inside the new image ++++ iptables: - add missing Provides/Obsoletes for the renamed package iptables-backend-nft (was iptables-nft) ++++ kernel-default: - powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts (CVE-2019-15031 bsc#1149713). - powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction (CVE-2019-15030 bsc#1149713). - commit ca72e89 ++++ multipath-tools: - Update to version 0.8.2+18.9ff73e7: * Fix premature path reinstantiation with san_path_err_XX (boo#1149319) ++++ libeconf: - Update to version 0.3.0+git20190906.0e60a88: * Ensure LICENSE, README, and TODO are included in the release tarball * Rewrite set*ValueNum functions to avoid libm usage and add error checking * Move src/*.c to lib and release version 0.3.0 ++++ rdma-core: - Update to rdma-core v25.1 (bsc#996146) - No release notes available - Add rdma-core-rpmlintrc to hide non applicable rpmlint warnings ++++ graphene: - Update to version 1.9.6: + Add radians based initialisers for graphene_euler_t. + Use pragma once for the header inclusion guard. + Remove unused function (#159) + Add multiply(), scale(), and add() operators to graphene_quaternion_t. + Add lerp() operator to all vector types. + Add graphene_plane_transform() + Documentation updates for graphene_ray_t. + Fix graphene_box_get_center() and. graphene_box_get_bounding_sphere() (#165) + Ensure that we detect empty or infinite boxes in the. graphene_box_t API. - Changes from version 1.9.4: + Graphene now uses an ancillary library called µTest for its test suite; this means it's possible to build and run the test suite without necessarily depending on GLib. + the conversion of the Euler angles type to and from matrices and. quaternions has been rewritten from scratch, and should not only be finally correct, but it should also cover more use cases—namely the "proper" Euler angles as well as the Tait–Bryan angles. + the ARM NEON implementation of the SIMD types has been improved, fixed, and tested, so it's not marked as experimental any more. + Require Meson ≥ 0.50.1. + Fix graphene_quaternion_equal() to consider the orientation, not just the component equality. + Fix graphene_quaternion_slerp() to always interpolate along the shortest path. + Re-implement the conversion of graphene_euler_t to and from graphene_matrix_t and graphene_quaternion_t. + Add graphene_rectangle_get_area() + Document restrictions of graphene_rect_round(), and deprecate the function. + Add graphene_rect_round_extents() + Port the test suite from GLib's testing utilities to µTest. + Remove internal floating point comparisons. + Improve the NEON extensions detection code. + Fix comparison operators for graphene_simd4f_t on ARM using the NEON extensions. + Remove the "experimental" compiler warning from the ARM NEON implementation of graphene_simd4f_t. - Changes from version 1.9.2: + Add graphene_rect_scale() method. + Fix warning from Meson by dropping unnecessary argument to. configure_file() + Clean up arguments of pkgconfig.generate() + Add equality operators to graphene_matrix_t. + Add getters for translation components of a graphene_matrix_t. + Use darwin_versions argument instead of rolling our own. + Add GRAPHENE_RECT_INIT_ZERO ++++ systemd: - Track 0001-resolved-create-etc-resolv.conf-symlink-at-runtime.patch in the git repo This patch has been in the quarantine area long enough, so let's move it in the git repo. ++++ libvirt: - Update to libvirt 5.7.0 - Experimental split of libvirtd into separate daemons - bsc#1145440, bsc#1145586 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html - Dropped patches: 4ec3cf9a-apparmor-rules.patch, f38ef0fa-no-RDMA-check.patch, 411cdaf8-apparmor-check-profile-name.patch. 696239ba-qemu-fix-query-cpus-fast.patch, 09eb1ae0-conf-add-xenbus-controller.patch, fb059757-libxl-add-xenbus-controller.patch, ec5a1191-libxl-support-max-grant-frames.patch, 5a64c202-xenconfig-support-max-grant-frames.patch, CVE-2019-3886-api.patch, CVE-2019-3886-remote.patch, e0246257-cputest-add-data-for-Cascadelake-Server.patch, 5cd9db3a-cputest-add-data-E3-1225-v5.patch, 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch, 96f41cd7-admin-reject-clients.patch, f111e094-locking-restrict-sockets-to-mode-0600.patch, e37bd65f-logging-restrict-sockets-to-mode-0600.patch, 9f4e35dc-network-improve-chain-create-error-report.patch, 686803a1-network-split-ipv4-ipv6-chains.patch, c1c235eb-nework-clear-cached-error.patch, 4330d138-network-refactor-global-chains.patch, 3b66bd9a-add-debug-chain-creation.patch, c6cbe187-network-delay-global-fw-setup.patch, CVE-2019-10161-api-disallow-virDomainSaveImageGetXMLDesc.patch, CVE-2019-10166-api-disallow-virDomainManagedSaveDefineXML.patch, CVE-2019-10167-api-disallow-virConnectGetDomainCapabilities.patch, CVE-2019-10168-api-disallow-virConnect-HypervisorCPU.patch, 51f9f80d-fix-copying-bitmaps.patch, 2878278c-cpu_map-add-Cascaselake-Server.patch, 4a0f604d-cpu_map-distribute-Cascaselake-Server.patch, d5572f62-qemu-support-override-max-thread.patch, 673f805d-qemu-chown-uniqDir.patch, 975b004d-virtlogd-over-logrotate.patch, 18d47d61-revert-d00c77ae.patch, d6943eab-libxl-pmsuspend-event.patch, 3d179919-virsh-precopy-bandwidth.patch, f4bdd829-rename-precopy-bandwidth.patch, xen-pv-cdrom.patch, blockcopy-check-dst-identical-device.patch, suse-libvirtd-service-xen.patch, xen-sxpr-disk-type.patch ++++ makedumpfile: - makedumpfile-Increase-SECTION_MAP_LAST_BIT-to-4.patch: Increase SECTION_MAP_LAST_BIT to 4 (bsc#1144708). ++++ qemu: - Build opensbi from source on riscv64 - Update to v4.1.0: See http://wiki.qemu.org/ChangeLog/4.1 Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package Some noteworthy changes: * x86: CPU models are now versioned * x86: CPU die topology can now be configured * x86: New Hygon Dhyana and Intel Snowridge CPU models * s390: The bios now supports IPL (boot) from ECKD DASD assigned to the guest via vfio-ccw * s390: The bios now tolerates the presence of bootmap signature entries written by zipl * PowerPC: pseries machine now supports KVM acceleration (kernel_irqchip=on) of the XIVE interrupt controller * PowerPC: pseries now supports hot-plug of PCI bridges and hot-plug and unplug of devices under PCI bridges * ARM: QEMU now supports emulating an FPU for Cortex-M CPUs, and the Cortex-M4 and Cortex-M33 now provide the FP * Python 2 support is deprecated * UEFI platform firmware binaries, and matching variable store templates are now installed * Now it's possible to specify memory-less NUMA node when using "-numa node,memdev" options * Possible to trigger self announcement on specific network interfaces * Default memory distribution between NUMA nodes is now deprecated * Fallback to normal RAM allocation if QEMU is not able to allocate from the "-mem-path" provided file/filesystem is now deprecated * virtio-gpu 2d/3d rendering may now be offloaded to an external vhost-user process, such as QEMU vhost-user-gpu * QEMU will automatically try to use the MAP_SYNC mmap flag for memory backends configured with pmem=on,share=on * Additional SeaVGABIOS patches added for vga-ati compatibility - Drop attempt at build compatibility with SLE12 - New sub-packages: qemu-edk2, qemu-vhost-user-gpu - Conditionalize building of qemu-edk2 (and leave unbuilt for now) - Implement new packaging workflow, includes no longer numbering patches, and having the "current git repo" stored with the package in the form of git bundles * Patches dropped (upstream unless otherwise noted): 0027-tests-test-thread-pool-is-racy-add-.patch 0032-tests-Fix-Makefile-handling-of-chec.patch 0034-Revert-target-i386-kvm-add-VMX-migr.patch 0036-sockets-avoid-string-truncation-war.patch 0039-linux-user-avoid-string-truncation-.patch 0040-linux-user-elfload-Fix-GCC-9-build-.patch 0041-qxl-avoid-unaligned-pointer-reads-w.patch 0042-libvhost-user-fix-Waddress-of-packe.patch 0043-target-i386-define-md-clear-bit.patch 0045-kbd-state-fix-autorepeat-handling.patch 0046-target-ppc-ensure-we-get-null-termi.patch 0049-qxl-check-release-info-object.patch 0050-qemu-bridge-helper-restrict-interfa.patch 0051-linux-user-fix-to-handle-variably-s.patch ipxe-use-gcc6-for-more-compact-code.patch (no longer needed) (the next three are replaced by the upstream equivalent) ipxe-efi-Simplify-diagnostic-for-NULL-handle.patch ipxe-build-Disable-gcc-address-of-packed-member-warning.patch ipxe-efi-Avoid-string-op-warning-with-cross-gcc-7-compile.patch slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input.patch * Patches renamed: 0001-XXX-dont-dump-core-on-sigabort.patch - > XXX-dont-dump-core-on-sigabort.patch 0002-qemu-binfmt-conf-Modify-default-pat.patch - > qemu-binfmt-conf-Modify-default-path.patch 0003-qemu-cvs-gettimeofday.patch - > qemu-cvs-gettimeofday.patch 0004-qemu-cvs-ioctl_debug.patch - > qemu-cvs-ioctl_debug.patch 0005-qemu-cvs-ioctl_nodirection.patch - > qemu-cvs-ioctl_nodirection.patch 0006-linux-user-add-binfmt-wrapper-for-a.patch - > linux-user-add-binfmt-wrapper-for-argv-0.patch 0007-PPC-KVM-Disable-mmu-notifier-check.patch - > PPC-KVM-Disable-mmu-notifier-check.patch 0008-linux-user-binfmt-support-host-bina.patch - > linux-user-binfmt-support-host-binaries.patch 0009-linux-user-Fake-proc-cpuinfo.patch - > linux-user-Fake-proc-cpuinfo.patch 0010-linux-user-use-target_ulong.patch - > linux-user-use-target_ulong.patch 0011-Make-char-muxer-more-robust-wrt-sma.patch - > Make-char-muxer-more-robust-wrt-small-FI.patch 0012-linux-user-lseek-explicitly-cast-no.patch - > linux-user-lseek-explicitly-cast-non-set.patch 0013-AIO-Reduce-number-of-threads-for-32.patch - > AIO-Reduce-number-of-threads-for-32bit-h.patch 0014-xen_disk-Add-suse-specific-flush-di.patch - > xen_disk-Add-suse-specific-flush-disable.patch 0015-qemu-bridge-helper-reduce-security-.patch - > qemu-bridge-helper-reduce-security-profi.patch 0016-qemu-binfmt-conf-use-qemu-ARCH-binf.patch - > qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch 0017-linux-user-properly-test-for-infini.patch - > linux-user-properly-test-for-infinite-ti.patch 0018-roms-Makefile-pass-a-packaging-time.patch - > roms-Makefile-pass-a-packaging-timestamp.patch 0019-Raise-soft-address-space-limit-to-h.patch - > Raise-soft-address-space-limit-to-hard-l.patch 0020-increase-x86_64-physical-bits-to-42.patch - > increase-x86_64-physical-bits-to-42.patch 0021-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch - > vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch 0022-i8254-Fix-migration-from-SLE11-SP2.patch - > i8254-Fix-migration-from-SLE11-SP2.patch 0023-acpi_piix4-Fix-migration-from-SLE11.patch - > acpi_piix4-Fix-migration-from-SLE11-SP2.patch 0024-Switch-order-of-libraries-for-mpath.patch - > Switch-order-of-libraries-for-mpath-supp.patch 0025-Make-installed-scripts-explicitly-p.patch - > Make-installed-scripts-explicitly-python.patch 0026-hw-smbios-handle-both-file-formats-.patch - > hw-smbios-handle-both-file-formats-regar.patch 0028-xen-add-block-resize-support-for-xe.patch - > xen-add-block-resize-support-for-xen-dis.patch 0029-tests-qemu-iotests-Triple-timeout-o.patch - > tests-qemu-iotests-Triple-timeout-of-i-o.patch 0030-tests-block-io-test-130-needs-some-.patch - > tests-block-io-test-130-needs-some-delay.patch 0031-xen-ignore-live-parameter-from-xen-.patch - > xen-ignore-live-parameter-from-xen-save-.patch 0033-Conditionalize-ui-bitmap-installati.patch - > Conditionalize-ui-bitmap-installation-be.patch 0035-tests-change-error-message-in-test-.patch - > tests-change-error-message-in-test-162.patch 0037-hw-usb-hcd-xhci-Fix-GCC-9-build-war.patch - > hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch 0038-hw-usb-dev-mtp-Fix-GCC-9-build-warn.patch - > hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch 0044-hw-intc-exynos4210_gic-provide-more.patch - > hw-intc-exynos4210_gic-provide-more-room.patch 0047-configure-only-populate-roms-if-sof.patch - > configure-only-populate-roms-if-softmmu.patch 0048-pc-bios-s390-ccw-net-avoid-warning-.patch - > pc-bios-s390-ccw-net-avoid-warning-about.patch keycodemapdb-make-keycode-gen-output-reproducible.patch - > Make-keycode-gen-output-reproducible-use.patch ipxe-stub-out-the-SAN-req-s-in-int13.patch - > stub-out-the-SAN-req-s-in-int13.patch sgabios-fix-cross-build.patch deleted - > roms-sgabios-Fix-csum8-to-be-built-by-ho.patch sgabios-stable-buildid.patch - > sgabios-Makefile-fix-issues-of-build-rep.patch skiboot-gcc9-compat.patch - > Disable-Waddress-of-packed-member-for-GC.patch ipxe-stable-buildid.patch - > ipxe-Makefile-fix-issues-of-build-reprod.patch seabios-fix_cross_compilation.patch - > enable-cross-compilation-on-ARM.patch * Patches added: roms-change-cross-compiler-naming-to-be-.patch roms-Makefile.edk2-don-t-invoke-git-sinc.patch vga-move-modelist-from-bochsvga.c-to-new.patch vga-make-memcpy_high-public.patch vga-add-atiext-driver.patch vga-add-ati-bios-tables.patch vbe-add-edid-support.patch ati-add-edid-support.patch ati-vga-make-less-verbose.patch ati-vga-fix-ati_read.patch ati-vga-make-i2c-register-and-bits-confi.patch ati-vga-try-vga-ddc-first.patch ati-vga-add-rage128-edid-support.patch Fix-s-directive-argument-is-null-error.patch Workaround-compilation-error-with-gcc-9..patch Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch hdata-vpd-fix-printing-char-0x00.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.1 ++++ rebootmgr: - Update to version 0.20 - add support to write changes back to /etc/rebootmgr.conf ++++ wicked: - version 0.6.56 - dhcp6: initial support to request prefix for delegations (jsc#SLE-5936) - dhcp6: set the noprefixroute address option (bsc#1132280) ++++ yast2: - Fix a problem when long warnings reports in command line (bsc#1149776). - 4.2.20 ------------------------------------------------------------------ ------------------ 2019-9-5 - Sep 5 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix: [bsc#1149496,CVE-2019-5482] * TFTP small blocksize heap buffer overflow * Added curl-CVE-2019-5482.patch - Security fix: [bsc#1149495,CVE-2019-5481] * FTP-KRB: double-free during kerberos FTP data transfer * Added curl-CVE-2019-5481.patch ++++ glib2: - Update to version 2.62.0: + Fix new `GFileInfo` APIs to work when `G_FILE_ATTRIBUTE_TIME_MODIFIED_USEC` was not queried. + Bugs fixed: glgo#GNOME/GLib#487, glgo#GNOME/GLib!1084, glgo#GNOME/GLib!1086,glgo#GNOME/GLib!1087. - Update to version 2.61.3: + Support setting thread name on BSD systems. + Install previously-uninstalled headers for public `GNativeSocketAddress` object. + Very initial support for Windows apps (UWP). + Add various new valgrind suppressions to `glib.supp`. + Bugs fixed: glgo#GNOME/GLib!83, glgo#GNOME/GLib!512, glgo#GNOME/GLib!873, glgo#GNOME/GLib!905, glgo#GNOME/GLib!1057, glgo#GNOME/GLib!1309, glgo#GNOME/GLib!1620, glgo#GNOME/GLib!1761, glgo#GNOME/GLib!1803, glgo#GNOME/GLib!1819, glgo#GNOME/GLib!1852, glgo#GNOME/GLib!1854, glgo#GNOME/GLib!1860, glgo#GNOME/GLib!1863, glgo#GNOME/GLib!1867, glgo#GNOME/GLib!1870, glgo#GNOME/GLib!1879, glgo#GNOME/GLib!1880, glgo#GNOME/GLib!1881, glgo#GNOME/GLib!1002, glgo#GNOME/GLib!1011, glgo#GNOME/GLib!1015, glgo#GNOME/GLib!1016, glgo#GNOME/GLib!1017, glgo#GNOME/GLib!1023, glgo#GNOME/GLib!1026, glgo#GNOME/GLib!1027, glgo#GNOME/GLib!1031, glgo#GNOME/GLib!1032, glgo#GNOME/GLib!1033, glgo#GNOME/GLib!1034, glgo#GNOME/GLib!1036, glgo#GNOME/GLib!1037, glgo#GNOME/GLib!1044, glgo#GNOME/GLib!1049, glgo#GNOME/GLib!1050, glgo#GNOME/GLib!1054, glgo#GNOME/GLib!1057, glgo#GNOME/GLib!1059, glgo#GNOME/GLib!1066, glgo#GNOME/GLib!1068, glgo#GNOME/GLib!1071, glgo#GNOME/GLib!1074, glgo#GNOME/GLib!1075. ++++ gsettings-desktop-schemas: - Update to version 3.33.92: + Translation updates. ++++ kernel-default: - series.conf: move unsortable patch out of sorted section - commit 8a360b5 - powerpc/xmon: Add a dump of all XIVE interrupts (bsc#1142019). - powerpc/xive: Fix dump of XIVE interrupt under pseries (bsc#1142019). - powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL (bsc#1142019). - commit 68e4d5a ++++ libeconf: - Update to version 0.3.0+git20190905.0ca8fe2: * Merge doc changes from parlt91 (pull rq#73) * Implement econf_get*ValueDef functions: if key is not found, a provided default is returned. * Differentiate between no value provided and empty value provided * Remove obsolete check for comments * Enhance and adjust test cases * Remove obsolete check for comments ++++ makedumpfile: - Update to 1.6.6 * Support for AMD Secure Memory Encryption * Exclude pages that are logically offline * Support kernels up to 5.1.9 - Drop makedumpfile-coptflags.diff. ++++ podman: - Add katacontainers as a recommended package, and include it as an additional OCI runtime in the configuration. ++++ python-libvirt-python: - Update to 5.7.0 - Add all new APIs and constants in libvirt 5.7.0 ++++ salt: - Require shadow instead of old pwdutils (bsc#1130588) ++++ raspberrypi-firmware: - Update to e2e17cd03 (2019-09-04) * firmware: Port file loading revamp to master * firmware: Avoid defaulting to 64-bit kernel on older Pi * firmware: Revamp file loading logic * firmware: power: Allow reading uncached voltage * firmware: arm_loader: Request KMS to use CVT timings * firmware: vc_image: Default YUVUV to non-tall mode, with flag if required * firmware: ldconfig: Implement [pi2/pi3/pi3+] using board types See: #1242 * firmware: platform: Remove 10mV of margin * firmware: power: Add 2711-specific PMIC compensation values * firmware: sdhost_arasan: Disable busy wait on EMMC_STATUS_NEW_CARD_DATA_SET * firmware: AWB: Fix for manual WB settings in capture See: #1215 * firmware: arm_loader: Use platform_get_min_core_voltage for actual min voltage * firmware: clock: Remember disable state across clock changes * firmware: platform: pi4: Reduce min core voltage to 810mV * firmware: arm_dt: Use boost to force turbo mode rather than modifying core_freq_min for uart * firmware: arm_loader: Add optional flag to add_boost and get_boost calls * firmware: avs_2711: Move margin from init structure to run time * firmware: platform: fix get_min_default * firmware: arm_loader: Use AP_CLOCK_T for clock_iterator for easier debugging * hdmi: Switch to active pixel rate + margin for core clock boost * platform: Reduce the minimum core clock frequency from 250 to 200 MHz * firmware: arm_loader: Fix initial_turbo getting stuck See: #1005 * firmware: clock_2711: don't set reserved values for KA in PLL KAIP registers * firmware: AWB: Allow user to set manual gains for the RPi algorithm * firmware: arm_loader: Fix disabling of audio before reboot * firmware: fixed up the custom CVT values to use correct group * firmware: hdmi: Add independent table entries for hdmi_timings on each display See: #1218 * firmware: Fix to allow HDMI audio port route setting See: raspberrypi/linux#3100 * firmware: pwm_audio: Use the correct DREQs on Pi4 See: #1214 * firmware: pixelvalve_2711: Alter back porch for widths of 1366 See: #1202 * firmware: Clear the SMIDSW1 display interrupt flag on startup * firmware: dt-blob: Declare Pi 4B's SD_IO voltage selector * firmware: Fixups for missing code changes from Pi4 branch See: #1201 * firmware: Change order of display remapping for default display number * firmware: AWB: Set default number of stats regions for RPi AWB See: #1198 * firmware: Fix composite interrupt HVS channel * firmware: scalarlib: Fix width setting for SCALERLIB_PIXEL_FORMAT_YUV10COL * firmware: vcmailbox: Add a new SET_AUDIO_LDO_STATE mailbox command * firmware: Add mailbox call to report the HDMI timings * firmware: H264: Set the decoder cache AXI burst length to the same as the encoder * firmware: gencmd: Fix gencmd max result length * firmware: bootloader_config: New gencmd to read the EEPROM config * firmware: pwm_audio: Use PWM1 on BCM2838 unless remapped See: #1178 * firmware: AWB updates See: #1167 * firmware: dispmanx: Fix handling of disable_overscan to not disable it totally See: raspberrypi/linux#3059 * firmware: power: Enable/disable H264 and ISP clocks with domain * firmware: arm_loader: arm_64bit=0 should disable loading of kernel8.img * firmware: dt-blob: CM has no activity LED ++++ raspberrypi-firmware-config: - Update to e2e17cd03 (2019-09-04) * firmware: Port file loading revamp to master * firmware: Avoid defaulting to 64-bit kernel on older Pi * firmware: Revamp file loading logic * firmware: power: Allow reading uncached voltage * firmware: arm_loader: Request KMS to use CVT timings * firmware: vc_image: Default YUVUV to non-tall mode, with flag if required * firmware: ldconfig: Implement [pi2/pi3/pi3+] using board types See: #1242 * firmware: platform: Remove 10mV of margin * firmware: power: Add 2711-specific PMIC compensation values * firmware: sdhost_arasan: Disable busy wait on EMMC_STATUS_NEW_CARD_DATA_SET * firmware: AWB: Fix for manual WB settings in capture See: #1215 * firmware: arm_loader: Use platform_get_min_core_voltage for actual min voltage * firmware: clock: Remember disable state across clock changes * firmware: platform: pi4: Reduce min core voltage to 810mV * firmware: arm_dt: Use boost to force turbo mode rather than modifying core_freq_min for uart * firmware: arm_loader: Add optional flag to add_boost and get_boost calls * firmware: avs_2711: Move margin from init structure to run time * firmware: platform: fix get_min_default * firmware: arm_loader: Use AP_CLOCK_T for clock_iterator for easier debugging * hdmi: Switch to active pixel rate + margin for core clock boost * platform: Reduce the minimum core clock frequency from 250 to 200 MHz * firmware: arm_loader: Fix initial_turbo getting stuck See: #1005 * firmware: clock_2711: don't set reserved values for KA in PLL KAIP registers * firmware: AWB: Allow user to set manual gains for the RPi algorithm * firmware: arm_loader: Fix disabling of audio before reboot * firmware: fixed up the custom CVT values to use correct group * firmware: hdmi: Add independent table entries for hdmi_timings on each display See: #1218 * firmware: Fix to allow HDMI audio port route setting See: raspberrypi/linux#3100 * firmware: pwm_audio: Use the correct DREQs on Pi4 See: #1214 * firmware: pixelvalve_2711: Alter back porch for widths of 1366 See: #1202 * firmware: Clear the SMIDSW1 display interrupt flag on startup * firmware: dt-blob: Declare Pi 4B's SD_IO voltage selector * firmware: Fixups for missing code changes from Pi4 branch See: #1201 * firmware: Change order of display remapping for default display number * firmware: AWB: Set default number of stats regions for RPi AWB See: #1198 * firmware: Fix composite interrupt HVS channel * firmware: scalarlib: Fix width setting for SCALERLIB_PIXEL_FORMAT_YUV10COL * firmware: vcmailbox: Add a new SET_AUDIO_LDO_STATE mailbox command * firmware: Add mailbox call to report the HDMI timings * firmware: H264: Set the decoder cache AXI burst length to the same as the encoder * firmware: gencmd: Fix gencmd max result length * firmware: bootloader_config: New gencmd to read the EEPROM config * firmware: pwm_audio: Use PWM1 on BCM2838 unless remapped See: #1178 * firmware: AWB updates See: #1167 * firmware: dispmanx: Fix handling of disable_overscan to not disable it totally See: raspberrypi/linux#3059 * firmware: power: Enable/disable H264 and ISP clocks with domain * firmware: arm_loader: arm_64bit=0 should disable loading of kernel8.img * firmware: dt-blob: CM has no activity LED ++++ raspberrypi-firmware-dt: - Update to c00d518f3a69 (2019-08-17) * add overlays: act-led, disable-bt, disable-wifi, i2c0, i2c1, miniuart-bt, ------------------------------------------------------------------ ------------------ 2019-9-4 - Sep 4 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Enable klp-convert patches Enable patches.suse/livepatch-create-and-include-UAPI-headers.patch Enable and refresh patches.suse/livepatch-modpost-ignore-unresolved-symbols.patch Still not in upstream. Submitted though. It seems the final upstream version will be a bit different, but we need these two patches for our use case. - commit f385ff2 - Enable patches.suse/livepatch-mark-the-kernel-unsupported-when-disabling.patch Still SUSE-specific and still needed. - commit cd16e71 ++++ cairo: - Add 2 upstream bug fix patches: + cairo-Use-FT_Done_MM_Var-instead-of-free-when-available.patch: ft: Use FT_Done_MM_Var instead of free when available in cairo_ft_apply_variations. Fixes a crash when using freetype >= 2.9 + cairo-composite_color_glyphs.patch: Fix a thinko in composite_color_glyphs. We can't just move around the contents of the passed-in string, we need to make a copy. This was showing up as memory corruption in pango. ++++ libeconf: - Update to version 0.2.0+git20190904.03fa5b4: * Enhance and adjust test cases * Update ccpp.yml * Update ccpp.yml * Update ccpp.yml - Update to version 0.2.0+git20190904.989df9f: * Remove debug printf - Update to version 0.2.0+git20190904.c9c1820: * Implement alternate file parser solving the problems with group entry detection. * Add new parse error error code * Bool values read from a config file are not sanitzied, so we need to do that in the getBoolValueNum function, too. * Only use ..d directories * Release version 0.2.0 * Add an explanation about this project. * Check for NULL pointer arguments * Fix error return value * Fix typo in comment * Add test case for reading login.defs with data from util-linux test suite ++++ expat: - Security fix (CVE-2019-15903, bsc#1149429) * Crafted XML input results in heap-based buffer over-read by fooling the parser into changing from DTD parsing to document parsing * Added patches: - expat-CVE-2019-15903.patch - expat-CVE-2019-15903-tests.patch ++++ Mesa: - Update to version 19.1.6 * bugfix release ++++ salt: - Conflict with tornado >= 5; for now we can only cope with Tornado 4.x (boo#1101780). ++++ u-boot-rpiarm64: - Add avnetultra96rev1 ------------------------------------------------------------------ ------------------ 2019-9-3 - Sep 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/fadump: when fadump is supported register the fadump sysfs files (bsc#1146352). - commit da248a6 - config: enable STACKPROTECTOR_STRONG (jsc#SLE-9120 bsc#1130365) Enable CONFIG_STACKPROTECTOR_STRONG on all architectures except s390x (where the feature is not available). This extends the number of functions which are protected by "stack canary" check to catch functions writing past their stack frame. This change was requested by SUSE security to make our kernels more resistant to some types of stack overflow attacks. Tests performed by kernel performance teams confirmed that performance impact is acceptable. - commit 4c43fab - Refresh patches.suse/0001-NFS-flush-out-dirty-data-on-file-fput.patch. - Refresh patches.suse/0001-NFSv4-don-t-let-hanging-mounts-block-other-mounts.patch. - NFS: Allow multiple connections to NFSv4.0 servers (fate#322786). - Refresh patches.suse/nfs-set-acl-perm.patch. - Delete patches.suse/0001-NFSv4-handle-EINVAL-from-EXCHANGE_ID-better.patch. - Delete patches.suse/0001-SUNRPC-Allow-creation-of-RPC-clients-with-multiple-c.patch. - Delete patches.suse/0001-sunrpc-include-sup-groups-in-hash.patch. - Delete patches.suse/0002-NFS-Add-a-mount-option-to-specify-number-of-TCP-conn.patch. - Delete patches.suse/0003-NFSv4-Allow-multiple-connections-to-NFSv4.x-x-0-serv.patch. - Delete patches.suse/0004-pNFS-Allow-multiple-connections-to-the-DS.patch. - Delete patches.suse/0005-NFS-Display-the-nconnect-mount-option-if-it-is-set.patch. - Delete patches.suse/0007-SUNRPC-Mask-XIDs-to-prevent-replay-cache-collision.patch. - Delete patches.suse/NFS-optional-NFSv4_2-fix.patch. - Delete patches.suse/NFS-optional-NFSv4_2.patch. - Delete patches.suse/d-lookup-fairness.fix. - Delete patches.suse/getcwd-close-race-with-d_move-called-by-lustre.patch. - Delete patches.suse/sunrpc-cache-handle-missing-listeners-better.patch. - Delete patches.suse/vfs-use-synchronize_rcu_expedited-in-namespace_unlock.patch. - commit 4685373 ++++ pango: - Update to version 1.44.6: + docs: Fix symbol indices. + Fix Thai line breaking. + Re-add symbols needed by some bindings. + Don't insert hyphens for some languages. + Fix a crash with hyphenation. ++++ systemd: - Upgrade to v243 (commit e0b24c4356aa0c1c56ff274ff72228f33482a5be) See https://github.com/openSUSE/systemd/blob/SUSE/v243/NEWS for details. This includes the following bug fixes: - upstream commit b2774a3ae692113e1f47a336a6c09bac9cfb49ad (CVE-2019-20386 bsc#1161436) - upstream commit 5406c36844b35504a64e9f05fc74b8e5e5a09143 (bsc#1132400) - upstream commit 83a32ea7b03d6707b8e5bb90a0b3a6eb868ef633 (bsc#1132721) - upstream commit 7cc5ef5f1811c539ae7f20255c2a093f413cc64f (bsc#1172824 bsc#1142733) - upstream commit 83cb24ac20baf19f7834931dcf6e03486b4c9c30 (bsc#1156213) - upstream commit a2dcb1d78737d3daa301ee63fbdd02837acb71a8 (bsc#1158485) - upstream commit 08185cff19efcb1d7d9fb7b546e7f516ab6dae91 (bsc#1165011) - upstream commit 59c55e73eaee345e1ee67c23eace8895ed499693 (bsc#1177510) Drop 0001-Revert-insserv.conf-generator.patch as it's been dropped from branch SUSE/v243 while we were rebasing. Drop 0001-rc-local-generator-deprecate-halt.local-support.patch as this functionality had been deprecated during the previous release and now have been dropped by upstream. ++++ libvirt: - virsh: use upstream name for migration precopy bandwidth parameter f4bdd829-rename-precopy-bandwidth.patch bsc#1145586 ++++ salt: - Fix virt.full_info (bsc#1146382) - virt.volume_infos: silence libvirt error message - virt.volume_infos needs to ignore inactive pools - Fix for various bugs in virt network and pool states - Implement network.fqdns module function (bsc#1134860) - Added: * 2019.2.0-pr-54196-backport-173.patch * virt.volume_infos-silence-libvirt-error-message-175.patch * fix-virt.full_info-176.patch * implement-network.fqdns-module-function-bsc-1134860-.patch * virt.volume_infos-needs-to-ignore-inactive-pools-174.patch ------------------------------------------------------------------ ------------------ 2019-9-2 - Sep 2 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Update to LVM2.2.03.05 - To drop lvm2-clvm and lvm2-cmirrord rpms (jsc#PM-1324) - Fix Out of date package (bsc#1111734) - Fix occasional slow shutdowns with kernel 5.0.0 and up (bsc#1137648) - Remove clvmd - Remove lvmlib (api) - Remove lvmetad - Drop patches that have been merged into upstream - bug-1114113_metadata-prevent-writing-beyond-metadata-area.patch - bug-1137296_pvremove-vgextend-fix-using-device-aliases-with-lvmetad.patch - bug-1135984_cache-support-no_discard_passdown.patch - Drop patches that have been nonexist/unsupport in upstream - bsc1080299-detect-clvm-properly.patch - bug-998893_make_pvscan_service_after_multipathd.patch - bug-978055_clvmd-try-to-refresh-device-cache-on-the-first-failu.patch - bug-950089_test-fix-lvm2-testsuite-build-error.patch - bug-1072624_test-lvmetad_dump-always-timed-out-when-using-nc.patch - tests-specify-python3-as-the-script-interpreter.patch - Update spec files - merge device-mapper, lvm2-lockd, lvm2 into one spec file - clvmd/lvmlib (api)/lvmetad had been removed, so delete related context in spec file - Update lvm.conf files - remove all lvmetad lines/keywords - add event_activation - remove fallback_to_lvm1 & related items - remove locking_type/fallback_to_clustered_locking/fallback_to_local_locking items - remove locking_library item - remove all special filter rules ++++ glib-networking: - Update to version 2.61.92: + Discard queued data after interrupted writes. + Verify socket timeouts are respected. + Fix a couple broken error messages. + Changes in version 2.61.90: + Fix translations of certain error messages + Changes in version 2.61.2: + Improve certain handshake error messages. + Fix regressions introduced in 2.61.1. + Changes in version 2.61.1: + This release contains a major refactoring of the TLS codebase. The GnuTLS backend now shares the same base classes as the OpenSSL backend, to avoid duplicating as much code as possible. The base classes, previously used only by the OpenSSL backend and originally forked from glib-networking several years ago, have been enhanced to achieve feature-parity with the current state of the GnuTLS backend. Please note that the OpenSSL backend remains experimental. Further planned work is required before this backend will be production-ready. ++++ glib2: - Update to version 2.61.2: + Add various new array functions (#236, #269, #373). + Rework how D-Bus connections are closed/unreffed when `g_test_dbus_down()` is called. Tests which leak a `GDBusConnection` may now time out and abort, rather than silently leaking. (#787) + Add a deprecation macro for GLib macros, and use it; third-party uses of long-deprecated GLib macros may now start causing warnings. (#1060). + Deprecate `GTime` and `GTimeVal`, and various functions which use them. Use `GDateTime` and `guint64` UNIX timestamps instead. + Stop using `G_DISABLE_DEPRECATED` to allow disabling deprecation warnings; third-party code should now be using `GLIB_VERSION_{MIN_REQUIRED, MAX_ALLOWED}` to control symbol usage. + Improve `GNetworkMonitor` detection of offline states (#1788). + Fix CVE-2019-12450, wide permissions of files when copying using GIO. - Changes from version 2.61.1: + Upgrade to Unicode Character Database v12.1. + Improve network availability detection with NetworkManager to treat lower levels of connectivity as having reduced availability. - Changes from version 2.61.0: + Add coloured output support to `gdbus introspect. + Updated translations. - Update to version 2.60.7: + Bugs fixed: glgo#GNOME/GLib#1819, glgo#GNOME/GLib#1847, glgo#GNOME/GLib!1012, glgo#GNOME/GLib!1013, glgo#GNOME/GLib!1061, glgo#GNOME/GLib!1065, glgo#GNOME/GLib!1081. ++++ ignition: - Update to version 2.0.1+git20190802.d523754: * main: log stage at startup - Add 0001-Continue-on-empty-GPT-partition-label.patch ++++ kernel-default: - Update to 5.3-rc7 - Refresh configs - IXP4xx SoC drivers not visible - gcc 9.2.1 - commit 9bff5f9 ++++ libeconf: - Update to version 0.0.0+git20190902.dd17c11: * Fix int64 variables on 32bit architectures ++++ libgcrypt: - Security fix: [bsc#1148987,CVE-2019-13627] * Mitigation against an ECDSA timing attack * Added libgcrypt-CVE-2019-13627.patch ++++ lvm2: - Update to LVM2.2.03.05 - To drop lvm2-clvm and lvm2-cmirrord rpms (jsc#PM-1324) - Fix Out of date package (bsc#1111734) - Fix occasional slow shutdowns with kernel 5.0.0 and up (bsc#1137648) - Remove clvmd - Remove lvmlib (api) - Remove lvmetad - Drop patches that have been merged into upstream - bug-1114113_metadata-prevent-writing-beyond-metadata-area.patch - bug-1137296_pvremove-vgextend-fix-using-device-aliases-with-lvmetad.patch - bug-1135984_cache-support-no_discard_passdown.patch - Drop patches that have been nonexist/unsupport in upstream - bsc1080299-detect-clvm-properly.patch - bug-998893_make_pvscan_service_after_multipathd.patch - bug-978055_clvmd-try-to-refresh-device-cache-on-the-first-failu.patch - bug-950089_test-fix-lvm2-testsuite-build-error.patch - bug-1072624_test-lvmetad_dump-always-timed-out-when-using-nc.patch - tests-specify-python3-as-the-script-interpreter.patch - Update spec files - merge device-mapper, lvm2-lockd, lvm2 into one spec file - clvmd/lvmlib (api)/lvmetad had been removed, so delete related context in spec file - Update lvm.conf files - remove all lvmetad lines/keywords - add event_activation - remove fallback_to_lvm1 & related items - remove locking_type/fallback_to_clustered_locking/fallback_to_local_locking items - remove locking_library item - remove all special filter rules ++++ libnftnl: - libnftnl version bump [jsc#SLE-7497] * iptables 1.8.3 needs libnftnl >= 1.1.3 ++++ podman: - Add patch for CVE-2019-10214. bsc#1144065 + CVE-2019-10214.patch ------------------------------------------------------------------ ------------------ 2019-9-1 - Sep 1 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: armv7hl: Enable cadence watchdog CONFIG_CADENCE_WATCHDOG is required for Zynq-7000 based MIYR Zturn board. - commit 64fda45 ------------------------------------------------------------------ ------------------ 2019-8-31 - Aug 31 2019 ------------------- ------------------------------------------------------------------ ++++ gsettings-desktop-schemas: - Update to version 3.33.90: + Add 'middle-click-emulation' setting. + Updated translations. - Changes from version 3.33.1: + Add 'enable-hot-corners' setting. + Updated translations. - Changes from version 3.33.0: + Add mount-removable-storage-devices-as-read-only lockdown option. + Add setting for overlay scrolling. + Add locate-pointer setting. + Add settings to store numlock state. + Updated translations. - Require meson >= 0.50.0. ++++ libeconf: - Update to version 0.0.0+git20190831.fb7c1bb: * Rewrite econf_readDirs - don't assume suffix is ".conf" - Read files and directories in correct order ++++ python-gobject: - Update to version 3.33.1: + Make GLib.Variant.unpack a bit less costly. + pygobject: ignore GParameter deprecations. + pygobject-object: fix refcount of floating return values. + pygi-info: remove some dead code. ------------------------------------------------------------------ ------------------ 2019-8-30 - Aug 30 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Update to version 1.61.2: + dumper: Use the distutils linker. + structinfo: Fix offset in find_method(). + tests: Don't include "config.h" in installed files. + meson: Make meson.override_find_program working on more complex use cases. - Changes from version 1.61.1: + Drop autotools build system. + meson: require 0.49.2. + Update glib annotations. + Add documentation to the RelaxNG schema. + Unused variable fixes. + cachestore: handle cache getting deleted while loading it. + Add Vulkan gir. + Make g_irepository_get_object_gtype_interfaces actually work. + gimarshallingtests: Add a marshalling test case for GPtrArrays and GArrays of structures. + scanner: parse and expose function macros. + meson: use pkg-config directly for libffi cflags and libs. + meson: Fix wrong dependency type check for gio-unix. + regress: Add regression test for signal with GError param. - Add Vulkan to typelib template. ++++ kernel-default: - config: enable armv7hl Import armv7hl configs from master branch, update them for Leap 15.2 and enable in config.conf. - commit f85f2d7 - Delete patches.suse/nvdimm-testing-provide-SZ_4G.patch. The patch was SLE15{,-SP1} specific to provide a constant already contained in kernel 5.3. - commit 4ea3f92 - config.conf: Update ARMv6 config files - commit c17167d - config.conf: Reenable ARMv7 config for Kernel 5.3 All modules plus errata's enabled. Reused other values from x86_64 update. - commit b1c627e - Add "drm/ttm: Remove warning about inconsistent mapping information" This patch removes a warning that causes bug reports unnecessarily. - commit 4a7bc21 - Add "Reserve 64MiB of CMA for RPi3's VC4" Taking this patch from SLE15-SP1 with updates for v5.3. Enables display when booting RPi3 installer. - commit 9fab830 - Remove "drm/msm: fix address space warning" The respective code was removed in v4.20. - commit 3d7e3d1 - Refresh patches.suse/0003-kabi-Add-placeholders-to-a-couple-of-important-struc.patch. Add more placeholders to device.h. In particular, to structs bus_type, device_driver, class, and device. - commit c4220a5 ++++ libeconf: - Update to version 0.0.0+git20190830.04ba053: * Make clear that the API and ABI of the three functions econf_newIniFile, econf_newKeyFile, econf_writeFile are not stable yet. * Fix getGroups argument types and add several test cases for this. * Fix cppcheck and compiler warnings ++++ nghttp2: - Conditionally remove dependecy on jemalloc for SLE-12 ++++ snapper: - reusing existing subvolumes on mksubvolume run (bsc#1138725, bsc#1126900, gh#openSUSE/snapper#236) ++++ salt: - Restore default behaviour of pkg list return (bsc#1148714) - Strip trailing "/" from repo.uri when comparing repos in apktpkg.mod_repo (bsc#1146192) - Added: * strip-trailing-from-repo.uri-when-comparing-repos-in.patch * restore-default-behaviour-of-pkg-list-return.patch ++++ slirp4netns: - Update to 0.4.1 * Support specifying netns path (slirp4netns --netns-type=path PATH TAPNAME) * Support specifying --userns-path * Vendor https://gitlab.freedesktop.org/slirp/libslirp (QEMU v4.1+) * Bring up loopback device when --configure is specified * Support sandboxing by creating a mount namespace (--enable-sandbox) * Support seccomp (--enable-seccomp) - Add new build dependencies libcap-devel and libseccomp-devel ++++ yast2: - yast completions have to be named after their respective command name (bsc#1122259) - 4.2.19 ++++ zypper: - Ignore SIGPIPE while STDOUT/STDERR are OK (bsc#1145521) - Dump stacktrace on SIGPIPE (bsc#1145521) - info: The requested info must be shown in QUIET mode (fixes #287) - version 1.14.30 ------------------------------------------------------------------ ------------------ 2019-8-29 - Aug 29 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: cxlflash: Mark expected switch fall-throughs (bsc#1148868). - commit ea514bf ++++ multipath-tools: - Update to version 0.8.2+17+suse.21ac578: * kpartx: recognize DASD on loop devices again (bsc#1139775) * Pull in SLE15-SP1 patches yet missing upstream - Update to upstream version 0.8.2 (bsc#1148767) * libmultipath: more cautious blacklisting by missing property (don't blacklist paths because of temporarily missing udev properties) * code correctness fixes from coverity and gcc9 warnings * fixes for VPD80/83 parsing - Update to upstream version 0.8.1 (bsc#1148767) * Improve handling of changed WWIDs and temporary failure to obtain WWID. Option "disable_changed_wwids" is now ignored. * Fixes for PATH_PENDING state handling (bsc#1125043) * libmutipath: continue to use old state on PATH_PENDING * libmultipath: disable user_friendly_names for NetApp * various fixes for marginal path code - Update to upstream version 0.8.0 (bsc#1148767) * multipathd: fix pp->initialized state ping-ponging * multipath: blacklist zram devices ++++ libeconf: - Update to version 0.0.0+git20190829.a1479b1: * Make comment argument an array, so that we can support more than one comment character in the future. * Change the API * Fix size_t as return value of getc() - Update to version 0.0.0+git20190829.209219e: * Convert all functions to new error API * Convert econf_newKeyFile provide the error via return code ++++ openssl-1_1: - Upgrade to 1.1.1c (jsc#SLE-9135, bsc#1148799) * Support for TLSv1.3 added * Allow GNU style "make variables" to be used with Configure. * Add a STORE module (OSSL_STORE) * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes * Add multi-prime RSA (RFC 8017) support * Add SM3 implemented according to GB/T 32905-2016 * Add SM4 implemented according to GB/T 32907-2016. * Add 'Maximum Fragment Length' TLS extension negotiation and support * Add ARIA support * Add SHA3 * Rewrite of devcrypto engine * Add support for SipHash * Grand redesign of the OpenSSL random generator - drop FIPS support * don't build with FIPS mode (not supported in 1.1.1) - drop FIPS patches * openssl-fips-clearerror.patch * openssl-fips_disallow_ENGINE_loading.patch * openssl-fips-dont-fall-back-to-default-digest.patch * openssl-fips-dont_run_FIPS_module_installed.patch * openssl-fips-fix-odd-rsakeybits.patch * openssl-fips-rsagen-d-bits.patch * openssl-fips-selftests_in_nonfips_mode.patch * openssl-rsakeygen-minimum-distance.patch * openssl-1.1.0-fips.patch - add TLS 1.3 ciphers to DEFAULT_SUSE - merge openssl-1.0.1e-add-suse-default-cipher.patch and openssl-1.0.1e-add-test-suse-default-cipher-suite.patch to openssl-DEFAULT_SUSE_cipher.patch - Use upstream patch for the locale crash (bsc#1135550) * https://github.com/openssl/openssl/pull/8966 * add 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch - drop patches (upstream): * openssl-Bleichenbachers_CAT.patch * openssl-CVE-2018-0734.patch * openssl-CVE-2018-0735.patch * openssl-CVE-2019-1543.patch * openssl-disable_rsa_keygen_tests_with_small_modulus.patch * openssl-dsa_paramgen2_check.patch * openssl-One_and_Done.patch * openssl-speed_skip_binary_curves_NO_EC2M.patch * openssl-static-deps.patch * openssl-urandom-reseeding.patch * 0001-Add-a-constant-time-flag-to-one-of-the-bignums-to-av.patch * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch * 0001-DSA-mod-inverse-fix.patch * 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch * 0001-apps-speed-fix-segfault-while-looking-up-algorithm-n.patch - drop s390x patches (rebased): * 0002-s390x-assembly-pack-add-KMA-code-path-for-aes-ctr.patch * 0003-crypto-aes-asm-aes-s390x.pl-replace-decrypt-flag-by-.patch * 0004-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch * 0005-s390x-assembly-pack-add-KMAC-code-path-for-aes-ccm.patch * 0006-s390x-assembly-pack-add-KM-code-path-for-aes-ecb.patch * 0007-s390x-assembly-pack-add-KMO-code-path-for-aes-ofb.patch * 0008-s390x-assembly-pack-add-KMF-code-path-for-aes-cfb-cf.patch * 0009-Fix-undefined-behavior-in-s390x-aes-gcm-ccm.patch * 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch * 0001-s390x-assembly-pack-extend-s390x-capability-vector.patch - add s390x patches: * 0001-s390x-assembly-pack-perlasm-support.patch * 0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch * 0003-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch * 0004-s390x-assembly-pack-fix-formal-interface-bug-in-chac.patch * 0005-s390x-assembly-pack-import-chacha-from-cryptogams-re.patch * 0006-s390x-assembly-pack-import-poly-from-cryptogams-repo.patch ++++ openssl: - Upgrade to 1.1.1c release to get TLS 1.3 support (jsc#SLE-9135, bsc#1148799) ++++ slirp4netns: - Update to 0.3.3 * Fix use-after-free in libslirp ------------------------------------------------------------------ ------------------ 2019-8-28 - Aug 28 2019 ------------------- ------------------------------------------------------------------ ++++ e2fsprogs: - libext2fs-call-fsync-2-to-clear-stale-errors-for-a-n.patch: libext2fs: call fsync(2) to clear stale errors for a new a unix I/O channel (bsc#1145716) ++++ glib-networking: - Move LICENSE_EXCEPTION to %license. ++++ libguestfs: - Add sysconfig-netconfig to appliance (boo#1136878) Patches added: netconfig.patch ++++ kernel-default: - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (CVE-2019-14814,bsc#1146512,CVE-2019-14815,bsc#1146514,CVE-2019-14816,bsc#1146516). - commit 528fd68 - supported.conf: drop obsolete entries Drop supported.conf entries not matching any module built on any supported architecture. This commit mostly drops entries for modules built in master branch but not SLE15-SP2. Moved and no longer existing modules were handled in previous commits in master branch. - commit 97fd102 - supported.conf: mark more core networking modules supported Two more netfilter modules and one more *_diag should be supported too. - commit bee2dd8 - supported.conf: update status of some networking core modules This marks new networking modules which should be supported as such; it is mostly netfilter and traffic control modules which have been following the "support all of them" policy for some time. - commit 65e1131 - supported.conf: obsolete paths cleanup Update paths for existing modules which were moved, clean up duplicate entries and drop entries for modules which no longer exist (either not built any more or built into the image now). - commit 3bb142a - powerpc/64s: support nospectre_v2 cmdline option (bsc#1131107). - commit 9cef94b ++++ libeconf: - Update to version 0.0.0+git20190828.74eeb32: * Fix tst-arguments3 and tst-arguments4 and only use error return code. * Bug fixes for new API * Change API of econf_get* and econf_set* functions to return error code direct. * Fix some compiler warnings * Prevent possible crash when parsing 0xFF * Add "--enable-compiler-warnings" option to enable much more GCC compiler warnings * Fix more cppcheck warnings * Fix github actions build * Update bin/Makefile.am to work with Asan * Add missing tst-getconfdirs4-data to EXTRA_DIST * Fix some cppcheck warnings * Don't ignore getline return value * Add free for getStringValue in tst-group1 * Remove XFAIL for tst-groups1 * Update example.c to free after getStringValue * Add addbrackets for getValue functions * tst-getconfdirs4: make sure, only a file in /etc/ and not in /usr/etc works, too. ++++ libsolv: - Fix repository priority handling for multiversion packages - Make code compatible with swig 4.0, remove obj0 instances - repo2solv: support zchunk compressed data - bump version to 0.7.6 ++++ libxml2: - Synchronize changelog files for libxml2 and python-libxml2-python [bsc#1123919] ++++ rebootmgr: - Preserve /etc/rebootmgr.conf if modified ------------------------------------------------------------------ ------------------ 2019-8-27 - Aug 27 2019 ------------------- ------------------------------------------------------------------ ++++ libdb-4_8: - Add opd deadlock patch as found and documented by Red Hat. (bsc#1148244) * 0001-OPD-deadlock-RH-BZ-1349779.patch ++++ gzip: - refresh gzip-1.10-ibm_dfltcc_support.patch to fix three data corruption issues [bsc#1145276] [jsc#SLE-5818] [jsc#SLE-8914] ++++ kernel-default: - series.conf: add section for SUSE kabi padding patches Leave "kABI consistency patches" only for patches.kabi/* - commit 81c3a75 - series.conf: move unguarded patches from review section - commit 6de2b58 - rpm: raise required disk space for binary packages Current disk space constraints (10 GB on s390x, 25 GB on other architectures) no longer suffice for 5.3 kernel builds. The statistics show ~30 GB of disk consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB in general and 14 GB on s390x. - commit 527cb66 - enable and refresh patches.suse/memcg-deprecate-memory.force_empty-knob.patch. - enable patches.suse/mm-inform-about-enabling-mirrored-memory.patch both patches are minimal and still useful to identify future supportability problems. - commit 93500e8 - Update patches.suse/ext4-unsupported-features.patch (fate#317919, SLE-8615). - commit 3b1bc66 - Refresh and enable valid patches from SLE15-SP1: - Refresh patches.suse/ext4-dont-warn-when-enabling-DAX.patch. - Refresh patches.suse/ext4-unsupported-features.patch. - Refresh patches.suse/unsupported-features.patch. - commit 9ef1a75 - Remove patches obsoleted by upstream changes: - Delete patches.suse/arch-powerpc-dax-Add-MAP_SYNC-mmap-flag.patch. - Delete patches.suse/block-Don-t-revalidate-bdev-of-hidden-gendisk.patch. - Delete patches.suse/fs-speedup-clean-bdev-aliases.patch. - Delete patches.suse/mm-migrate-Fix-reference-check-race-between-__find_get_block-and-migration.patch. - Delete patches.suse/powerpc-Add-pmem.h.patch. - commit 21008fb - Refresh patches.suse/qlge-Deduplicate-lbq_buf_size.patch. - Refresh patches.suse/qlge-Deduplicate-rx-buffer-queue-management.patch. - Refresh patches.suse/qlge-Remove-bq_desc.maplen.patch. - Refresh patches.suse/qlge-Remove-useless-dma-synchronization-calls.patch. Reenable qlge patch series for bsc#1106061 - commit b2971c6 ++++ libeconf: - Update to version 0.0.0+git20190827.5ed5492: * Mark all input char pointer as const in the official API - Update to version 0.0.0+git20190827.b243e6c: * getStringValueNum returns a newly allocated string or NULL in error case. - Update to version 0.0.0+git20190827.8374759: * Fix missing return * Remove XFAIL for tst-setgetvalues1 * Fix representation of float and double values * Add preliminary test case for group handling * NULL terminate string returned by addbrackets * Fix addbrackets function ++++ libvirt: - virsh: support for setting precopy bandwidth in migrate 3d179919-virsh-precopy-bandwidth.patch bsc#1145586 - Rename patches to include commit ID revert-d00c77ae.patch -> 18d47d61-revert-d00c77ae.patch libxl-pmsuspend-event.patch -> d6943eab-libxl-pmsuspend-event.patch ++++ podman: - Update podman to v1.5.1 * Features - The hostname of pods is now set to the pod's name * Bugfixes - Fixed a bug where podman run and podman create did not honor the --authfile option (#3730) - Fixed a bug where containers restored with podman container restore - -import would incorrectly duplicate the Conmon PID file of the original container - Fixed a bug where podman build ignored the default OCI runtime configured in libpod.conf - Fixed a bug where podman run --rm (or force-removing any running container with podman rm --force) were not retrieving the correct exit code (#3795) - Fixed a bug where Podman would exit with an error if any configured hooks directory was not present - Fixed a bug where podman inspect and podman commit would not use the correct CMD for containers run with podman play kube - Fixed a bug created pods when using rootless Podman and CGroups V2 (#3801) - Fixed a bug where the podman events command with the --since or --until options could take a very long time to complete * Misc - Rootless Podman will now inherit OCI runtime configuration from the root configuration (#3781) - Podman now properly sets a user agent while contacting registries (#3788) - Add zsh completion for podman commands ++++ rebootmgr: - Update to version 0.19 - use libeconf for /usr/etc move ------------------------------------------------------------------ ------------------ 2019-8-26 - Aug 26 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049+git108.6c9d1156: * dracut-init.sh: Nuke unused install_kmod_with_fw function * dracut-install: Support the compressed firmware files correctly (boo#1146769) * dracut: let module handling function accept optional path option * dracut.sh: Fix udevdir detection ++++ kernel-default: - sched: Further improve spurious CPU_IDLE active migrations (bnc# 986383). - Update patches.suse/cpufreq-ondemand-set-default-up_threshold-to-30-on-multi-core-systems.patch (bnc#464461,bnc#981838,bnc#1064414,bnc#1144943). - Refresh patches.suse/mm-Warn-users-of-node-memory-hot-remove-if-the-memory-ratio-is-a-high-risk.patch. - Update patches.suse/sched-Fix-up-proc-sched_debug-to-print-only-runnable-tasks-again.patch (none, should be posted upstream). - Update patches.suse/sched-fair-Enable-SIS_AVG_CPU-by-default.patch (bsc#1061593,bsc#1148030). - Refresh patches.suse/sched-topology-Improve-load-balancing-on-AMD-EPYC.patch. - Delete patches.suse/0001-Revert-mm-vmacache-optimize-overflow-system-wide-flu.patch. - Delete patches.suse/0001-sched-wake_q-Reduce-reference-counting-for-special-u.patch. - Delete patches.suse/cpufreq-intel_pstate-Ramp-up-frequency-faster-when-utilisation-reaches-setpoint.patch. - Delete patches.suse/cpufreq-intel_pstate-Temporarily-boost-P-state-when-exiting-from-idle.patch. - Delete patches.suse/cpufreq-intel_pstate-Update-setpoint-for-unspecified-ACPI-profile.patch. - Delete patches.suse/cpufreq-intel_pstate-Use-load-based-policy-by-default-but-allow-PID-to-be-used.patch. - Delete patches.suse/mm-Adjust-watermark-boost-factor-tunable.patch. - Delete patches.suse/mm-migrate-Fix-reference-check-race-between-__find_get_block-and-migration.patch. - Delete patches.suse/mm-page_alloc.c-use-a-single-function-to-free-page.patch. - commit 9de058d - usb: Introduce Xen pvUSB frontend (xen hcd) (fate#315712). - Update config files. - usb: Add Xen pvUSB protocol description (fate#315712). - commit b32b2bd - Delete patches.suse/mm-sparse-do-not-swamp-log-with-huge-vmemmap-allocat-fix.patch. not applicable as explained in the patch description. - commit fbed5c2 - Delete patches.suse/mm-__init_single_page-do-not-zero-core-struct-pages.patch. Not applicable because it was a fallout of a partial backport as noted in the changelog. - commit 1e8b220 - Delete patches.suse/0001-memory_hotplug-add-missing-newlines-to-debugging-out.patch. merged as 1ecc07fd0a6d350bbf4dc176e0d654661b304a30 in 5.0 - commit 5aa2923 - Delete patches.suse/0001-x86-speculation-Prepare-entry-code-for-Spectre-v1-sw.patch. - Delete patches.suse/0002-x86-speculation-Enable-Spectre-v1-swapgs-mitigations.patch. - Delete patches.suse/x86-speculation-swapgs-exclude-ATOMs-from-speculating-through-SWAPGS.patch. swapgs fixes have been merged in 5.3-rc3. - commit 24d8d43 - Delete patches.suse/0049-commit-833689044e13a3fb8c6c03ad868375670d97010b.patch. No longer needed in SP2 - commit 13a1350 - Refresh patches.suse/0002-Add-a-void-suse_kabi_padding-placeholder-to-some-USB.patch. Shifted kABI placeholders back where they belong - commit 2d913e0 - Update reference for ath6kl fix (CVE-2019-15290,bsc#1146543). - commit b08d3d5 - Fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe (CVE-2019-15098,bsc#1146378). - Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe (CVE-2019-15099,bsc#1146368). - commit 758e216 - Delete patches.suse/tty-make-R3964-line-discipline-fail.patch. We no longer build (and support) R3964. - commit 85b2e98 - Delete patches.suse/mlxsw-spectrum-Forbid-linking-to-devices-fix.patch. This was a fix for a bad commit in 4.12.* stable. - commit e8f9b29 - Refresh patches.suse/0003-kabi-Add-placeholders-to-a-couple-of-important-struc.patch. Enable it and add one more placeholder to mm_context_t. - commit 00e7e80 - Delete patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. - Delete patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. - Delete patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. - Delete patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. - Delete patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. - Delete patches.suse/IBRS-forbid-shooting-in-foot.patch. - Delete patches.suse/do-not-default-to-ibrs-on-skl.patch. Drop IBRS as we disabled it later anyway. - commit c03b8fa - Fix a double free bug in rsi_91x_deinit (bnc#1147116 CVE-2019-15504). - commit 8ae43d1 ++++ libeconf: - Update to version 0.0.0+git20190826.99b6bf3: * Add more "const". * Fix setString and setBoolean * Add test suite which sets and gets all possible kind of types. Some are failing, so mark this test as XFAIL. * Start marking some string arguments/results as const * Optimize some strdup away * Mark econf_write_key_file as ALPHA as the API is not stable - Update to version 0.0.0+git20190826.9e69003: * Update ccpp.yml * Add --enable-compiler-checks option to configure, enables AddressSanitizer * Fix printf format directive * Rework set*Value functions for error checking and error handling * Add tst-getconfdirs3: verify we can load original file without local changes * Error handling for econf_getGroups and econf_getKeys * More errorreporting changes * Fix make distcheck/don't mess around with libtool install/uninstall, this breaks to much other stuff. * Autotools cleanup and fixes * Fix logindefs1 test case ++++ Mesa: - Update to version 19.1.5 * bugfix release ++++ mdadm: - 0012-mdadm-add-no-devices-to-avoid-component-devices-deta.patch (bsc#1139709) mdadm: add --no-devices to avoid component devices detail information - 0013-udev-add-no-devices-option-for-calling-mdadm-detail.patch (bsc#1139709) udev: add --no-devices option for calling 'mdadm --detail' ------------------------------------------------------------------ ------------------ 2019-8-25 - Aug 25 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.3-rc6 - commit 2831011 - Delete patches.suse/0001-module-warn-if-module-init-probe-takes-long.patch. - commit f81e033 - Delete patches.suse/xfs-add-option-to-mount-with-barrier-0-or-barrier-1.patch. Since v4.10-rc1 xfs has deprecated all options that explicitly control barriers with commit 4cf4573d899c ("xfs: deprecate barrier/nobarrier mount option"). Drop backwards-compat patch for parsing the obsolete barrier=[0|1] syntax of the option, since supporting this causes more confusion and gives the false impression that disabling barriers is still a possibility. - commit 0ac0c38 - xfs: remove experimental tag for dax support (FATE#324503). - commit f13a4a4 - Delete patches.suse/xfs-unsupported-features.patch. Drop unsupported features patch which was marking reflink and rmap as unsupported. The experimental tags were dropped for both features and thus marked stable upstream on v4.16-rc1, with the two following commits: commit 1e369b0e199b ("xfs: remove experimental tag for reflinks") commit 76883f7988e6 ("xfs: remove experimental tag for reverse mapping") While we follow upstream here, SLE15.2 xfsprogs/mkfs.xfs will not be switching on reflink/rmap by default for newly created filesystems. Regarding dax, contrary to upstream we have been supporting it for a while and removing the experimental tag, and we will continue doing so. The related patch for DAX will be posted as a separate commit for clarity. - commit f84ab02 ------------------------------------------------------------------ ------------------ 2019-8-24 - Aug 24 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Upstream has an actual description, use it instead of just duplicating the summary again. ------------------------------------------------------------------ ------------------ 2019-8-23 - Aug 23 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - remove stale SLE15-SP1 patches, keep a pci-hyperv patch (bsc#1142701) - commit b0bbc9a - Fix livepatch build. - commit b7e78e8 - Move a PCI fix patch to the-stairway-to-heaven section - commit 3c94e42 - Drop downstream DRM mgag200 patches Some of them are no longer applicable, some are invalid, and the rest won't be taken by upstream. Let's rip them off. - commit 1108d1d - Delete patches.suse/irq-stub-affinity.patch. - commit f5fe3d1 - series.conf: move submitted patch out of sorted section Move patches.suse/ibmveth-Update-ethtool-settings-to-reflect-virtual-p.patch from sorted section to "soon to be mainline" section. For SLE15-SP2, we only want patches which git_sort can do something with in sorted section. Moreover, upstream discussion suggests that this patch is unlikely to be accepted in this form. - commit 46df5db - Remove obsolete build fix. Delete patches.suse/Fix-build-error-in-drmem.c.patch. - commit 39eb823 - Restore ibmveth patch. Refresh patches.suse/ibmveth-Update-ethtool-settings-to-reflect-virtual-p.patch. - commit d129c25 - Remove obsolete kABI padding in paca. Delete patches.suse/powerpc-KABI-add-aux_ptr-to-hole-in-paca_struct-to-e.patch. - commit ae6527d - Restore s390 crash KMP export. - commit 2850611 - Delete obsolete pkey and bcm2835 patches. - commit 7f76e58 - Delete patches.suse/qla2xxx-Enable-T10-DIF-with-FC-NVMe-enabled.patch. - Delete patches.suse/s390-sles15-03-01-rwlock.patch. - Delete patches.suse/scsi-qla2xxx-do-not-crash-on-uninitialized-pool-list.patch. - Delete patches.suse/scsi-qla2xxx-qla2x00_alloc_fw_dump-set-ha-eft.patch. - commit 9c5d24e - Refresh patches.suse/md-display-timeout-error.patch. - commit 83d69fe - Delete patches.suse/nvme-multipath-round-robin-I-O-policy.patch. - commit cb248a3 - Delete patches.suse/qla2xxx-always-allocate-qla_tgt_wq.patch. - commit 7005228 - Delete patches.suse/block-Fix-a-NULL-pointer-dereference-in-generic_make.patch. - commit 5284ba5 - Delete patches.suse/dasd_fba-Display-00000000-for-zero-page-when-dumping.patch. - Delete patches.suse/s390-sles15-message-catalog.patch. - commit 6885922 - Revive some downstream DRM patches and delete obsoleted patches Refreshed for 5.3: patches.suse/drm-i915-Disable-tv-output-on-i9x5gm patches.suse/drm-mgag200-Implement-basic-PM-support Deleted, as no longer needed for 5.3: patches.suse/HID-quirks-fix-support-for-Apple-Magic-Keyboards.patch patches.suse/Input-synaptics-Add-intertouch-blacklist-for-Thinkpa.patch patches.suse/drm-i915-CVE-2018-20669-access-check.patch patches.suse/kernel-Export-mm_access.patch patches.suse/mmc-version-check-printk-downgrade patches.suse/tpm-Downgrade-error-level patches.suse/tty-Don-t-return-EAGAIN-in-blocking-read.patch - commit d9bc0ec - Delete patches.suse/irda-Fix-memory-leak-caused-by-repeated-binds-of-ird.patch patches.suse/irda-Only-insert-new-objects-into-the-global-databas.patch These are CVE fixes for a driver dropped in mainline 4.17. - commit 2f68f7e - import non-mainline SLE15-SP1 patches Import all SLE15-SP1 (kernel-source commit 0181a93c80e7) patches which are not in mainline yet (as of commit 59c36bc8d377). All patches are added at the end of series.conf with a guard indicating who is/was responsible for them (using first of From:, Signed-off-by:, Acked-by:, Reviewed-by: and commiter with address containing '@suse.' or '@novell.'). Some of non-mainline patches in SLE15-SP1 branch match existing SLE15-SP2 patches. For these, SLE15-SP2 version (inherited from master branch) is preserved. This commit has no effect on expanded tree. - commit ec8941d - rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo. - commit 36acf91 - update branch metadata - fix OBS build project (15.1 -> 15.2) - set BUGZILLA_PRODUCT to "openSUSE Distribution" - commit faed656 ++++ libeconf: - Update to version 0.0.0+git20190823.09a8f2e: * Fix buffer overlow of realpath - Update to version 0.0.0+git20190823.acd8cdf: * Update ccpp.yml * Fix crash in strcmp, if strchr returns NULL * Add error reporting to econf_merge_key_files and adjust the depending code. * setStringValue return NULL on error/key not found * Add framework for correct error reporting * Disable searching through XDG dirs for now * Add test cases for econf_get_conf_from_dirs * Update comment setValue -> econf_setValue * Update test cases to use econf_destroy * Replace econf_afree with econf_destroy in example * Add _generic macro to free memory of econf_ functions * Add tst-merge2 to .gitignore * Fix pointer arithmetic * Adjust Makefiles and code to make "make distcheck" working ------------------------------------------------------------------ ------------------ 2019-8-22 - Aug 22 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-07-82a17f1689e8957635c8ccaae7c9b3bff7f94d49.patch * add sysctl.d/51-network.conf to tighten network security a bit see also (boo#1146866) (jira#SLE-9132) ++++ bcache-tools: - Add a _service file for the tarball from outer space. - Shift the version number to 1.0.8+suse5 because there has never been a 1.0.9 release. ++++ libguestfs: - Remove empty /etc/libguestfs-tools.conf ++++ kernel-default: - Pull packaging cleanup from mkubecek. - Parametrize kgraft vs livepatch. - commit 16f6816 - rpm/config.sh: Enable livepatch. - commit e001776 - config: import configs from master branch Copy Tumbleweed configs from master branch, adjust CONFIG_SUSE_* options for openSUSE Leap 15.2 and refresh the configs with gcc 7.4. - commit 5a5dbd7 - update branch metadata - update README.BRANCH text - update build project in rpm/config.sh - commit 6408d97 - config: restore correct PHYSICAL_START and PHYSICAL_ALIGN on x86_64 These were already fixed in master by kernel-source commit baa2434a5ab6 but old (and wrong) values were restored by merge of SLE15-SP1 config. Fix them also in SLE15-SP2 now. - commit 9b6f95a - config: update from SLE15-SP2 In general, we want features and drivers from SLE also in openSUSE unless we have a good reason not to. Enable most config options which were disabled in master but enabled in SLE15-SP2 (inherited from SLE15-SP1). - commit 769684a ++++ libeconf: - Update to version 0.0.0+git20190822.bb9702b: * Ignore /usr file if /etc exists when merging * Add NULL value handling * Update merge example * Rework merge_functionality * Use deep copies instead of pointers for merged files * Replace [] with KEY_FILE_NULL_VALUE * Refactor getfilecontent functions * Remove cmake files * Fix test cases * Update libeconf.c * Change License from LGPL-2.1 to MIT * libeconf.pc should only be deleted on distclean, not normal clean * Fix delim argument * Add more test cases for login.defs and wrong arguments * Link libeconf against libm, so that it is enough to link an application against libeconf and developers don't need to bother with other dependencies * Add autogen.sh, which calls autoconf/automake/libtool in the correct order to create the configure script ------------------------------------------------------------------ ------------------ 2019-8-21 - Aug 21 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/rtas: use device model APIs and serialization during LPM (bsc#1144123 ltc#178840). - commit 9f79b99 - series.conf: reorganize sections With ~40 patches in master branch, we have accumulated way too many sections in series.conf, some of them being very specific. While new SLE and Leap branches are going to have more patches, vast majority of them is going to end up in the sorted section (e.g. less than 1% of SLE15-SP1 patches are neither sorted nor stable baskports right now - and that includes quite a few which would actually belong into the sorted section but are left outside for historical reasons). After the reorganization, series.conf is ordered like this: - stable backports (patches.kernel.org/*) - tweaks applied to vanilla (patches.rpmify/*) - sorted section (not in master) - unsorted patches expected to get into mainline soon - permanent and longterm non-upstream patches - kabi hacks (not in master) This commit has no effect on expanded tree. - commit 8ac1895 - series.conf: cleanup Only whitespace and comments, no efect on expanded tree. - commit bf21808 ++++ multipath-tools: - Set default for "enable_foreign" to "NONE" (bsc#1139837) * added libmultipath-set-enable_foreign-to-NONE-by-default.patch ++++ icu: - Remove old obsoletes/provides for migration from very old products, as they break our shared library policy (bsc#1146907). ++++ u-boot-rpiarm64: - update_git.sh: Allow GIT_LOCAL_TREE to be a soft link as well ------------------------------------------------------------------ ------------------ 2019-8-20 - Aug 20 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: import SLE15-SP1 configs Replace configs inherited from master branch by proper SLE ones. With few obvious exceptions, the initial SLE15-SP2 configs were created using these rules (for each option, use first rule which applies): - use value explicitly changed with reference to a feature or a bug - use value from SLE15-SP1 if the option exists there - use value from master if the option exists there - use upstream default The configs will need review by people responsible for specific kernel subsystems and architectures. Also update supported.conf with new modules: - add intel_pmc_core_pltdrv as unsupported - fix cfb{copyarea,fillrect,imgblt} path and mark "+base" as virtio-gpu depends on them - commit dded633 ++++ libeconf: - Update to version 0.0.0+git20190820.742af8c: * Remove accidental .swp file * Update example with conf.d directory * Remove regex, replace with strchr(delim, ch) * Add symbol versioning Don't ignore complete lib directory * Include all headers in tar archive * Don't define our own errno * Remove wrong commit * Add some basic tests - Update to version 0.0.0+git20190807.7aedb57: * Refactor getfilecontent functions * Update example file * Add econf prefix to public API functions * Add cmake targets for debugging * Fix build with cmake * Fix build with autotools * Move Key_File allocation from the stack to the heap * Move Key_File create functions to libeconf.c * Move destroy functions from helpers.c to libeconf.c * Add macro to set supported types generic. ++++ zstd: - Update to version 1.4.3 * bug: Fix Dictionary Compression Ratio Regression (#1709) * bug: Fix Buffer Overflow in v0.3 Decompression (#1722) * build: Add support for IAR C/C++ Compiler for Arm (#1705) * misc: Add NULL pointer check in util.c (#1706) ------------------------------------------------------------------ ------------------ 2019-8-19 - Aug 19 2019 ------------------- ------------------------------------------------------------------ ++++ libdb-4_8: - Remove the getpatches as it does not work at all, oracle removed the pages - Use spec-cleaner - Fix stripped debuginfo to make sure we can debug with libdb ++++ fuse-overlayfs: - Update to v0.5.1 - support fuse writeback cache and enable it by default - update to latest gnulib - add option to disable fsync - add option to disable xattrs - add option to skip ino number check in lower layers - fix fd validity check - fix memory leak - fix read after free - fix type for flistxattr return - fix warnings reported by lgtm.com - enable parallel dirops ++++ gstreamer-plugins-base: - Drop pkgconfig(gdk-pixbuf-2.0), pkgconfig(gtk+-3.0) and pkgconfig(gtk+-x11-3.0) BuildRequires and pass --disable-examples to configure (we already do in meson conditional): Only needed to build the examples. - Add explicit pkgconfig(wayland-protocols) BuildRequires: Previously pulled in by gtk3 dependency. - Add explicit conditional pkgconfig(cairo) BuildRequires for openSUSE versions older than current Tumbleweed, workaround bug in pangocairo dependencies in those releases. Also previously pulled in by gtk3 dependency. ++++ kernel-default: - Update config files. As per https://jira.suse.com/browse/SLE-7041 Factory first! - commit 126cef1 - Update README.BRANCH - drop Jeff Mahoney (inherited from master) - add Miroslav Benes as comaintainer - drop misleading paragraph left from master branch - commit 4300e4e - Update to 5.3-rc5 - Refresh configs - RDMA_SIW available on i386 (=m) - clean up unavailable options - commit cadbe00 ++++ libnftnl: - Update to new upstream release 1.1.4 * Add ct id support, add ct expectation support, add synproxy support. ++++ nghttp2: - Require correct library from devel package - boo#1125689 - Update to version 1.39.2 (bsc#1146184, bsc#1146182): * This release fixes CVE-2019-9511 “Data Dribble” and CVE-2019-9513 “Resource Loop” vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for details. For nghttpx, additionally limiting inbound traffic by - -read-rate and --read-burst options is quite effective against this kind of attack. * Add nghttp2_option_set_max_outbound_ack API function * nghttpx: Fix request stall ++++ openssh: - don't install SuSEfirewall2 service on Factory, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html ------------------------------------------------------------------ ------------------ 2019-8-18 - Aug 18 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: arm64: Enable I2C_IMX (boo#1146026) Needed for Google Coral board. - commit 8803b04 ------------------------------------------------------------------ ------------------ 2019-8-17 - Aug 17 2019 ------------------- ------------------------------------------------------------------ ++++ libeconf: - Initial version ------------------------------------------------------------------ ------------------ 2019-8-16 - Aug 16 2019 ------------------- ------------------------------------------------------------------ ++++ bash: - Rework patch readline-7.0-screen.patch again for bug boo#1143055 * Map all "screen(-xxx)?.yyy(-zzz)?" to "screen" as well as map "konsole(-xxx)?" and "gnome(-xxx)?" to "xterm" ++++ cni-plugins: - Update plugins to v0.8.2 + New features: * Support "args" in static and tuning * Add Loopback DSR support, allow l2tunnel networks to be used with the l2bridge plugin * host-local: return error if same ADD request is seen twice * bandwidth: fix collisions * Support ips capability in static and mac capability in tuning * pkg/veth: Make host-side veth name configurable + Bug fixes: * Fix: failed to set bridge addr: could not add IP address to "cni0": file exists * host-device: revert name setting to make retries idempotent (#357). * Vendor update go-iptables. Vendor update go-iptables to obtain commit f1d0510cabcb710d5c5dd284096f81444b9d8d10 * Update go.mod & go.sub * Remove link Down/Up in MAC address change to prevent route flush (#364). * pkg/ip unit test: be agnostic of Linux version, on Linux 4.4 the syscall error message is "invalid argument" not "file exists" * bump containernetworking/cni to v0.7.1 ++++ conmon: - Use `%make_build` macro instead of `%{__make}` - Use `%make_install` macro instead of `%{__make} install` - Use `%{_bindir}` macro instead of `%{_usr}/bin` - Change `PREFIX` to not contain `%{buildroot}` and use the `$DESTDIR` variable ++++ grub2: - Fix fallback embed doesn't work when no post mbr gap at all (boo#1142229) * Refresh grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch ++++ libvirt: - libxl: fix domain state following successful suspend operation revert-d00c77ae.patch, libxl-pmsuspend-event.patch bsc#1145440 ++++ suse-module-tools: - Update to version 15.2.5: * remove 'modhash' - moved to mokutil package (jsc#SLE-6094) ------------------------------------------------------------------ ------------------ 2019-8-15 - Aug 15 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "Workaround gcc regression on ppc64 (bko#204125)." This reverts commit 8b84d1d46ff90146bb6ba5b760a54ddd87a1a680. Works for me 5.3-rc4-65-g329120423947 - commit d8f9e6c ++++ kernel-default-base: - Fix wildcard for ip6t_.* ++++ multipath-tools: - Update to version 0.7.9+166+suse.1693c88: * multipath.conf.5: document foreign library support * multipath.conf: add "enable_foreign" parameter (bsc#1139837) ++++ opus: - Add 2 upstream bug fixes for Silk: * opus-Silk-CNG-adapts-faster.patch: Silk CNG adapts faster to received packets with lower gains. * opus-Silk-fix-arm-optimization.patch: Avoid processing LPC coeffs beyond the given order in NEON optimizations. ++++ python-urllib3: - Update python-urllib3-recent-date.patch to have RECENT_DATE within the needed boundaries for the test suite. - Add urllib3-disallow-control-chars-in-http-urls.patch (bsc#1132663, CVE-2019-11236, bsc#1129071, CVE-2019-9740) - Skip test_source_address_error as we raise different error with fixes that we provide in new python2/3 - Add urllib3-cve-2019-11324.patch. Don't load system certs unless there were no CA certs or SSLContext object specified manually. (bsc#1132900,CVE-2019-11324) ------------------------------------------------------------------ ------------------ 2019-8-14 - Aug 14 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Update gi-find-deps.sh: upate javascript_requires function to parse the new JS import style (bsc#1140614). ++++ Mesa: - Build radeonsi and libvdpau_radeonsi on ppc64le ++++ pango: - Update to version 1.44.5: + Revert a broken change (causing crashes on OS X). ++++ libsigc++2: - Update to version 2.10.2: + This release is identical to 2.10.1, except for: Reference docs generated by Doxygen 1.8.11. Hopefully it will show up at https://developer.gnome.org/libsigc++/stable/ ++++ systemd: - enable systemd-portabled ++++ podman: - Update podman to v1.5.0 * Features - Podman containers can now join the user namespaces of other containers with --userns=container:$ID, or a user namespace at an arbitary path with --userns=ns:$PATH - Rootless Podman can experimentally squash all UIDs and GIDs in an image to a single UID and GID (which does not require use of the newuidmap and newgidmap executables) by passing - -storage-opt ignore_chown_errors - The podman generate kube command now produces YAML for any bind mounts the container has created (#2303) - The podman container restore command now features a new flag, - -ignore-static-ip, that can be used with --import to import a single container with a static IP multiple times on the same host - Added the ability for podman events to output JSON by specifying --format=json - If the OCI runtime or conmon binary cannot be found at the paths specified in libpod.conf, Podman will now also search for them in the calling user's path - Added the ability to use podman import with URLs (#3609) - The podman ps command now supports filtering names using regular expressions (#3394) - Rootless Podman containers with --privileged set will now mount in all host devices that the user can access - The podman create and podman run commands now support the - -env-host flag to forward all environment variables from the host into the container - Rootless Podman now supports healthchecks (#3523) - The format of the HostConfig portion of the output of podman inspect on containers has been improved and synced with Docker - Podman containers now support CGroup namespaces, and can create them by passing --cgroupns=private to podman run or podman create - The podman create and podman run commands now support the - -ulimit=host flag, which uses any ulimits currently set on the host for the container - The podman rm and podman rmi commands now use different exit codes to indicate 'no such container' and 'container is running' errors - Support for CGroups V2 through the crun OCI runtime has been greatly improved, allowing resource limits to be set for rootless containers when the CGroups V2 hierarchy is in use * Bugfixes - Fixed a bug where a race condition could cause podman restart to fail to start containers with ports - Fixed a bug where containers restored from a checkpoint would not properly report the time they were started at - Fixed a bug where podman search would return at most 25 results, even when the maximum number of results was set higher - Fixed a bug where podman play kube would not honor capabilities set in imported YAML (#3689) - Fixed a bug where podman run --env, when passed a single key (to use the value from the host), would set the environment variable in the container even if it was not set on the host (#3648) - Fixed a bug where podman commit --changes would not properly set environment variables - Fixed a bug where Podman could segfault while working with images with no history - Fixed a bug where podman volume rm could remove arbitrary volumes if given an ambiguous name (#3635) - Fixed a bug where podman exec invocations leaked memory by not cleaning up files in tmpfs - Fixed a bug where the --dns and --net=container flags to podman run and podman create were not mutually exclusive (#3553) - Fixed a bug where rootless Podman would be unable to run containers when less than 5 UIDs were available - Fixed a bug where containers in pods could not be removed without removing the entire pod (#3556) - Fixed a bug where Podman would not properly clean up all CGroup controllers for created cgroups when using the cgroupfs CGroup driver - Fixed a bug where Podman containers did not properly clean up files in tmpfs, resulting in a memory leak as containers stopped - Fixed a bug where healthchecks from images would not use default settings for interval, retries, timeout, and start period when they were not provided by the image (#3525) - Fixed a bug where healthchecks using the HEALTHCHECK CMD format where not properly supported (#3507) - Fixed a bug where volume mounts using relative source paths would not be properly resolved (#3504) - Fixed a bug where podman run did not use authorization credentials when a custom path was specified (#3524) - Fixed a bug where containers checkpointed with podman container checkpoint did not properly set their finished time - Fixed a bug where running podman inspect on any container not created with podman run or podman create (for example, pod infra containers) would result in a segfault (#3500) - Fixed a bug where healthcheck flags for podman create and podman run were incorrectly named (#3455) - Fixed a bug where Podman commands would fail to find targets if a partial ID was specified that was ambiguous between a container and pod (#3487) - Fixed a bug where restored containers would not have the correct SELinux label - Fixed a bug where Varlink endpoints were not working properly if more was not correctly specified - Fixed a bug where the Varlink PullImage endpoint would crash if an error occurred (#3715) - Fixed a bug where the --mount flag to podman create and podman run did not allow boolean arguments for its ro and rw options (#2980) - Fixed a bug where pods did not properly share the UTS namespace, resulting in incorrect behavior from some utilities which rely on hostname (#3547) - Fixed a bug where Podman would unconditionally append ENTRYPOINT to CMD during podman commit (and when reporting CMD in podman inspect) (#3708) - Fixed a bug where podman events with the journald events backend would incorrectly print 6 previous events when only new events were requested (#3616) - Fixed a bug where podman port would exit prematurely when a port number was specified (#3747) - Fixed a bug where passing . as an argument to the --dns-search flag to podman create and podman run was not properly clearing DNS search domains in the container * Misc - Updated vendored Buildah to v1.10.1 - Updated vendored containers/image to v3.0.2 - Updated vendored containers/storage to v1.13.1 - Podman now requires conmon v2.0.0 or higher - The podman info command now displays the events logger being in use - The podman inspect command on containers now includes the ID of the pod a container has joined and the PID of the container's conmon process - The -v short flag for podman --version has been re-added - Error messages from podman pull should be significantly clearer - The podman exec command is now available in the remote client - The podman-v1.5.0.tar.gz file attached is podman packaged for MacOS. It can be installed using Homebrew. - Use new conmon package as direct dependency - Remove internal conmon package - Update libpod.conf to support latest path discovery feature for `runc` and `conmon` binaries. - Re-enable 32bit build ++++ wicked: - version 0.6.55 - dhcp6: do not default to a /64 address prefix-length (bsc#1132280) Add an address-length aka DHCLIENT6_ADDRESS_LENGTH ifcfg option, which permits to specify explicit prefix-length to use for the DHCPv6 address and override detection using RA prefix info and a default to /128. - time: use boot time for timer instead of real time (bsc#1129986) - dhcp: Consistently log dhcp xid and enabled to log dhcp6 timings line. - dhcp6: lower unexpected xid messages to debug level - systemd: change to depend on udev settle service (bsc#1136034,bsc#1132774) Calling udevadm settle directly caused systemd to kill wicked services. - bridge: honour ifcfg LLADDR and set link address (bsc#1042123,boo#1142670) - rfkill: fix switch statement to check enum variable not a constant (bsc#1140117) - man: ifcfg-ovs-bridge(5): recommend STARTMODE=nfsroot - dhcp4: nullify defer timer pointer when timeout (openSUSE/wicked#798,bsc#1142214) - dhcp4: fix to request routing options when custom options are used (bsc#1132326) - testing: add ifbind.sh helper script allowing to test hotplugging ------------------------------------------------------------------ ------------------ 2019-8-13 - Aug 13 2019 ------------------- ------------------------------------------------------------------ ++++ nghttp2: - Update to version 1.39.1: * This release fixes the bug that log-level is not set with cmd-line or configuration file. It also fixes FPE with default backend. - Changes for version 1.39.0: * libnghttp2 now ignores content-length in 200 response to CONNECT request as per RFC 7230. * mruby has been upgraded to 2.0.1. * libnghttp2-asio now supports boost-1.70. * http-parser has been replaced with llhttp. * nghttpx now ignores Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT. - Drop no longer needed boost170.patch ++++ pango: - Update to version 1.44.4: + Add an insert-hyphens attribute. + Reinstate the return type of pango_fc_font_lock_face. + Fix a problem with ellipses getting the wrong font. + fc: Improve filtering by font format. + Re-add PangoFcFont to public headers. + Install PangoFc and PangoOT introspection files. + Fix ink rectangles to have positive height. + Fix mark positioning. + Switch to using harfbuzz for metrics. ++++ salt: - Use python3 to build package Salt for RHEL8 - Make python3 default for RHEL8 ++++ system-users: - Remove s390 groups again. The s390-tools maintainer wants to add groups in s390-tools manually. ------------------------------------------------------------------ ------------------ 2019-8-12 - Aug 12 2019 ------------------- ------------------------------------------------------------------ ++++ conmon: - Initial release v2.0.0 ++++ open-iscsi: - Enable LTO on aarch64 as the gcc9 package issue is fixed: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91386 ++++ kernel-default: - config.conf: syms should not depend on kernel-zfcpdump Kernel-zfcpdump is not modular so kernel-zfcpdump-devel does not make sense and is not built. kernel-syms cannot depend on it. - commit 473ac28 - rpm/mkspec: Correct tarball URL for rc kernels. - commit c4ef18d ++++ Mesa: - Update to version 19.1.4: * Mostly, as usual, in fixes for different drivers (anv, radv, radeon, nv50, nvc0) as well as in backend parts (egl, spirv, nir, ...). * Of those fixes, we could highlight several ones: - Vulkan 24/48 bit formats are now not supported on Ivybridge. - R8G8B8_UNORM_SRGB is not supported on Haswell. - A fix for hair artifacts in Max Payne 3 on AMD/RADV. - Vulkan transform feedback extension is disabled on Intel gen7. ++++ gcc10: - Add lto-dump to cross packages. - New package, inherits from gcc9 * gcc-add-defaultsspec.diff, add the ability to provide a specs file that is read by default * tls-no-direct.diff, avoid direct %fs references on x86 to not slow down Xen * gcc43-no-unwind-tables.diff, do not produce unwind tables for CRT files * gcc41-ppc32-retaddr.patch, fix expansion of __builtin_return_addr for ppc, just a testcase * gcc44-textdomain.patch, make translation files version specific and adjust textdomain to find them * gcc44-rename-info-files.patch, fix cross-references in info files when renaming them to be version specific * gcc48-libstdc++-api-reference.patch, fix link in the installed libstdc++ html documentation * gcc48-remove-mpfr-2.4.0-requirement.patch, make GCC work with earlier mpfr versions on old products * gcc5-no-return-gcc43-workaround.patch, make build work with host gcc 4.3 * gcc7-remove-Wexpansion-to-defined-from-Wextra.patch, removes new warning from -Wextra * gcc7-avoid-fixinc-error.diff ++++ microos-tools: - Remove create_autoyast_profile from sources - Update to version 1.0+git20190812.97ca0ee: * Add create_autoyast_profile to caasp section for reference ++++ python-libvirt-python: - Update to 5.6.0 - Add all new APIs and constants in libvirt 5.6.0 ------------------------------------------------------------------ ------------------ 2019-8-11 - Aug 11 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: refresh with gcc7 Unlike master branch, SLE15-SP2 is supposed to be built with gcc7. At the moment, this only makes a significant difference on aarch64 (which we already refreshed with gcc 7.4.0 for this reason) but let's refresh all configs to make it more visible. - commit 67e1879 - Update to 5.3-rc4 - Refresh - patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch - commit 5402233 ------------------------------------------------------------------ ------------------ 2019-8-10 - Aug 10 2019 ------------------- ------------------------------------------------------------------ ++++ u-boot-rpiarm64: - Add u-boot-zynqzturn ------------------------------------------------------------------ ------------------ 2019-8-9 - Aug 9 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/config.sh: Enable building DTBs. - commit 7de292a - rpm/mkspec: Make building DTBs optional. - commit 7c057c8 - supported.conf: fix supported modules depending on unsupported on non-x86_64 architectures Some more "unsupported module needed by supported one" errors were reported on aarch64 and ppc64le. - commit 6b609de - supported.conf: drop obsolete entry for hyperv_fb The module moved to a different directory, the obsolete entry causes file conflict betwen kernel-default and kernel-default-extra. - commit 6b112e5 - rpm/modflist: Simplify compression support. - commit fd135a6 - supported.conf: close with respect to dependencies Modules which some supported module depends on must be supported as well. Also drop obsolete entries for rtsx_pci and rtsx_usb which were moved between 4.12 and 5.3. - commit b781c36 - rpm: support compressed modules Some of our scripts and scriptlets in rpm/ do not expect module files not ending with ".ko" which currently leads to failure in preuninstall scriptlet of cluster-md-kmp-default (and probably also other subpackages). Let those which could be run on compressed module files recognize ".ko.xz" in addition to ".ko". - commit 18fcdff - Bring back MODVERDIR to Makefile.modpost (bsc#1066369). - commit 6cc69f5 - supported.conf: sort again Make the order compatible with scripts/supported-conf-fixup (LC_ALL=C). - commit 4a4b5dd - supported.conf: Sort alphabetically, align comments. - commit 5189766 - series.conf: cleanup Move patches.suse/0001-oracleasm-4.0-compat-changes.patch to more appropriate place. - commit 2080902 - supported.conf: drop extensions To make things more consistent, drop all ".ko" extensions. - commit 398461b - Update patches.suse/supported-flag. Fix ReST table. - commit 0692bf4 ++++ libvirt: - logging: ensure virtlogd rollover takes priority over logrotate 975b004d-virtlogd-over-logrotate.patch bsc#1137137 ++++ salt: - Fix aptpkg systemd call (bsc#1143301) - Added: * fix-aptpkg-systemd-call-bsc-1143301.patch ++++ qemu: - Since we build seabios, take advantage of ability to add our own identifying version info by changing SEABIOS_EXTRAVERSION from "-prebuilt.qemu.org" to "-rebuilt.suse.com" (or "-rebuilt.opensuse.org for openSUSE releases) ++++ selinux-policy: - Moved back to fedora policy (20190802) - Removed spec file conditionals for old SELinux userland - Removed config.tgz - Removed patches: * label_sysconfig.selinux.patch * label_var_run_rsyslog.patch * suse_additions_obs.patch * suse_additions_sslh.patch * suse_modifications_apache.patch * suse_modifications_cron.patch * suse_modifications_getty.patch * suse_modifications_logging.patch * suse_modifications_ntp.patch * suse_modifications_usermanage.patch * suse_modifications_virt.patch * suse_modifications_xserver.patch * sysconfig_network_scripts.patch * segenxml_interpreter.patch - Added patches: * fix_djbdns.patch * fix_dbus.patch * fix_gift.patch * fix_java.patch * fix_hadoop.patch * fix_thunderbird.patch * postfix_paths.patch * fix_nscd.patch * fix_sysnetwork.patch * fix_logging.patch * fix_xserver.patch * fix_miscfiles.patch to fix problems with the coresponding modules - Added sedoctool.patch to prevent build failures - This also adds three modules: * packagekit.(te|if|fc) Basic (currently permissive) module for packagekit * minimum_temp_fixes.(te|if|fc) and * targeted_temp_fixes.(te|if|fc) both are currently necessary to get the systems to boot in enforcing mode. Most of them obviosly stem from mislabeled files, so this needs to be worked through and then removed eventually Also selinuxuser_execstack, selinuxuser_execmod and domain_can_mmap_files need to be enabled. Especially the first two are bad and should be removed ASAP ------------------------------------------------------------------ ------------------ 2019-8-8 - Aug 8 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Use upstream TAINT_AUX for TAINT_EXTERNAL_SUPPORT. Refresh patches.suse/supported-flag. - commit a4999e0 - rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup Co-Authored-By: Adam Spiers - commit 7cf5b9e - rpm/kernel-binary.spec.in: Enable supported.conf check. - commit 96adf4d - Update arm64 config files. - commit 1e7a157 - supported.conf: add missing entries for all architectures As list of built modules depends on architecture, we must also add entries for modules which are not built (or do not even exist) on x86_64 but are built on other architectures (aarch64, ppc64le, s390x). - commit 8f74082 - supported.conf: add missing entries Add all modules currently built but not listed in supported.conf. Another update will be necessary once we replace configs inherited from master with true SLE15-SP2 configs. This is also why entries for modules not built are left in the file for now. - commit 0f5033c - supported.conf: sort Also remove one commented out line. - commit b539157 - supported.conf: cleanup Remove duplicate and shadowed entries. - commit 25e91ec - supported.conf: update from SLE15-SP1 Differences from current SLE15-SP1 supported.conf: - f71808e_wdt and it87_wdt supported (jdelvare) - bpfilter marked +base (tiwai, bsc#1106751) - unified indentation - commit 02162e4 ++++ kernel-default-base: - Shorten module list by using wildcards. ++++ kernel-firmware: - Revert amdgpu/vega10_sos.bin to the previous version for fixing the hang up at boot time (bsc#1143331) ++++ opus: - Own %{_datadir}/aclocal: when we might switch to pkgconf instead of pkg-config, nothing in the build root is 'accidentally' owning this directory for us. ++++ yast2: - Remove the obsolete XVersion API (bsc#1144627). - Detect missing textdomain during testing (bsc#1130822) - 4.2.18 ------------------------------------------------------------------ ------------------ 2019-8-7 - Aug 7 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/kernel-binary.spec.in: support partial rt debug config. - commit af37821 - rpm/config.sh: Update OBS build project to 15 SP1. - commit 03e63ed - config: arm64: Update to 5.3-rc3 - commit f1f49f3 - config: disable preemption Full update to configs based on SLE15-SP1 will follow later. - commit 84c63fb - config: Enable SENSORS_GPIO_FAN for all of Arm (boo#1144723) We already had it for armv6hl but were lacking it on arm64. Add it on armv7hl for consistency while at it. - commit 607ebeb - series.conf: add sorted section Also mark kabi section on top explicitly as intended only for kabi patches related to stable backports and add kabi section for the rest at the end of the file (so that these can be dropped easily). - commit 3df2daa - README.BRANCH: Change branch name to 15 SP2 - commit 5135437 - config.conf: Remove non-SLE configs. - Update config files with SLE product number. - commit f002b36 - rpm/config.sh: Update to 15 SP2 - update IBS project - update bugzilla product - sort series - commit 41fafbc ++++ libcontainers-common: - Add missing licenses to spec file ++++ qemu: - Security fix for heap overflow in ip_reass on big packet input (CVE-2019-14378, bsc#1143794) slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input.patch ++++ slirp4netns: - Add missing licenses to spec file ++++ zypper: - Fix local/remote url classification. - Rephrase file conflict check summary (bsc#1140039) - Fix bash completions option detection (bsc#1049825) - BuildRequires: libzypp-devel >= 17.14.0 - version 1.14.29 ------------------------------------------------------------------ ------------------ 2019-8-6 - Aug 6 2019 ------------------- ------------------------------------------------------------------ ++++ util-linux: - Issue a warning for outdated pam files (bsc#1082293, boo#1081947#c68). - Fix comments and unify look of PAM files that were just changed (login.pamd, remote.pamd). ++++ libcontainers-common: - Add a default registries.d configuration file, used to specify images signatures storage location. ++++ qemu: - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 * Patches added: 0051-linux-user-fix-to-handle-variably-s.patch ++++ util-linux-systemd: - Issue a warning for outdated pam files (bsc#1082293, boo#1081947#c68). - Fix comments and unify look of PAM files that were just changed (login.pamd, remote.pamd). ------------------------------------------------------------------ ------------------ 2019-8-5 - Aug 5 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version: 9.17.15 → 9.17.16 - Do not create a new machine-id file This commit ensures KIWI is not creating a new machine-id empty file in case it was not provided during the system installation. Fixes bsc#1141168 (cherry picked from commit afd9b3019ae37980524554452e113d544e9676aa) - Update documentation references The kiwi project has been moved into its own upstream organisation named OSInside. Due to the move some doc and README references needs to be adapted (cherry picked from commit d09ccc520633c03d5393039ccbc4989779f803d0) - Extend the development documentation Co-Authored-By: Thomas Schraitle (cherry picked from commit 5ba515236d817bfe50200abe5fdaa8a3ac8e6dc4) - Add GitLab CI pipeline badge to README.rst (cherry picked from commit af773d67b9e9ca18a851893b1604c2fa866e7bee) - Fixed permanent redirect links in documentation (cherry picked from commit 921fa17f4fe7415e4e5e21a8636c72e7d76dc1d3) - Add GitLab CI pipeline status to README.rst (cherry picked from commit 0681fb4d7335c1b496a62663fae4b56876ffdc8e) - Extend quickstart to be more viable as a stand-alone document (cherry picked from commit fe7c7f59bdf6d1970550a28fff479233e95b85d1) - Add pytest-xdist to dev-virtualenv to run the unit tests in parallel - fix CLI args not being passed to pytest by tox for unit_py3_4 and unit_py3_6 - enable parallel run on travis - document how to run the unit tests in parallel (cherry picked from commit 0fbc2c5ff950cb1857fe7b45e66983272bf1fc4d) ++++ kernel-default: - Update to 5.3-rc3 - Eliminated 1 patch - Refresh - patches.suse/supported-flag - patches.suse/supported-flag-external - Refresh configs - commit 571863b ++++ krb5: - Integrate pam_keyinit pam module, ksu-pam.d; (bsc#1081947); (bsc#1144047); ++++ libzypp: - PublicKey::algoName: supply key algorithm and length - version 17.14.0 (12) ++++ qemu: - Make keycode-gen output reproducible (use SOURCE_DATE_EPOCH timestamp) keycodemapdb-make-keycode-gen-output-reproducible.patch ++++ slirp4netns: - Update to 0.3.2 * Fix heap overflow in `ip_reass` on big packet input ++++ yast2: - Allow to know if there is a forced base product (bsc#1124590, bsc#1143943). - 4.2.17 ------------------------------------------------------------------ ------------------ 2019-8-4 - Aug 4 2019 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - update to 2.34 state of the Mozilla NSS Certificate store (bsc#1144169) - Removed CAs: - Certinomis - Root CA - includes added root CAs from the 2.32 version: - emSign ECC Root CA - C3 (email and server auth) - emSign ECC Root CA - G3 (email and server auth) - emSign Root CA - C1 (email and server auth) - emSign Root CA - G1 (email and server auth) - Hongkong Post Root CA 3 (server auth) ++++ pango: - Update to version 1.44.3: + Install pango-ot headers. + Make subpixel positioning optional. + fc: Ignore fonts with unsupported formats. ------------------------------------------------------------------ ------------------ 2019-8-3 - Aug 3 2019 ------------------- ------------------------------------------------------------------ ++++ pango: - Update to version 1.44.2: + Disable ligatures when letterspacing. + Set design coords on hb_font_t. + Expose more font options in pango-view. + OS X: Make 'system-ui' font work. + Keep deprecated pango-fc apis in headers. + Make hex boxes work, always. + introspection: - Various build fixes. - Add PangoPT, PangoFT2 namespaces. + layout: Make the new line-spacing opt-in. ------------------------------------------------------------------ ------------------ 2019-8-2 - Aug 2 2019 ------------------- ------------------------------------------------------------------ ++++ hwinfo: - Use FAT LTO objects in order to provide proper static library. ++++ kernel-default: - kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578). Without this patch, /usr/src/linux-@VERSION@-@RELEASE_SHORT@-obj/x86_64/vanilla/.kernel-binary.spec.buildenv contained rpm %_smp_mflags in a line like export MAKE_ARGS=" --output-sync -j4" This made it hard to produce bit-identical builds. - commit 789d131 ++++ libcontainers-common: - Update to image v3.0.0 - Add "Env" to ImageInspectInfo - Add API function TryUpdatingCache - Add ability to install man pages - Add user registry auth to kernel keyring - Fix policy.json.md -> containers-policy.json.5.md references - Fix typo in docs/containers-registries.conf.5.md - Remove pkg/sysregistries - Touch up transport man page - Try harder in storageImageDestination.TryReusingBlob - Use the same HTTP client for contacting the bearer token server and the registry - ci: change GOCACHE to a writeable path - config.go: improve debug message - config.go: log where credentials come from - docker client: error if registry is blocked - docker: allow deleting OCI images - docker: delete: support all MIME types - ostree: default is no OStree support - ostree: improve error message - progress bar: use spinners for unknown blob sizes - use 'containers_image_ostree' as build tag - use keyring when authfile empty - Update to storage v1.12.16 - Add cirrus vendor check - Add storage options to IgnoreChownErrors - Add support for UID as well as UserName in /etc/subuid files. - Add support for ignoreChownErrors to vfs - Add support for installing man pages - Fix cross-compilation - Keep track of the UIDs and GIDs used in applied layers - Move lockfiles to their own package - Remove merged directory when it is unmounted - Switch to go modules - Switch to golangci-lint - Update generated files - Use same variable name on both commands - cirrus: ubuntu: try removing cryptsetup-initramfs - compression: add support for the zstd algorithm - getLockfile(): use the absolute path - loadMounts(): reset counts before merging just-loaded data - lockfile: don't bother releasing a lock when closing a file - locking test updates - locking: take read locks on read-only stores - make local-cross more reliable for CI - overlay: cache the results of supported/using-metacopy/use-naive-diff feature tests - overlay: fix small piece of repeated work - utils: fix check for missing conf file - zstd: use github.com/klauspost/compress directly ++++ libvirt: - qemu: fix default value of security_default_confined Updated suse-qemu-conf.patch bsc#1143871 - qemu: Change owner of temp directories under /var/lib/libvirt/qemu 673f805d-qemu-chown-uniqDir.patch bsc#1143497 ------------------------------------------------------------------ ------------------ 2019-8-1 - Aug 1 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Disable LTO (Link Time Optimization) on aarch64 since it seems to fail -- iscsiadm core dumps almost immediately (bsc#1143192), updating the SPEC file. ++++ kernel-default: - config: refresh x86_64/default With HBMC_AM654 disabled, nothing selects MULTIPLEXER any more. - commit 07a1a73 ++++ openldap2: - bsc#1143194 (CVE-2019-13565) - ssf memory reuse leads to incorrect authorisation of another connection, granting excess connection rights (ssf). * patch: 0201-ITS-9052-zero-out-sasl_ssf-in-connection_init.patch - bsc#1143273 (CVE-2019-13057) - rootDN of a backend may proxyauth incorrectly to another backend, violating multi-tenant isolation. * patch: 0202-ITS-9038-restrict-rootDN-proxyauthz-to-its-own-DBs.patch * patch: 0203-ITS-9038-Update-test028-to-test-this-is-enforced.patch * patch: 0204-ITS-9038-Another-test028-typo.patch ++++ python-PyYAML: - update to 5.1.2 * Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8b2+ ++++ slirp4netns: - Update to 0.3.1 * Fix use-after-free ------------------------------------------------------------------ ------------------ 2019-7-31 - Jul 31 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update config files: CONFIG_HBMC_AM654=n The TI AM654 is an ARM64 SoC, so disable the driver on all other architectures. - commit 042f63f ++++ libgcrypt: - Fixed an issue created by incomplete implementation of previous change - [bsc#1097073] * Removed section of libgcrypt-binary_integrity_in_non-FIPS.patch that caused some tests to be executed more than once. ++++ systemd: - systemd-container creates and owns /etc/systemd/nspawn now ++++ libvirt: - Add apparmor-abstractions as a required package for daemon (bsc#1142992) ++++ system-users: - Add system-user-tftp subpackage with tftp user and group and /srv/tftpboot as home directory [bsc#1143454]. ++++ yast2: - Add a dependency on hostname, as it is needed by the Hostname module (boo#1142595). - 4.2.16 ------------------------------------------------------------------ ------------------ 2019-7-30 - Jul 30 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - packaging: add support for riscv64 - commit c2885ea ++++ NetworkManager: - Update to version 1.18.2(bsc#1138213): + Add support for policy routing rules. + Add support for VLAN filtering for Linux bridge. + Support ieee-802-1 and ieee-802-3 LLDP TLVs. + Allow large MTU sizes for infiniband/IPoIB connection profiles. + Improve nmcli's handling of list options for connection properties. + Add compatibility with out-of-tree WireGuard module on 5.2 kernels + Fix parsing of BOOTIF= variables in initrd. + Accept numeric IPv4 prefix in place of a mask when parsing a command line in initrd. + Don't check connectivity of unconfigured devices. + Fix PKCS#12 handling in the ifcfg-rh plugin. + Avoid waiting for udev to see software devices created by NetworkManager. + Don't attempt to stop management daemon for Team devices created externally to NetworkManager. + Use FQDN for persistent hostname on Slackware. + Restore IPv6 configuration of a device when its link goes back up. + Fix management status of software devices on system suspend. + Make nmcli not print certificate blobs if --show-secrets is not used. + Fix MTU reapply. - Drop 0001-Update-connectivity-value-on-device-removal.patch: Fixed upstream. ++++ zstd: - Add disk _constraints to fix ppc64le build ++++ podman: - Remove fuse-overlayfs because it's (currently) an unsatisfied dependency on SLE (bsc#1143386) ++++ salt: - Move server_id deprecation warning to reduce log spamming (bsc#1135567) (bsc#1135732) - Added: * move-server_id-deprecation-warning-to-reduce-log-spa.patch - Multiple fixes on cmdmod, chroot, freezer and zypperpkg needed for Yomi cmdmod: fix runas and group in run_chroot chroot: add missing sys directory chroot: change variable name to root chroot: fix bug in safe_kwargs iteration freezer: do not fail in cache dir is present freezer: clean freeze YAML profile on restore zypperpkg: fix pkg.list_pkgs cache - Added: * accumulated-changes-required-for-yomi-165.patch ------------------------------------------------------------------ ------------------ 2019-7-29 - Jul 29 2019 ------------------- ------------------------------------------------------------------ ++++ gettext-runtime: - Added msgfmt-double-free.patch to fix a double free error (CVE-2018-18751 bsc#1113719) ++++ pango: - Update to version 1.44.1: + Fix a crash with allow_break attributes. + Fix Emoji spacing. + Fix up includes and pkg-config requires. + Correct some cases for hyphen insertion. ++++ salt: - Avoid traceback on http.query when there are errors with the requested URL (bsc#1128554) - Added: * avoid-traceback-when-http.query-request-cannot-be-pe.patch ++++ wpa_supplicant: - Refresh spec-file via spec-cleaner and manual optimizations. * Change URL and Source0 to actual project homepage. * Remove macro %{?systemd_requires} and rm (not needed). * Add %autopatch macro. * Add %make_build macro. - Chenged patch wpa_supplicant-flush-debug-output.patch (to -p1). - Changed service-files for start after network (systemd-networkd). ++++ yast2: - Stop "ls: write error: Broken pipe" messages (bsc#1128032) - 4.2.15 ------------------------------------------------------------------ ------------------ 2019-7-28 - Jul 28 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.3-rc2 - Eliminated 1 patch - patches.suse/dma-mapping-use-dma_get_mask-in-dma_addressing_limit.patch - Refresh - patches.suse/netfilter-ip_conntrack_slp.patch - Config changes - NF_TABLES_BRIDGE=m (was =y) - commit fc5ebf3 ------------------------------------------------------------------ ------------------ 2019-7-27 - Jul 27 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/macros.kernel-source: KMPs should depend on kmod-compat to build. kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and find-supplements.ksyms in rpm-config-SUSE. - commit f97ca49 - scripts/run_oldconfig.sh: Fix update-vanilla When CC is set we want to use it for native only. Cross-compilation still needs the crosscompilers. - commit 3b9fcdb ++++ pango: - Update to version 1.44.0: + Use harfbuzz for shaping on all platforms. + Add a getter for hb_font_t. + Make PangoCoverage a GObject. + Add a pango_tailor_break api. + font metrics: Add line height. + layout: - Support line spacing. - Draw hyphens for line breaks. + Add an attribute to suppress line breaking. + cairo: Don't render hex boxes for space. + Add an attribute to show invisible characters. + Stop quantizing glyph positions. + Add tests for itemization and line breaking. + Remove language and shape engine remnants. + Rename meson options: gtk_doc, introspection. + Require GLib 2.59.2. + Require Harfbuzz 2.0. ------------------------------------------------------------------ ------------------ 2019-7-26 - Jul 26 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.0.1+git20190725.10b85d1: * release-checklist: add step to submit to bodhi * news: add news for v2.0.1 * config/v*: run Node.Validate() as well * doc/getting-started: rm online validator section * providers/aws: get region after getting config. * providers: allow FetchConfig to mutate the fetcher * release-checklist: fix for new website and jenkins ++++ kernel-default-base: - Add all netfilter and xfrm modules (boo#1142841) ++++ zstd: - Update to version 1.4.2: * bug: Fix bug in zstd-0.5 decoder by @terrelln (#1696) * bug: Fix seekable decompression in-memory API by @iburinoc (#1695) * bug: Close minor memory leak in CLI by @LeeYoung624 (#1701) * misc: Validate blocks are smaller than size limit by @vivekmig (#1685) * misc: Restructure source files by @ephiepark (#1679) ------------------------------------------------------------------ ------------------ 2019-7-25 - Jul 25 2019 ------------------- ------------------------------------------------------------------ ++++ libvirt: - qemu: Add support for overriding max threads per process limit d5572f62-qemu-support-override-max-thread.patch bsc#1133719 ++++ libzypp: - MediaCurl: Fix leaking filedescriptors (bsc#1116995) - commit: Run file conflict check on dry-run (best with download-only) (bsc#1140039) - commit: do not remove orphan products if the .prod file is owned by a package (bsc#1139795) - version 17.13.0 (12) ++++ pinentry: - Fix a dangling pointer in qt/main.cpp [bsc#1141883] * Added pinentry-qt-Fix-use-of-dangling-pointer.patch ++++ podman: - Update libpod.conf to use correct infra_command ++++ salt: - Salt python client get_full_returns seems return data from incorrect jid (bsc#1131114) - Added: * checking-for-jid-before-returning-data.patch ++++ qemu: - Security fix for null pointer dereference while releasing spice resources (CVE-2019-12155, bsc#1135902) 0049-qxl-check-release-info-object.patch - Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (CVE-2019-13164, bsc#1140402) 0050-qemu-bridge-helper-restrict-interfa.patch - Replace patch 0043 with an upstream version 0043-target-i386-define-md-clear-bit.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ++++ yast2: - Release the sources to avoid using up all server connections (bsc#1141127) - 4.2.14 ------------------------------------------------------------------ ------------------ 2019-7-24 - Jul 24 2019 ------------------- ------------------------------------------------------------------ ++++ btrfsprogs: - btrfs-progs: check: fixup_extent_flags needs to deal with non-skinny metadata (bsc#1131334). - Added patches: * btrfs-progs-check-fixup_extent_flags-needs-to-deal-with-non-skinny-metadata.patch ++++ glib2: - Update to version 2.60.6: + Fix various bugs with use of the `GKeyfileSettingsBackend` within flatpaks (glgo#GNOME/GLib!984, glgo#GNOME/GLib!985, glgo#GNOME/GLib#1825). + Bugs fixed: glgo#GNOME/GLib!993, glgo#GNOME/GLib!984, glgo#GNOME/GLib!985. - Drop glib2-keyfile-handle-filename-being-null.patch: Fixed upstream. ++++ gstreamer-plugins-base: - Add gstreamer-plugins-base-arm-neon-configuration.patch as an upstream backport of: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/commit/d8d4904e - Use %make_build. ++++ kernel-default: - dma-mapping: use dma_get_mask in dma_addressing_limited (https://lore.kernel.org/lkml/cda1952f-0265-e055-a3ce-237c59069a3f@suse.com/T/#u). - commit c584343 - scripts/arch-symbols: add missing link. - commit ee7c635 ++++ bzip2: - update bzip2-1.0.6-CVE-2019-12900.patch to accept as many selectors as the file format allows. This relaxes the previous fix for CVE-2019-12900 so that bzip2 allows decompression of bz2 files that use (too) many selectors again. It fixes a bzip2 and lbzip2 incompatibility caused by previous patch [bsc#1139083] [CVE-2019-12900] ++++ python3-core: - FAKE RECORD FROM SLE-12 CHANNEL Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802] - FAKE RECORD FROM SLE-12 CHANNEL bsc#1109847: add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo#34623. ++++ libseccomp: - ignore make check error for ppc64/ppc64le, bypass boo#1142614 ++++ nvme-cli: - Update nvme-cli to upstream version 1.8.1 (FATE#327304), (jsc#SLE-6589), (eco#166), Tracking Bug (bsc#1142768) * Various bug fixes and documentation improvements * wdc: new commands: drive status, clear assert dump status, drive resize, NAND statistics * wdc: support for SN840 * Add reporting of Virtual Management support to id-ctrl * NetApp: add command for NetApp ONTAP devices * Add json and raw_binary format for show-regs * Revert stop-on-failure with connect-all - Rename still required upstream patches, which are not part of 1.8.1: - 0014-nvme-cli-Increase-size-of-ONTAP-namespace-path-varia.patch + 0001-nvme-cli-Increase-size-of-ONTAP-namespace-path-varia.patch - 0104-nvme-cli-Fix-documentation-syntax-and-typo.patch + 0002-nvme-cli-fix-typo-removing-the-duplicate-are.patch - Drop back-ported patches, which are now part of 1.8.1: - 0001-wdc-Change-device-capability-checking.patch - 0002-wdc-Add-additional-device-for-vs-internal-log.patch - 0004-Fix-compilation-with-GCC-8.patch - 0005-Fix-CFLAGS-parameter.patch - 0006-nvme-cli-fix-compilation-with-uint64_t-cast.patch - 0008-nvme-cli-minor-cleanup-for-submit_io.patch - 0010-nvme-cli-fix-fc-trtype-string.patch - 0011-nvme-cli-add-netapp-ontapdevices-command.patch - 0012-nvme-cli-add-netapp-ontapdevices-man-page.patch - 0013-nvme-cli-Revert-stop-on-failure-with-connect-all.patch - Squash downstream patches: - 0100-nvme_fc-auto-connect-scripts.patch - 0102-Add-nvmefc-connect.target.patch - 0103-Change-service-to-type-simple.patch - 0105-nvme-cli-Check-for-sysfs-interface-before-NVMe-disco.patch + 0100-nvme_fc-add-auto-connect-scripts.patch - 0101-71-nvme-iopolicy-netapp.rules-add-default-rules-for-.patch - 0106-nvme-cli-add-default-IO-policy-rule-for-NetApp-E-Ser.patch - 0107-nvme-cli-Rename-udev-rule-for-ONTAP-controller.patch + 0101-nvme-add-iopolicy-rules-for-netapp.patch - Rename downstream patch: - 0108-nvme-cli-Add-script-to-determine-host-NQN.patch + 0102-nvme-cli-Add-script-to-determine-host-NQN.patch - Drop oboslete patches - 0003-generate-new-documentation.patch - 0007-Regen-docs.patch - 0009-Regen-documentation.patch - New downstream patch: Remove C99 standard declarations + 0003-nvme-vendor-fix-c99-declarations-in-vendor-plugins.patch - Reorder install steps: Install systemd services first, since they are required for the udev rules, avoiding a theoretical race condition. - Adding %defattr(-,root,root) to be in-sync with SLE12-SP5 ++++ python3: - FAKE RECORD FROM SLE-12 CHANNEL Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802] - FAKE RECORD FROM SLE-12 CHANNEL bsc#1109847: add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo#34623. ++++ python-libvirt-python: - Update to 5.5.0 - Add all new APIs and constants in libvirt 5.5.0 ++++ sysconfig: - version 0.85.3 - boo#1123699: Use systemd's tmpfile mechanism to create the symlink infrastructure for resolv.conf and yp.conf early during boot. ------------------------------------------------------------------ ------------------ 2019-7-23 - Jul 23 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/config.sh: enable kernel module compression (bsc#1135854) - commit b333e24 - Add kernel module compression support (bsc#1135854) For enabling the kernel module compress, add the item COMPRESS_MODULES="xz" in config.sh, then mkspec will pass it to the spec file. - commit cdf5806 - Workaround gcc regression on ppc64 (bko#204125). - commit 8b84d1d - config.conf: Add ppc64 kvmsmall config (bsc#1137361). - Remove superfluous i2c drivers from ppc64 config - CONFIG_I2C_ALGOPCA=m - CONFIG_I2C_AMD8111=m - CONFIG_I2C_CBUS_GPIO=m - CONFIG_I2C_DESIGNWARE_CORE=y - CONFIG_I2C_DESIGNWARE_PLATFORM=y - CONFIG_I2C_DESIGNWARE_PCI=m - CONFIG_I2C_OCORES=m - CONFIG_I2C_PCA_PLATFORM=m Can't get rid of i2c in kvmsmall anyway but at least the DW i2c is gone. - commit 3d0102c ++++ Mesa: - Update to version 19.1.3: * Mostly fixes for ANV and RADV drivers, as well as NIR backend fixes. * Several of those patches fix crashes with the drivers, and a couple of them fix memory leaks. ++++ yast2: - Fixed evaluating the base products to avoid the "No base product found" error message at upgrade, for reading the product data prefer the new products (bsc#1142522) - 4.2.13 ------------------------------------------------------------------ ------------------ 2019-7-22 - Jul 22 2019 ------------------- ------------------------------------------------------------------ ++++ gpg2: - Security fix: [bsc#1141093, CVE-2019-13050] * Denial of service attacks via big keys * Added patches: - gnupg-CVE-2019-13050_0_of_5.patch - gnupg-CVE-2019-13050_1_of_5.patch - gnupg-CVE-2019-13050_2_of_5.patch - gnupg-CVE-2019-13050_3_of_5.patch - gnupg-CVE-2019-13050_4_of_5.patch - gnupg-CVE-2019-13050_5_of_5.patch ++++ kernel-default: - config: enable PPPoE for kvmsmall (bsc#1133945). - commit 39d218a - config: remove unnecessary drivers from kvmsmall The initial merge was incomplete and needed revisiting, which didn't really happen. Since then, new options have been added and not removed from kvmsmall, leading to grow in size. This commit uses the following blacklist: _(BT|CHARGER|CHROMEOS|CROS|DVB|DW|EDAC|FPGA|GPIO|GNSS|HID|INFINIBAND|IR|JOYSTICK|LEDS|MFD|PINCTRL|REGULATOR|RTC|SENSORS|SND_SOC|STAGING|TOUCHSCREEN|VIDEO|XEN|XILINX)[_=] ... along with some manual removal of NET_VENDORs with no relevant drivers. - commit e850d85 - rpm/klp-symbols: update to work with kernel >= 5.3 Since mainline commit b7dca6dd1e59 ("kbuild: create *.mod with full directory path and remove MODVERDIR") in v5.3-rc1, *.mod files are created in the build tree rather than in a single directory .tmp_versions ($MODVERDIR). They also do not provide path to the *.ko module file on their first line as the path is the same (except for the suffix). Update klp-symbols script to handle this new layout and format of *.mod files to fix build of 5.3-rc1 and newer kernel. Note: this is a quick band-aid to fix master branch build without risk of breaking any other branch. A more proper cleanup will follow. - commit c32f8e7 - Update to 5.3-rc1 - Eliminated 89 patches (83 stable, 6 other) - ARM configs need update - Refresh patches.suse/btrfs-8447-serialize-subvolume-mounts-with-potentially-mi.patch patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch patches.suse/netfilter-ip_conntrack_slp.patch patches.suse/rpm-kernel-config patches.suse/supported-flag patches.suse/vfs-add-super_operations-get_inode_dev - replace patches.rpmify/BPF-UMH-do-not-detect-if-compiler-can-link-userspace.patch with patches.rpmify/Kconfig-make-CONFIG_CC_CAN_LINK-always-true.patch - New config options: - General setup - HEADER_TEST=y - KERNEL_HEADER_TEST=y - PREEMPT_LL=n - UCLAMP_TASK=y - UCLAMP_BUCKETS_COUNT=5 - Processor type and features - ACRN_GUEST=y - LEGACY_VSYSCALL_XONLY=y - IO Schedulers - BFQ_CGROUP_DEBUG=n (=y in */debug) - Networking - NFT_SYNPROXY=m - NFT_BRIDGE_META=m - NF_CONNTRACK_BRIDGE=m - NET_ACT_MPLS=m - NET_ACT_CTINFO=m - NET_ACT_CT=m - BT_HCIBTUSB_MTK=y - GVE=m - MLX5_FPGA_IPSEC=y - MLX5_FPGA_TLS=y - MLX5_TLS=y - STMMAC_SELFTESTS=n - XILINX_AXI_EMAC=m - SFP=m - NXP_TJA11XX_PHY=m - PHY_MIXEL_MIPI_DPHY=m - File systems - UBIFS_FS_ZSTD=y - SUNRPC_DISABLE_INSECURE_ENCTYPES=n - CEPH_FS_SECURITY_LABEL=y - Generic driver options - FW_LOADER_COMPRESS=y - Storage - SCSI_FDOMAIN_PCI=m - SCSI_FDOMAIN_ISA=n - PCMCIA_FDOMAIN=n - Input - KEYBOARD_APPLESPI=m - Power supply and hardware monitoring - POWER_SUPPLY_HWMON=y - CHARGER_WILCO=m - SENSORS_IRPS5401=m - SENSORS_PXE1610=m - REGULATOR_ARIZONA_LDO1=m - REGULATOR_ARIZONA_MICSUPP=m - REGULATOR_SLG51000=m - Multimedia - DVB_USB_CXUSB_ANALOG=y - VIDEO_TDA1997X=m - VIDEO_TLV320AIC23B=m - VIDEO_ADV7180=m - VIDEO_ADV7183=m - VIDEO_ADV7604=m - VIDEO_ADV7604_CEC=y - VIDEO_ADV7842=m - VIDEO_ADV7842_CEC=y - VIDEO_BT819=m - VIDEO_BT856=m - VIDEO_BT866=m - VIDEO_KS0127=m - VIDEO_ML86V7667=m - VIDEO_SAA7110=m - VIDEO_TC358743=m - VIDEO_TC358743_CEC=y - VIDEO_TVP514X=m - VIDEO_TVP7002=m - VIDEO_TW9910=m - VIDEO_VPX3220=m - VIDEO_SAA7185=m - VIDEO_ADV7170=m - VIDEO_ADV7175=m - VIDEO_ADV7343=m - VIDEO_ADV7393=m - VIDEO_ADV7511=m - VIDEO_ADV7511_CEC=y - VIDEO_AD9389B=m - VIDEO_AK881X=m - VIDEO_THS8200=m - VIDEO_IMX214=m - VIDEO_IMX258=m - VIDEO_IMX274=m - VIDEO_IMX319=m - VIDEO_IMX355=m - VIDEO_OV2659=m - VIDEO_OV2680=m - VIDEO_OV2685=m - VIDEO_OV5647=m - VIDEO_OV6650=m - VIDEO_OV5670=m - VIDEO_OV5695=m - VIDEO_OV7251=m - VIDEO_OV772X=m - VIDEO_OV7740=m - VIDEO_OV8856=m - VIDEO_OV9640=m - VIDEO_OV9650=m - VIDEO_OV13858=m - VIDEO_VS6624=m - VIDEO_MT9M001=m - VIDEO_MT9M032=m - VIDEO_MT9M111=m - VIDEO_MT9P031=m - VIDEO_MT9T001=m - VIDEO_MT9T112=m - VIDEO_MT9V032=m - VIDEO_MT9V111=m - VIDEO_SR030PC30=m - VIDEO_NOON010PC30=m - VIDEO_M5MOLS=m - VIDEO_RJ54N1=m - VIDEO_S5K6AA=m - VIDEO_S5K6A3=m - VIDEO_S5K4ECGX=m - VIDEO_S5K5BAF=m - VIDEO_SMIAPP=m - VIDEO_ET8EK8=m - VIDEO_S5C73M3=m - VIDEO_AD5820=m - VIDEO_AK7375=m - VIDEO_DW9714=m - VIDEO_DW9807_VCM=m - VIDEO_ADP1653=m - VIDEO_LM3560=m - VIDEO_LM3646=m - SDR_MAX2175=m - VIDEO_THS7303=m - VIDEO_I2C=m - VIDEO_ST_MIPID02=n - VIDEO_GS1662=m - DVB_S5H1432=m - DVB_DIB9000=m - DVB_CXD2880=m - DVB_MN88443X=m - DVB_LNBH29=m - DVB_LGS8GL5=m - Graphics - DRM_AMD_DC_DCN2_0=y - DRM_AMD_DC_DSC_SUPPORT=y - DRM_I915_FORCE_PROBE="" - DRM_I915_DEBUG_MMIO=n - DRM_I915_USERFAULT_AUTOSUSPEND=250 - DRM_I915_SPIN_REQUEST=5 - DRM_PANEL_OSD_OSD101T2587_53TS=m - DRM_PANEL_SAMSUNG_S6E63M0=m - Sound - SND_SOC_INTEL_CML_H=m - SND_SOC_INTEL_CML_LP=m - SND_SOC_INTEL_BYT_CHT_CX2072X_MACH=m - SND_SOC_SOF_COMETLAKE_LP_SUPPORT=y - SND_SOC_SOF_COMETLAKE_H_SUPPORT=y - SND_SOC_CX2072X=m - InfiniBand - RDMA_SIW=m - Platform specific drivers - XIAOMI_WMI=m - ACPI_CMPC=m - SAMSUNG_Q10=m - INTEL_SPEED_SELECT_INTERFACE=m - CROS_EC_ISHTP=m - WILCO_EC_EVENTS=m - WILCO_EC_TELEMETRY=m - Industrial I/O - XILINX_XADC=n - ADF4371=n - DPS310=n - LEDs - LEDS_SPI_BYTE=m - LEDS_TI_LMU_COMMON=m - LEDS_LM3697=m - LEDS_LM36274=m - Other drivers - MTD_HYPERBUS=m - HBMC_AM654=m - XILINX_SDFEC=n - GPIO_XILINX=m - WATCHDOG_OPEN_TIMEOUT=0 - MFD_CS47L15=y - MFD_CS47L92=y - MFD_ROHM_BD70528=n - RTC_DRV_BD70528=m - DW_EDMA=m - DW_EDMA_PCIE=m - COMMON_CLK_SI5341=m - EXTCON_FSA9480=m - NTB_MSI=y - NTB_MSI_TEST=n - RAS_CEC_DEBUG=n - AL_FIC=n - Virtualization - VIRTIO_PMEM=m - Security options - KEYS_REQUEST_CACHE=y - Kernel hardening options - INIT_ON_ALLOC_DEFAULT_ON=n - INIT_ON_FREE_DEFAULT_ON=n - Cryptographic API - CRYPTO_XXHASH=n - CRYPTO_DEV_ATMEL_ECC=m - CRYPTO_DEV_ATMEL_SHA204A=m - Kernel hacking - HEADERS_INSTALL=n - REED_SOLOMON_TEST=n - TEST_BLACKHOLE_DEV=n - TEST_MEMINIT=n - commit 0a6d0d9 ++++ util-linux: - Fix /etc/default/su comments and create /etc/default/runuser (bsc#1121197#31). - Remove /etc/default/su migration from coreutils. ++++ Mesa: - n_drirc-disable-rgb10-for-chromium-on-amd.patch * added totem as another affected application (boo#1142270) ++++ systemd: - Import commit 0f9271c1336c5c9055e75389732a44745d796851 (changes from v242-stable) 07f0549ffe network: do not send ipv6 token to kernel 9d34e79ae8 systemd-mount: don't check for non-normalized WHAT for network FS 5af677680c core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX (bsc#1142099) 29dda7597a random-util: eat up bad RDRAND values seen on AMD CPUs eb6c17c178 util-lib: fix a typo in rdrand 829c20dc8e random-util: rename "err" to "success" 5442366fbf man: rework the description of Aliases and .wants/.requires directories ae71c6f634 docs: typo in arg name replace-irreversible -> replace-irreversibly 09774a5fcb meson: make nologin path build time configurable 69ffeeb0b1 man: add note about systemctl stop return value 4cf14b5513 shared/conf-parser: say "key name" not "lvalue", add dot 4481ca7f86 shared/conf-parser: emit a nicer warning for something like "======" 46f3db894b shared/conf-parser: be nice and ignore lines without "=" 7d928995f7 nspawn: fix memleak in argument parsing 7727e6c0ae resolve: fix memleak 7f32a81976 journal: properly read unaligned le64 integers fa419099e5 activate: move array allocation to heap 815a9fef2a systemctl: print non-elapsing timers as "n/a" not "(null)" a4fc3c88f1 factory: include pam_keyinit.so in PAM factory configuration a453d63315 factory: add comment to PAM file, explaining that the defaults are not useful d9a5a70a59 factory: tighten PAM configuration 5e2d3bf80b test: make sure colors don't confuse our test 5fe3be1334 wait-online: change log level c49b6959d5 systemctl: emit warning when we get an invalid process entry from pid1 and continue 3c9f43eb03 systemctl: do not suggest passing --all if the user passed --state= 5964d1474e man: offline-updates: make dependence on system-update.target explicit a04dd26e03 alloc-util: drop _alloc_ decorator from memdup_suffix0() 7c46a694ca man: add example for setting multiple properties at once 1d72789271 man: CPUShares= is so 2015 45da304673 man: document that WakeSystem= requires privs bed58a06e4 man: document that "systemd-analyze blame/critical-chain" is not useful to track down job latency c5461f31b3 man: be more explicit that Type=oneshot services are not "active" after starting 455ee07abe man: document that the supplementary groups list is initialized from User='s database entry 5f0cb2616a alloc-util: drop _alloc_(2, 3) decorator from memdup_suffix0_multiply() 7bc336794d generator: downgrade Requires= → Wants= of fsck from /usr mount unit 66465c4381 systemctl: allow "cat" on units with bad settings ca937b49da pid1: fix serialization/deserialization of commmands with spaces 4bb3113023 growfs: call crypt_set_debug_level() correctly, skip if not needed 0db716771e cryptsetup: enable libcryptsetup debug logging if we want it c8b9b3956f cryptsetup: set libcryptsetup global log callback too 679b3f6b7f basic/log: fix SYSTEMD_LOG_* parsing error messages 8d6b5158aa units: add SystemCallErrorNumber=EPERM to systemd-portabled.service 6681fcd445 network: fix the initial value of the counter for brvlan 853ec5f458 man: Add some notes about variable $prefix for StateDirectory= e6d23358e9 sd-netlink: fix inverted log message 6feb862407 blockdev: filter out invalid block devices early 9f7c0dbc75 blockdev-util: propagate actual error 3f5355bcb9 man: document tmpfiles.d/ user/group resolvability needs c15b92cd98 man: fix wrong udev property name 9768a900d6 meson: drop duplicated source 15194f22ed cryptsetup-generator: fix luks-* entry parsing from crypttab c2475390b4 core: skip whitespace after "|" and "!" in the condition parser fdc754aeb7 shared/condition: fix printing of ConditionNull= 572385e135 test: add testcase for issue #12883 9aa1edddb0 conf-parser: fix continuation handling 8fbc72f45f networkd: fix link_up() (#12505) ++++ zstd: - Update to version 1.4.1: * bug: Fix data corruption in niche use cases by @terrelln (#1659) * bug: Fuzz legacy modes, fix uncovered bugs by @terrelln (#1593, #1594, #1595) * bug: Fix out of bounds read by @terrelln (#1590) * perf: Improve decode speed by ~7% @mgrice (#1668) * perf: Slightly improved compression ratio of level 3 and 4 (ZSTD_dfast) by @cyan4973 (#1681) * perf: Slightly faster compression speed when re-using a context by @cyan4973 (#1658) * perf: Improve compression ratio for small windowLog by @cyan4973 (#1624) * perf: Faster compression speed in high compression mode for repetitive data by @terrelln (#1635) * api: Add parameter to generate smaller dictionaries by @tyler-tran (#1656) * cli: Recognize symlinks when built in C99 mode by @felixhandte (#1640) * cli: Expose cpu load indicator for each file on -vv mode by @ephiepark (#1631) * cli: Restrict read permissions on destination files by @chungy (#1644) * cli: zstdgrep: handle -f flag by @felixhandte (#1618) * cli: zstdcat: follow symlinks by @vejnar (#1604) * doc: Remove extra size limit on compressed blocks by @felixhandte (#1689) * doc: Fix typo by @yk-tanigawa (#1633) * doc: Improve documentation on streaming buffer sizes by @cyan4973 (#1629) * build: CMake: support building with LZ4 @leeyoung624 (#1626) * build: CMake: install zstdless and zstdgrep by @leeyoung624 (#1647) * build: CMake: respect existing uninstall target by @j301scott (#1619) * build: Make: skip multithread tests when built without support by @michaelforney (#1620) * build: Make: Fix examples/ test target by @sjnam (#1603) * build: Meson: rename options out of deprecated namespace by @lzutao (#1665) * build: Meson: fix build by @lzutao (#1602) * build: Visual Studio: don't export symbols in static lib by @scharan (#1650) * build: Visual Studio: fix linking by @absotively (#1639) * build: Fix MinGW-W64 build by @myzhang1029 (#1600) * misc: Expand decodecorpus coverage by @ephiepark (#1664) ++++ openssh: - ssh-askpass: Try a fallback if the other option is not available ++++ u-boot-rpiarm64: - Handle patch list automatically in spec file from update_git.sh - Add u-boot-qemu-riscv64smode ++++ util-linux-systemd: - Fix /etc/default/su comments and create /etc/default/runuser (bsc#1121197#31). - Remove /etc/default/su migration from coreutils. ------------------------------------------------------------------ ------------------ 2019-7-21 - Jul 21 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "netfilter: conntrack: remove helper hook again" (http://lkml.kernel.org/r/20190718092128.zbw4qappq6jsb4ja@breakpoint.cc). - commit 8e9a006 - Linux 5.2.2 (bnc#1012628). - x86/entry/32: Fix ENDPROC of common_spurious (bnc#1012628). - crypto/NX: Set receive window credits to max number of CRBs in RxFIFO (bnc#1012628). - crypto: talitos - fix hash on SEC1 (bnc#1012628). - crypto: talitos - move struct talitos_edesc into talitos.h (bnc#1012628). - s390/qdio: don't touch the dsci in tiqdio_add_input_queues() (bnc#1012628). - s390/qdio: (re-)initialize tiqdio list entries (bnc#1012628). - s390: fix stfle zero padding (bnc#1012628). - s390/ipl: Fix detection of has_secure attribute (bnc#1012628). - ARC: hide unused function unw_hdr_alloc (bnc#1012628). - x86/irq: Seperate unused system vectors from spurious entry again (bnc#1012628). - x86/irq: Handle spurious interrupt after shutdown gracefully (bnc#1012628). - x86/ioapic: Implement irq_get_irqchip_state() callback (bnc#1012628). - genirq: Add optional hardware synchronization for shutdown (bnc#1012628). - genirq: Fix misleading synchronize_irq() documentation (bnc#1012628). - genirq: Delay deactivation in free_irq() (bnc#1012628). - firmware: improve LSM/IMA security behaviour (bnc#1012628). - drivers: base: cacheinfo: Ensure cpu hotplug work is done before Intel RDT (bnc#1012628). - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header (bnc#1012628). - Input: synaptics - enable SMBUS on T480 thinkpad trackpad (bnc#1012628). - e1000e: start network tx queue only when link is up (bnc#1012628). - Revert "e1000e: fix cyclic resets at link up with active tx" (bnc#1012628). - commit 93f0a54 ------------------------------------------------------------------ ------------------ 2019-7-20 - Jul 20 2019 ------------------- ------------------------------------------------------------------ ++++ shadow: - shadow-login_defs-suse.patch: Set ALWAYS_SET_PATH default to "yes" (bsc#353876#c7). ------------------------------------------------------------------ ------------------ 2019-7-19 - Jul 19 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Update to 7.65.3 * progress: make the progress meter appear again ++++ dracut: - Update to version 049+git104.1244eed7: * mkinitrd-suse.sh: remove trailing "|" ++++ hwinfo: - merge gh#openSUSE/hwinfo#81 - fix DASD detection (bsc#1136475) - don't include bcache devices - 21.67 ++++ python3-core: - boo#1141853 (CVE-2018-20852) add CVE-2018-20852-cookie-domain-check.patch fixing http.cookiejar.DefaultPolicy.domain_return_ok which did not correctly validate the domain: it could be tricked into sending cookies to the wrong server. ++++ python3: - boo#1141853 (CVE-2018-20852) add CVE-2018-20852-cookie-domain-check.patch fixing http.cookiejar.DefaultPolicy.domain_return_ok which did not correctly validate the domain: it could be tricked into sending cookies to the wrong server. ------------------------------------------------------------------ ------------------ 2019-7-18 - Jul 18 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-06-8640f848c6677f1149b9765a8c86135956604007.patch * Make systemd detection cgroup oblivious (bsc#1140647) systemd can work in three exclusive cgroup modes: legacy, hybrid and unified. The mode affects where and what cgroup hierarchies are mounted. detect running systemd as systemd itself does it (src/libsystemd/sd-daemon/sd-daemon.c, function sd_booted) ++++ dracut: - Update to version 049+git103.c8d99b62: * Add support for compressed kernel modules (boo#1135854) - Update to version 049+git102.9ee0c387: * dracut-install: Add support for compressed firmware files (boo#1136677) - Update to version 049+git101.17c579a0: * call netroot on wicked dhcp setup * nfsroot follow ifcfg settings for boot protocol - Update to version 049+git99.76df40e7: * 95fcoe: Fix startup when fcoe module is included (boo#1136977) * tests: Ignore .testdir * Add support for riscv64 * mkinitrd-suse.sh: simplify get_kernel_version (bsc#1139939) * 95dasd-rules & 95zfcp_rules: Look for correct rule name (bsc#1137784) ++++ grub2: - Revert grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch until merged by upstream (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229). ++++ libgcrypt: - Fixed a race condition in initialization. * Added libgcrypt-1.8.4-allow_FSM_same_state.patch - Security fix: [bsc#1138939, CVE-2019-12904] * The C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) * Added patches: - libgcrypt-CVE-2019-12904-GCM-Prefetch.patch - libgcrypt-CVE-2019-12904-GCM.patch - libgcrypt-CVE-2019-12904-AES.patch - Fixed env-script-interpreter in cavs_driver.pl ++++ libvirt: - cpu_map: Add Cascadelake-Server CPU model e0246257-cputest-add-data-for-Cascadelake-Server.patch, 2878278c-cpu_map-add-Cascaselake-Server.patch, 4a0f604d-cpu_map-distribute-Cascaselake-Server.patch bsc#1141251 ++++ podman: - Update libpod.conf to use better versioned pause container ++++ python-six: - Simplify the pytest call ++++ u-boot-rpiarm64: - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.07 * Patches added: 0009-ARM-exynos5-Try-to-boot-on-mmc2-bef.patch ------------------------------------------------------------------ ------------------ 2019-7-17 - Jul 17 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Update to 7.65.2 * Bugfixes: - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH - CMake: Fix finding Brotli on case-sensitive file systems - CURLOPT_RANGE.3: Caution against using it for HTTP PUT - CURLOPT_SEEKDATA.3: fix variable name - bindlocal: detect and avoid IP version mismatches in bind() - build: fix Codacy warnings - c-ares: honor port numbers in CURLOPT_DNS_SERVERS - config-os400: add getpeername and getsockname defines - configure: --disable-progress-meter - configure: fix --disable-code-coverage - configure: more --disable switches to toggle off individual features - configure: remove CURL_DISABLE_TLS_SRP - conn_maxage: move the check to prune_dead_connections() - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds - docs: Explain behavior change in --tlsv1. options since 7.54 - docs: Fix links to OpenSSL docs - docs: fix string suggesting HTTP/2 is not the default - headers: Remove no longer exported functions - http2: call done_sending on end of upload - http2: don't call stream-close on already closed streams - http2: remove CURL_DISABLE_TYPECHECK define - http: allow overriding timecond with custom header - http: clarify header buffer size calculation - krb5: fix compiler warning - lib: Use UTF-8 encoding in comments - libcurl: Restrict redirect schemes to HTTP, HTTPS, FTP and FTPS - multi: enable multiplexing by default (again) - multi: fix the transfer hashes in the socket hash entries - multi: make sure 'data' can present in several sockhash entries - netrc: Return the correct error code when out of memory - nss: don't set unused parameter - nss: inspect returnvalue of token check - nss: only cache valid CRL entries - openssl: define HAVE_SSL_GET_SHUTDOWN based on version number - openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined - openssl: fix pubkey/signature algorithm detection in certinfo - os400: make vsetopt() non-static as Curl_vsetopt() for os400 support - quote.d: asterisk prefix works for SFTP as well - runtests: keep logfiles around by default - runtests: report single test time + total duration - test1165: verify that CURL_DISABLE_ symbols are in sync - test1521: adapt to SLISTPOINT - test1523: test CURLOPT_LOW_SPEED_LIMIT - test153: fix content-length to avoid occasional hang - test188/189: fix Content-Length - tests: have runtests figure out disabled features - tests: support non-localhost HOSTIP for dict/smb servers - tests: update fixed IP for hostip/clientip split - tool_cb_prg: Fix integer overflow in progress bar - typecheck: CURLOPT_CONNECT_TO takes an slist too - typecheck: add 3 missing strings and a callback data pointer - unit1654: cleanup on memory failure - unpause: trigger a timeout for event-based transfers - url: Fix CURLOPT_MAXAGE_CONN time comparison - Rebased patch curl-use_OPENSSL_config.patch - Disable new added failing test1165 ++++ open-iscsi: - Ensure /etc/iscsi/initiatorname.iscsi has reproducible size works around https://github.com/rpm-software-management/rpm/pull/229, updating the SPEC file ++++ zlib: - Update the s390 patchset bsc#1137624: * 410.patch ++++ podman: - Update libpod.conf to use official kubic pause container ------------------------------------------------------------------ ------------------ 2019-7-16 - Jul 16 2019 ------------------- ------------------------------------------------------------------ ++++ cni: - Update to version 0.7.1 (bsc#1160460): * Library changes: + invoke : ensure custom envs of CNIArgs are prepended to process envs + add GetNetworkListCachedResult to CNI interface + delegate : allow delegation funcs override CNI_COMMAND env automatically in heritance * Documentation & Convention changes: + Update cnitool documentation for spec v0.4.0 + Add cni-route-override to CNI plugin list * Build and test changes: + Release: bump go to v1.12 ++++ kernel-default: - rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE kernel RT and Azure variants are excluded for the moment. (bsc#1141600) - commit 620816f ++++ pam-config: - Update to version 1.1: - enhance comments in common-*-pc files ------------------------------------------------------------------ ------------------ 2019-7-15 - Jul 15 2019 ------------------- ------------------------------------------------------------------ ++++ branding-openSUSE: - Bump to 15.2 ++++ mozilla-nss: - update to NSS 3.45 (bsc#1141322) * New function in pk11pub.h: PK11_FindRawCertsWithSubject * The following CA certificates were Removed: CN = Certinomis - Root CA (bmo#1552374) * Implement Delegated Credentials (draft-ietf-tls-subcerts) (bmo#1540403) This adds a new experimental function SSL_DelegateCredential Note: In 3.45, selfserv does not yet support delegated credentials (See bmo#1548360). Note: In 3.45 the SSLChannelInfo is left unmodified, while an upcoming change in 3.46 will set SSLChannelInfo.authKeyBits to that of the delegated credential for better policy enforcement (See bmo#1563078). * Replace ARM32 Curve25519 implementation with one from fiat-crypto (bmo#1550579) * Support static linking on Windows (bmo#1551129) * Expose a function PK11_FindRawCertsWithSubject for finding certificates with a given subject on a given slot (bmo#1552262) * Add IPSEC IKE support to softoken (bmo#1546229) * Add support for the Elbrus lcc compiler (<=1.23) (bmo#1554616) * Expose an external clock for SSL (bmo#1543874) This adds new experimental functions: SSL_SetTimeFunc, SSL_CreateAntiReplayContext, SSL_SetAntiReplayContext, and SSL_ReleaseAntiReplayContext. The experimental function SSL_InitAntiReplay is removed. * Various changes in response to the ongoing FIPS review (bmo#1546477) Note: The source package size has increased substantially due to the new FIPS test vectors. This will likely prompt follow-on work, but please accept our apologies in the meantime. ++++ mozilla-nspr: - update to version 4.21 * Use MAP_SHARED for read-only file mappings on MacOS and Android. * Changed prbit.h to use builtin function on aarch64. * Test program build fixes. * Minor fixes to support unified builds. * Update library copyright notices. * Removed Gonk/B2G references. ++++ shadow: - bsc#1141113: Fix segfault in useradd * Add shadow-4.6-bsc1141113-useradd-segfault.patch ++++ suse-module-tools: - Update to version 15.2.4: * sg.conf: avoid file conflict with system-tuning-common-SUSE ------------------------------------------------------------------ ------------------ 2019-7-14 - Jul 14 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Linux 5.2.1 (bnc#1012628). - staging: rtl8712: reduce stack usage, again (bnc#1012628). - staging: bcm2835-camera: Handle empty EOS buffers whilst streaming (bnc#1012628). - staging: bcm2835-camera: Remove check of the number of buffers supplied (bnc#1012628). - staging: bcm2835-camera: Ensure all buffers are returned on disable (bnc#1012628). - staging: bcm2835-camera: Replace spinlock protecting context_map with mutex (bnc#1012628). - staging: fsl-dpaa2/ethsw: fix memory leak of switchdev_work (bnc#1012628). - staging: vchiq: revert "switch to wait_for_completion_killable" (bnc#1012628). - staging: vchiq: make wait events interruptible (bnc#1012628). - staging: vchiq_2835_arm: revert "quit using custom down_interruptible()" (bnc#1012628). - VMCI: Fix integer overflow in VMCI handle arrays (bnc#1012628). - Revert "x86/build: Move _etext to actual end of .text" (bnc#1012628). - carl9170: fix misuse of device driver API (bnc#1012628). - coresight: tmc-etf: Do not call smp_processor_id from preemptible (bnc#1012628). - coresight: tmc-etr: alloc_perf_buf: Do not call smp_processor_id from preemptible (bnc#1012628). - coresight: tmc-etr: Do not call smp_processor_id() from preemptible (bnc#1012628). - coresight: etb10: Do not call smp_processor_id from preemptible (bnc#1012628). - coresight: Potential uninitialized variable in probe() (bnc#1012628). - iio: adc: stm32-adc: add missing vdda-supply (bnc#1012628). - binder: return errors from buffer copy functions (bnc#1012628). - binder: fix memory leak in error path (bnc#1012628). - lkdtm: support llvm-objcopy (bnc#1012628). - HID: Add another Primax PIXART OEM mouse quirk (bnc#1012628). - staging: mt7621-pci: fix PCIE_FTS_NUM_LO macro (bnc#1012628). - staging: comedi: amplc_pci230: fix null pointer deref on interrupt (bnc#1012628). - staging: bcm2835-camera: Restore return behavior of ctrl_set_bitrate() (bnc#1012628). - staging: wilc1000: fix error path cleanup in wilc_wlan_initialize() (bnc#1012628). - staging: comedi: dt282x: fix a null pointer deref on interrupt (bnc#1012628). - p54: fix crash during initialization (bnc#1012628). - drivers/usb/typec/tps6598x.c: fix 4CC cmd write (bnc#1012628). - drivers/usb/typec/tps6598x.c: fix portinfo width (bnc#1012628). - usb: renesas_usbhs: add a workaround for a race condition of workqueue (bnc#1012628). - usb: dwc2: use a longer AHB idle timeout in dwc2_core_reset() (bnc#1012628). - usb: gadget: ether: Fix race between gether_disconnect and rx_submit (bnc#1012628). - usb: gadget: f_fs: data_len used before properly set (bnc#1012628). - p54usb: Fix race between disconnect and firmware loading (bnc#1012628). - Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled" (bnc#1012628). - USB: serial: option: add support for GosunCn ME3630 RNDIS mode (bnc#1012628). - USB: serial: ftdi_sio: add ID for isodebug v1 (bnc#1012628). - mwifiex: Don't abort on small, spec-compliant vendor IEs (bnc#1012628). - Documentation/admin: Remove the vsyscall=native documentation (bnc#1012628). - Documentation: Add section about CPU vulnerabilities for Spectre (bnc#1012628). - x86/tls: Fix possible spectre-v1 in do_get_thread_area() (bnc#1012628). - x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg() (bnc#1012628). - perf header: Assign proper ff->ph in perf_event__synthesize_features() (bnc#1012628). - perf thread-stack: Fix thread stack return from kernel for kernel-only case (bnc#1012628). - perf pmu: Fix uncore PMU alias list for ARM64 (bnc#1012628). - perf intel-pt: Fix itrace defaults for perf script intel-pt documentation (bnc#1012628). - perf auxtrace: Fix itrace defaults for perf script (bnc#1012628). - perf intel-pt: Fix itrace defaults for perf script (bnc#1012628). - block, bfq: NULL out the bic when it's no longer valid (bnc#1012628). - block: fix .bi_size overflow (bnc#1012628). - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations (bnc#1012628). - tpm: Actually fail on TPM errors during "get random" (bnc#1012628). - ALSA: hda/realtek - Headphone Mic can't record after S3 (bnc#1012628). - ALSA: usb-audio: Fix parse of UAC2 Extension Units (bnc#1012628). - media: stv0297: fix frequency range limit (bnc#1012628). - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length (bnc#1012628). - fscrypt: don't set policy for a dead directory (bnc#1012628). - crypto: talitos - rename alternative AEAD algos (bnc#1012628). - crypto: lrw - use correct alignmask (bnc#1012628). - commit 51ca500 ------------------------------------------------------------------ ------------------ 2019-7-13 - Jul 13 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Add glib2-keyfile-handle-filename-being-null.patch: key file: Handle filename being NULL (glgo#GNOME/GLib!1825, glgo#GNOME/GLib#984). ++++ harfbuzz: - Update to version 2.5.3: + Fix UCD script data for Unicode 10+ scripts. This was broken since 2.5.0. + More optimizations for HB_TINY. - Changes from version 2.5.2: + More hb-config.hh facilities to shrink library size, namely when built as HB_TINY. + New documentation of custom configurations in CONFIG.md. + Fix build on gcc 4.8. That's supported again. + Universal Shaping Engine improvements. + API Changes: Undeprecate some horizontal-kerning API and re-enable in hb-ft, such that Type1 fonts will continue kerning. - Changes from version 2.5.1: + Fix build with various versions of Visual Studio. + Improved documentation. + Bugfix in subsetting glyf table. + Improved scripts for cross-compiling for Windows using mingw. + Rename HB_MATH_GLYPH_PART_FLAG_EXTENDER to HB_OT_MATH_GLYPH_PART_FLAG_EXTENDER. A deprecated macro is added for backwards-compatibility. - Changes from version 2.5.0: + This release does not include much functional changes, but includes major internal code-base changes. We now require C++11. Support for gcc 4.8 and earlier has been dropped. + New hb-config.hh facility for compiling smaller library for embedded and web usecases. + New Unicode Character Databse implementation that is half the size of previously-used UCDN. + Subsetter improvements. + Improved documentation. + isc shaping fixes. - Changes from version 2.4.0: + Unicode 12. + Misc fixes. + Subsetter improvements. + New API: HB_BUFFER_FLAG_DO_NOT_INSERT_DOTTED_CIRCLE and hb_directwrite_face_create(). ------------------------------------------------------------------ ------------------ 2019-7-12 - Jul 12 2019 ------------------- ------------------------------------------------------------------ ++++ Mesa: - Add v3d support (VC5/V6 driver) for %arm and aarch64 - Add kmsro for %arm and aarch64 ------------------------------------------------------------------ ------------------ 2019-7-11 - Jul 11 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: bpfilter: print umh messages to /dev/kmsg (bsc#1140221). - commit 139acc9 ++++ Mesa: - U_llvmpipe-Don-t-use-u_ringbuffer-for-lp_scene_queue.patch * may fix crashes in llvmpipe on SMP systems with LTO enabled builds (boo#1133265) ++++ zlib: - Tweak zlib-power8-fate325307.patch to have type of crc32_vpmsum conform to usage bsc#1141059 ++++ zstd: - Add baselibs.conf: libarchive gained zstd support and provides - 32bit libraries. This means, zstd also needs to provide -32bit libs. ++++ selinux-policy: - Update to refpolicy 20190609. New modules for stubby and several systemd updates, including initial support for systemd --user sessions. Refreshed * label_var_run_rsyslog.patch * suse_modifications_cron.patch * suse_modifications_logging.patch * suse_modifications_ntp.patch * suse_modifications_usermanage.patch * suse_modifications_xserver.patch * sysconfig_network_scripts.patch ------------------------------------------------------------------ ------------------ 2019-7-10 - Jul 10 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Update documentation The kiwi-descriptions repository has been moved into the OSInside organisation (cherry picked from commit 70bc4fdda17bab4d6760c708ac5b8c2d77139466) ++++ ebtables: - fix path (/sbin -> /usr/sbin) in ebtables.systemd [bsc#1140898] ++++ gstreamer: - Fix meson script using sed: since we rename gst-plugin-helper for multi arch purpose, we also need to fix meson.build to make the code look for the correct name (boo#1140998). ++++ kernel-default: - rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in 5.2. - commit eb88df3 ++++ parted: - changed: parted-fix-crash-due-to-improper-partition-number-in.patch Changed the patch to behave in the same way like before last change for numbers with leading zeroes. ++++ libsolv: - Add -ffat-lto-objects to $optflags as the package provides static libraries - Remove NO_BRP_STRIP_DEBUG=true as brp-15-strip-debug will not strip debug info for archives ++++ podman: - Update libpod.conf to match latest features set: detach_keys, lock_type, runtime_supports_json ++++ salt: - virt.volume_infos: don't raise an error if there is no VM - Added: * virt-1.volume_infos-fix-for-single-vm.patch ++++ raspberrypi-firmware: - Fix %post scripts to copy RPi4 firmware files too - Add %preun to remove files from EFI partition - Move Pi4 debug firmware to its own package extra-pi4 due to limited size on EFI partition - Update to 025759b8 (2019-07-09): * firmware: hvs: Emulate the EOLn interrupt with a timer reset from VSTART See: #1154 * firmware: Add support for Rec2020 colour space in vc_image, IL, and MMAL * firmware: Fix composite mode on devices up to Pi3B+ See: #1166 * firmware: Fixes for core_freq_min causing failure on HDMI1 See: http://git/vc4/vc4/merge_requests/529 * firmware: hdmi: Don't release previous boost until mode set is complete See: #1159 * firmware: bcm_host: Adjust for 64-bit physical addresses See: #1161 * firmware: arm_loader: Shrink most stubs back to 256 bytes, add arm64 GIC stub See: raspberrypi/linux#3032 * firmware: arm_dispmanx: Add support for setting the colour encoding * firmware: dmalib: Fix Lite channel interrupt usage, and macro name * firmware: Force overscan off when using LCDs See: #1173 * firmware: cec: Fix crash when using CEC with HDMI1 * firmware: arm_display: Fix race condition initialising CEC * firmware: hdmi: Always use boost frequency for initial mode set See: #1159 * firmware: AWB: Fix usage for IR operation See: #1167 * firmware: arm_loader: Support CLOCK_EMMC2 from GET_CLOCK_RATE See: #1179 * firmware: arm_loader: Force word alignment for the DTB See: #1175 * firmware: clock_2711: don't set reserved values for KA in PLL KAIP registers * firmware: Assorted minor fixes for tvservice -o * firmware: Rename hdmi_enable_4k to hdmi_enable_4kp60 * frimware: Revert: clock_2711: don't set reserved values for KA in PLL KAIP registers ++++ raspberrypi-firmware-config: - Fix %post scripts to copy RPi4 firmware files too - Add %preun to remove files from EFI partition - Move Pi4 debug firmware to its own package extra-pi4 due to limited size on EFI partition - Update to 025759b8 (2019-07-09): * firmware: hvs: Emulate the EOLn interrupt with a timer reset from VSTART See: #1154 * firmware: Add support for Rec2020 colour space in vc_image, IL, and MMAL * firmware: Fix composite mode on devices up to Pi3B+ See: #1166 * firmware: Fixes for core_freq_min causing failure on HDMI1 See: http://git/vc4/vc4/merge_requests/529 * firmware: hdmi: Don't release previous boost until mode set is complete See: #1159 * firmware: bcm_host: Adjust for 64-bit physical addresses See: #1161 * firmware: arm_loader: Shrink most stubs back to 256 bytes, add arm64 GIC stub See: raspberrypi/linux#3032 * firmware: arm_dispmanx: Add support for setting the colour encoding * firmware: dmalib: Fix Lite channel interrupt usage, and macro name * firmware: Force overscan off when using LCDs See: #1173 * firmware: cec: Fix crash when using CEC with HDMI1 * firmware: arm_display: Fix race condition initialising CEC * firmware: hdmi: Always use boost frequency for initial mode set See: #1159 * firmware: AWB: Fix usage for IR operation See: #1167 * firmware: arm_loader: Support CLOCK_EMMC2 from GET_CLOCK_RATE See: #1179 * firmware: arm_loader: Force word alignment for the DTB See: #1175 * firmware: clock_2711: don't set reserved values for KA in PLL KAIP registers * firmware: Assorted minor fixes for tvservice -o * firmware: Rename hdmi_enable_4k to hdmi_enable_4kp60 * frimware: Revert: clock_2711: don't set reserved values for KA in PLL KAIP registers ++++ u-boot-rpiarm64: - Fail on errors building RK3288 SD card images (tinker-rk3288 previously) - Add libretech-cc and libretech-ac - Add u-boot-rock64-rk3328 - reflect upstream config changes in multibuild and spec file: * am335x_evm includes support for am335x_boneblack -- dropped. * Sinovoip BPI M2 Plus is correctly named Bananapi M2 Plus H3 ------------------------------------------------------------------ ------------------ 2019-7-9 - Jul 9 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Fix unknown feature in status message (bsc#1135984) + bug-1135984_cache-support-no_discard_passdown.patch ++++ glib2: - Update to version 2.60.5: + Fix implicit use of the `GKeyfileSettingsBackend`. + Fix opening a URI using the ‘Open URI’ portal. + Bugs fixed: glgo#GNOME/GLib!910, glgo#GNOME/GLib!949, glgo#GNOME/GLib!956, glgo#GNOME/GLib!958, glgo#GNOME/GLib!969, glgo#GNOME/GLib!977. ++++ open-iscsi: - Added latest upstream changes, including: * iscsiuio: update version to 0.7.8.6 * iscsiuio: allow processing of iscsid requests in DHCP failure condition * rec update: disable the idbm_lock in read/write when updating the rec Updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - Disable CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW in config (bsc#1140494) - commit 8d950e4 ++++ util-linux: - De-duplicate fstrim -A properly (bsc#1127701, util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch, util-linux-fstrim-A-4.patch). - Do not trim read-only volumes (boo#1106214, util-linux-fstrim-A-2.patch, util-linux-fstrim-A-4.patch). - libmount: To prevent incorrect behavior, recognize more pseudofs and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch). ++++ Mesa: - Update to version 19.1.2: * Different fixes for the Intel and AMD Vulkan drivers, Freedreno, the Meson build system, and some other fixes for other parts and/or drivers. * Worth to mention a fix for a crash in Wolfenstein II with the RADV driver, and another fix relevant for DXVK on Intel gen7 drivers. - Update Source urls from ftp to https. ++++ lvm2: - Fix unknown feature in status message (bsc#1135984) + bug-1135984_cache-support-no_discard_passdown.patch ++++ u-boot-rpiarm64: - Fix build of u-boot-rock960-rk3399 by adding required python-pyelftools dep - Update to v2019.07: * Fix booting for wandboard * DWC and i.MX6 fixes * usb: dwc3: fixes * usb: ehci-mx6: Fix bus enumeration for DM case * rockchip: make_fit_atf.py: fix loadables property set error * rockchip: rk3288: enable TPL for tinker-board * spl: atf: Fix uninitialized pointer to bl31_image_info * poplar: increase SYS_MALLOC_F_LEN for DM_FLAG_PRE_RELOC support * UEFI: The definition of an unimplemented function is corrected. * ARM: uniphier: fixes * rockchip: rk3399: fixes * efi_loader: lots of fixes * armv8: fix typo in LINUX_KERNEL_IMAGE_HEADER check - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.07 * Patches upstreamed: 0009-armv8-fix-typo-in-LINUX_KERNEL_IMAG.patch 0010-poplar-increase-SYS_MALLOC_F_LEN-fo.patch ++++ util-linux-systemd: - De-duplicate fstrim -A properly (bsc#1127701, util-linux-fstrim-A-1.patch, util-linux-fstrim-A-3.patch, util-linux-fstrim-A-4.patch). - Do not trim read-only volumes (boo#1106214, util-linux-fstrim-A-2.patch, util-linux-fstrim-A-4.patch). - libmount: To prevent incorrect behavior, recognize more pseudofs and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch). ++++ yast2: - fixed symlink creation in jenkins ------------------------------------------------------------------ ------------------ 2019-7-8 - Jul 8 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.2 final - Eliminated 1 patch - commit b36439f ++++ bzip2: - add bzip2-1.0.6-CVE-2019-12900.patch to fix an out-of-bounds write in decompress.c when there are many nSelectors used in a loop to access selectorMtf [bsc#1139083] [CVE-2019-12900] ++++ libcontainers-common: - Update to libpod v1.4.4 - Fixed a bug where rootless Podman would attempt to use the entire root configuration if no rootless configuration was present for the user, breaking rootless Podman for new installations - Fixed a bug where rootless Podman's pause process would block SIGTERM, preventing graceful system shutdown and hanging until the system's init send SIGKILL - Fixed a bug where running Podman as root with sudo -E would not work after running rootless Podman at least once - Fixed a bug where options for tmpfs volumes added with the - -tmpfs flag were being ignored - Fixed a bug where images with no layers could not properly be displayed and removed by Podman - Fixed a bug where locks were not properly freed on failure to create a container or pod - Podman now has greatly improved support for containers using multiple OCI runtimes. Containers now remember if they were created with a different runtime using --runtime and will always use that runtime - The cached and delegated options for volume mounts are now allowed for Docker compatability (#3340) - The podman diff command now supports the --latest flag - Fixed a bug where podman cp on a single file would create a directory at the target and place the file in it (#3384) - Fixed a bug where podman inspect --format '{{.Mounts}}' would print a hexadecimal address instead of a container's mounts - Fixed a bug where rootless Podman would not add an entry to container's /etc/hosts files for their own hostname (#3405) - Fixed a bug where podman ps --sync would segfault (#3411) - Fixed a bug where podman generate kube would produce an invalid ports configuration (#3408) - Podman now performs much better on systems with heavy I/O load - The --cgroup-manager flag to podman now shows the correct default setting in help if the default was overridden by libpod.conf - For backwards compatability, setting --log-driver=json-file in podman run is now supported as an alias for - -log-driver=k8s-file. This is considered deprecated, and json-file will be moved to a new implementation in the future ([#3363](https://github.com/containers/libpod/issues/3363)) - Podman's default libpod.conf file now allows the crun OCI runtime to be used if it is installed - Fixed a bug where Podman could not run containers using an older version of Systemd as init (#3295) - Updated vendored Buildah to v1.9.0 to resolve a critical bug with Dockerfile RUN instructions - The error message for running podman kill on containers that are not running has been improved - The Podman remote client can now log to a file if syslog is not available - The MacOS dmg file is experimental, use at your own risk. - The podman exec command now sets its error code differently based on whether the container does not exist, and the command in the container does not exist - The podman inspect command on containers now outputs Mounts JSON that matches that of docker inspect, only including user-specified volumes and differentiating bind mounts and named volumes - The podman inspect command now reports the path to a container's OCI spec with the OCIConfigPath key (only included when the container is initialized or running) - The podman run --mount command now supports the bind-nonrecursive option for bind mounts (#3314) - Fixed a bug where podman play kube would fail to create containers due to an unspecified log driver - Fixed a bug where Podman would fail to build with musl libc (#3284) - Fixed a bug where rootless Podman using slirp4netns networking in an environment with no nameservers on the host other than localhost would result in nonfunctional networking (#3277) - Fixed a bug where podman import would not properly set environment variables, discarding their values and retaining only keys - Fixed a bug where Podman would fail to run when built with Apparmor support but run on systems without the Apparmor kernel module loaded (#3331) - Remote Podman will now default the username it uses to log in to remote systems to the username of the current user - Podman now uses JSON logging with OCI runtimes that support it, allowing for better error reporting - Updated vendored Buildah to v1.8.4 - Updated vendored containers/image to v2.0 - Update to image v2.0.0 - Add registry mirror support - Include missing man pages (bsc#1139526) - Update to storage v1.12.10 - Add support for UID as well as UserName in /etc/subuid files. - utils: fix check for missing conf file - compression: add support for the zstd algorithm - overlay: cache the results of supported/using-metacopy/use-naive-diff feature tests ++++ podman: - Add podman-remote varlink client - Update podman to v1.4.4 * Features - Podman now has greatly improved support for containers using multiple OCI runtimes. Containers now remember if they were created with a different runtime using --runtime and will always use that runtime - The cached and delegated options for volume mounts are now allowed for Docker compatability (#3340) - The podman diff command now supports the --latest flag * Bugfixes - Fixed a bug where rootless Podman would attempt to use the entire root configuration if no rootless configuration was present for the user, breaking rootless Podman for new installations - Fixed a bug where rootless Podman's pause process would block SIGTERM, preventing graceful system shutdown and hanging until the system's init send SIGKILL - Fixed a bug where running Podman as root with sudo -E would not work after running rootless Podman at least once - Fixed a bug where options for tmpfs volumes added with the --tmpfs flag were being ignored - Fixed a bug where images with no layers could not properly be displayed and removed by Podman - Fixed a bug where locks were not properly freed on failure to create a container or pod - Fixed a bug where podman cp on a single file would create a directory at the target and place the file in it (#3384) - Fixed a bug where podman inspect --format '{{.Mounts}}' would print a hexadecimal address instead of a container's mounts - Fixed a bug where rootless Podman would not add an entry to container's /etc/hosts files for their own hostname (#3405) - Fixed a bug where podman ps --sync would segfault (#3411) - Fixed a bug where podman generate kube would produce an invalid ports configuration (#3408) * Misc - Updated containers/storage to v1.12.13 - Podman now performs much better on systems with heavy I/O load - The --cgroup-manager flag to podman now shows the correct default setting in help if the default was overridden by libpod.conf - For backwards compatability, setting --log-driver=json-file in podman run is now supported as an alias for --log-driver=k8s-file. This is considered deprecated, and json-file will be moved to a new implementation in the future ([#3363](https://github.com/containers/libpo\ d/issues/3363)) - Podman's default libpod.conf file now allows the crun OCI runtime to be used if it is installed ++++ salt: - Prevent ansiblegate unit tests to fail on Ubuntu - Added: * prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch ------------------------------------------------------------------ ------------------ 2019-7-7 - Jul 7 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh tpm: tpm_ibm_vtpm: Fix unallocated banks (boo#1139244). - commit 99f9469 ------------------------------------------------------------------ ------------------ 2019-7-5 - Jul 5 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - config: align CONFIG_PHYSICAL_START and CONFIG_PHYSICAL_ALIGN to default values As suggested in bsc#1067593, our kconfig keeps the old default values while the upstream took different (actually swapped) values for x86 CONFIG_PHYSICAL_START and CONFIG_PHYSICAL_ALIGN. Let's follow the upstream default now. - commit baa2434 - Rename patches.suse/[PATCH]_tpm:_fixes_uninitialized_allocated_banks_for_IBM_vtpm_driver to patches.suse/tpm-fixes-uninitialized-allocated-banks-for-IBM-vtpm-driver.patch Let's not risk some tool somewhere does not handle special characters correctly. - commit 8a3fff9 ++++ makedumpfile: - Also support extended address space with SLE 12 SP5 (bsc#1138451) * refresh makedumpfile-ppc64-VA-range-SUSE.patch ------------------------------------------------------------------ ------------------ 2019-7-4 - Jul 4 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tpm: fixes uninitialized allocated banks for IBM vtpm driver (boo#1139244). - Delete patches.suse/Revert-tpm-pass-an-array-of-tpm_extend_digest-struct.patch. - commit 43ec0a5 ++++ libxml2: - Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit when processing large XML files [bsc#1135123] * Added libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch ------------------------------------------------------------------ ------------------ 2019-7-3 - Jul 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - crypto: user - prevent operating on larval algorithms (bsc#1133401). - Delete patches.suse/crypto-algapi-guard-against-uninitialized-spawn-list.patch. - commit 90eea5d - rpm/dtb.spec.in.in: don't make dtb directory inaccessible There is no reason to lock down the dtb directory for ordinary users. - commit a69437a - Update config files. Set CONFIG_SCSI_SCAN_ASYNC=y (bnc#1137686). - commit a156b11 - config: switch to SLUB allocator (Jira:PM-1158) - new config options: - SLUB=y - SLUB_DEBUG=y - SLUB_MEMCG_SYSFS_ON=y - SLAB_FREELIST_HARDENED=n - SLUB_CPU_PARTIAL=y - SLUB_DEBUG_ON=n - SLUB_STATS=n - commit 0ab8cfd ++++ libdrm: - Update to version 2.4.99 * bug fixes ++++ python3-core: - bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch which fixes regression introduced by the previous patch. (CVE-2019-10160) Upstream gh#python/cpython#13812 ++++ zeromq: - CVE-2019-13132.patch: Fix an unauthenticated remote code execution due to a stack overflow on the server (bsc#1140255, CVE-2019-13132) ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#122 - Replace --suse-signed-grub by --suse-force-signed to follow update from boo#1136601 - 0.925 ++++ python3: - bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch which fixes regression introduced by the previous patch. (CVE-2019-10160) Upstream gh#python/cpython#13812 ++++ salt: - Allow passing kwargs to pkg.list_downloaded for Zypper (bsc#1140193) - Added: * allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch ++++ yast2: - Infer the right module name from desktop files (bsc#1140233). - 4.2.12 ------------------------------------------------------------------ ------------------ 2019-7-2 - Jul 2 2019 ------------------- ------------------------------------------------------------------ ++++ multipath-tools: - Update to version 0.7.9+164+suse.e41fbd9: * libmultipath: trigger uevents for partitions, too (bsc#1140146) - Spec file: backported some modernizations from Factory * Remove unused /var/cache/multipath directory * Remove check for multipath maps in %pre and %post * Remove SLE11-specific multipathd service stop / start from %pre / %post * Remove obsolete tools from package description (bsc#1129827) * Add -n to %service_del_{pre,post}un for multipathd.socket ++++ expat: - Security fix (CVE-2018-20843, bsc#1139937) * Large number of colons in input makes parser consume high amount of resources * Added expat-CVE-2018-20843.patch ++++ freetype2: - Update to version 2.10.1 * The bytecode hinting of OpenType variation fonts was flawed, since the data in the `CVAR' table wasn't correctly applied. * Auto-hinter support for Mongolian. * The handling of the default character in PCF fonts as introduced in version 2.10.0 was partially broken, causing premature abortion of charmap iteration for many fonts. * If `FT_Set_Named_Instance' was called with the same arguments twice in a row, the function returned an incorrect error code the second time. * Direct rendering using FT_RASTER_FLAG_DIRECT crashed (bug introduced in version 2.10.0). * Increased precision while computing OpenType font variation instances. * The flattening algorithm of cubic Bezier curves was slightly changed to make it faster. This can cause very subtle rendering changes, which aren't noticeable by the eye, however. * The auto-hinter now disables hinting if there are blue zones defined for a `style' (i.e., a certain combination of a script and its related typographic features) but the font doesn't contain any characters needed to set up at least one blue zone. - Add tarball signatures and freetype2.keyring ++++ libgcrypt: - Fixed redundant fips tests in some situations causing sudo to stop working when pam-kwallet is installed. bsc#1133808 * Added libgcrypt-1.8.4-fips_ctor_skip_integrity_check.patch * Removed libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch because it was obsoleted by libgcrypt-1.8.4-fips_ctor_skip_integrity_check.patch ++++ libxslt: - Security fix: [bsc#1140101, CVE-2019-13118] * Fix uninitialized read with UTF-8 grouping chars. Read of uninitialized stack data due to too narrow xsl:number instruction and an invalid character * Added libxslt-CVE-2019-13118.patch - Security fix: [bsc#1140095, CVE-2019-13117] * Fix uninitialized read of xsl:number token. An xsl number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers * Added libxslt-CVE-2019-13117.patch ++++ zlib: - Use FAT LTO objects in order to provide proper static library. ++++ timezone: - timezone update 2019b (bsc#1140016): * Brazil no longer observes DST. * 'zic -b slim' outputs smaller TZif files. * Palestine's 2019 spring-forward transition was on 03-29, not 03-30. * Add info about the Crimea situation. ------------------------------------------------------------------ ------------------ 2019-7-1 - Jul 1 2019 ------------------- ------------------------------------------------------------------ ++++ gstreamer: - Use libunwind only if available ++++ util-linux: - Fix license of libraries: LGPL-2.1-or-later and BSD-3-Clause for libuuid (bsc#1135708). ++++ parted: - port fixes for various bugs from upstream (bsc#1136245) - add: libparted-dasd-correct-the-offset-where-the-first-pa.patch 4126d02, correct the offset where the first partition begins. This patch implements libparted-dasd-do-not-use-first-tracks.patch - remove: libparted-dasd-do-not-use-first-tracks.patch - add: parted-fix-crash-due-to-improper-partition-number-in.patch 149f009, fix crash due to improper partition number input, changed call to strtol, use base 0 to fit our parted-type.patch - modify: parted-type.patch (removed ui.c part) - add: parted-check-the-name-of-partition-first-when-to-nam.patch d7a2ff1, check the name of partition first when to name a partition - add: libparted-dasd-add-test-cases-for-the-new-fdasd-func.patch c11f5c0, 571e078, add test cases for the new fdasd functions - add: libparted-dasd-add-an-exception-for-changing-DASD-LD.patch ee2c0c2, add an exception for changing DASD-LDL partition table - add: libpartd-dasd-improve-flag-processing-for-DASD-LDL.patch 1545d6d, improve flag processing for DASD-LDL - add: clean-the-disk-information-when-commands-fail-in-int.patch 5a61f15, clean the disk information when commands fail in interactive mode - add: parted-ui-remove-unneccesary-information-of-command.patch 0b7946a, remove unneccesary information of command line - add: parted-fix-wrong-error-label-jump-in-mkpart.patch af150f6, fix wrong error label jump in mkpart - refresh: libparted-dasd-unify-vtoc-handling-for-cdl-ldl.patch 4f25d54, unify vtoc handling for cdl/ldl - refresh: libparted-dasd-update-and-improve-fdasd-functions.patch db37c8c, update and improve fdasd functions - refresh: libparted-dasd-add-new-fdasd-functions.patch b9e1281, add new fdasd functions ++++ systemd: - State directory of systemd-timesync might become inaccessible after upgrading to v240+ (bsc#1137341) This happens for users who had previously used systemd-timesync with DynamicUser=true, ie the ones who upgraded from a systemd version between v235 and v239 to systemd v240 and later (v240 was the version where DynamicUser was switched back to OFF). ++++ suse-module-tools: - Update to version 15.2.3: * softdep of bridge on br_netfilter (bsc#937216, bsc#1134819) ++++ util-linux-systemd: - Fix license of libraries: LGPL-2.1-or-later and BSD-3-Clause for libuuid (bsc#1135708). ++++ yast2: - bsc#1138668 - Fixed failing old testsuite in yast2-dns-server package: do not depend on the environment, skip bind absence in Mode.test() - 4.2.11 ------------------------------------------------------------------ ------------------ 2019-6-30 - Jun 30 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.2-rc7 - Refresh configs - commit 2d405cc - Delete patches.rpmify/BPF-UMH-do-not-detect-if-compiler-can-link-userspace.patch. Obsoleted by the gcc9 cross-compilers with libc. - commit 0e0679b - Revert "tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()" (boo#1139244). - commit b09a129 ------------------------------------------------------------------ ------------------ 2019-6-28 - Jun 28 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh patches.suse/supported-flag. Supported kernel does not build with the patch in master so imported patch from SLE15. - commit 10d9b2c ++++ mozilla-nss: - update to NSS 3.44.1 * (3.44.1) now required by Firefox 68.0 New Functionality: * Add IPSEC IKE support to softoken (bmo#1546229) * Many new FIPS test cases (Note: This has increased the source archive by approximately 50 megabytes for this release.) Bugs fixed: * Optimize away unneeded loop in mpi.c (bmo#1554336) * More thorough input checking (bmo#1515342) * Don't unnecessarily strip leading 0's from key material during PKCS11 import (bmo#1540541) * Add a SSLKEYLOGFILE enable/disable flag at build.sh (bmo#1515236) * Fix SECKEY_ConvertToPublicKey handling of non-RSA keys (bmo#1473806) * Updates to testing for FIPS validation (bmo#1546477) * Prohibit use of RSASSA-PKCS1-v1_5 algorithms in TLS 1.3 (bmo#1552208) * Unbreak build on GCC < 4.3 big-endian (bmo#1551041) - Activate -fPIE -pie during the compile ++++ salt: - Do not make "ansiblegate" module to crash on Python3 minions (bsc#1139761) - Added: * do-not-make-ansiblegate-to-crash-on-python3-minions.patch ------------------------------------------------------------------ ------------------ 2019-6-27 - Jun 27 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Fix using device aliases with lvmetad (bsc#1137296) + bug-1137296_pvremove-vgextend-fix-using-device-aliases-with-lvmetad.patch ++++ kernel-default: - Update config files - Add core options from SLE15 which are not enabled on master for no obvious reason - Add core option from x86 which are not enabled on non-x86 for no obvious reason - Enable fadump Changes: Scheduling: +CONFIG_CONTEXT_TRACKING=y - CONFIG_TICK_CPU_ACCOUNTING=y +CONFIG_VIRT_CPU_ACCOUNTING_GEN=y +CONFIG_VIRT_CPU_ACCOUNTING=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_TASKS_RCU=y +CONFIG_RT_GROUP_SCHED=y mm: +# CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS is not set +CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y +CONFIG_FRONTSWAP=y +CONFIG_ZSWAP=y arc/ppc: +CONFIG_FA_DUMP=y fs: +CONFIG_9P_FSCACHE=y net: +CONFIG_TIPC=m +CONFIG_TIPC_DIAG=m +CONFIG_TIPC_MEDIA_UDP=y misc: - CONFIG_SERIAL_SIFIVE=m +CONFIG_SYSCTL_SYSCALL=y debug&test: +CONFIG_PAGE_EXTENSION=y +CONFIG_PAGE_OWNER=y +CONFIG_DEBUG_MISC=y +CONFIG_RCU_TRACE=y +CONFIG_KGDB_SERIAL_CONSOLE=y +CONFIG_SCOM_DEBUGFS=y +CONFIG_CRYPTO_TEST=m +CONFIG_RCU_TORTURE_TEST=m +CONFIG_TEST_FIRMWARE=m +CONFIG_TEST_LIVEPATCH=m +CONFIG_TEST_LKM=m +CONFIG_TEST_SYSCTL=m +CONFIG_TORTURE_TEST=m - commit ce08519 ++++ Mesa: - Update to version 19.1.1: * Mostly in fixes for different drivers (RADV, ANV, Nouveau, Virgl, V3D, R300g, ...). * Also different fixes for different parts (Meson build, GLX, etc). ++++ lvm2: - Fix using device aliases with lvmetad (bsc#1137296) + bug-1137296_pvremove-vgextend-fix-using-device-aliases-with-lvmetad.patch ++++ raspberrypi-firmware-dt: - Update to 534913e878 (2019-06-18): * Add rpi-4-b device tree * add overlays: i2c3, i2c4, i2c5, i2c6, spi-gpio40-45, spi3-1cs, spi3-2cs, spi4-1cs, spi4-2cs, spi5-1cs, spi5-2cs, spi6-1cs, spi6-2cs, uart2, uart3, uart4, uart5 ------------------------------------------------------------------ ------------------ 2019-6-26 - Jun 26 2019 ------------------- ------------------------------------------------------------------ ++++ podman: - Update podman to v1.4.2 - Fixed a bug where Podman could not run containers using an older version of Systemd as init - Updated vendored Buildah to v1.9.0 to resolve a critical bug with Dockerfile RUN instructions - The error message for running podman kill on containers that are not running has been improved - Podman remote client can now log to a file if syslog is not available - The podman exec command now sets its error code differently based on whether the container does not exist, and the command in the container does not exist - The podman inspect command on containers now outputs Mounts JSON that matches that of docker inspect, only including user-specified volumes and differentiating bind mounts and named volumes - The podman inspect command now reports the path to a container's OCI spec with the OCIConfigPath key (only included when the container is initialized or running) - The podman run --mount command now supports the bind-nonrecursive option for bind mounts - Fixed a bug where podman play kube would fail to create containers due to an unspecified log driver - Fixed a bug where Podman would fail to build with musl libc - Fixed a bug where rootless Podman using slirp4netns networking in an environment with no nameservers on the host other than localhost would result in nonfunctional networking - Fixed a bug where podman import would not properly set environment variables, discarding their values and retaining only keys - Fixed a bug where Podman would fail to run when built with Apparmor support but run on systems without the Apparmor kernel module loaded - Remote Podman will now default the username it uses to log in to remote systems to the username of the current user - Podman now uses JSON logging with OCI runtimes that support it, allowing for better error reporting - Updated vendored containers/image to v2.0 - Update conmon to v0.3.0 - Support OOM Monitor under cgroup V2 - Add config binary and make target for configuring conmon with a go library for importing values ++++ raspberrypi-firmware: - Update to d786b62 (2019-06-25): * firmware: Fix AWB exception bug * firmware: Updates for Pi4 * firmware: 2711: CORE, EMMC & BVB clock updates for WiFi / 4Kp60 * firmware: 711: Use boost instead of fixed freq for 4Kp60 ++++ raspberrypi-firmware-config: - Update to d786b62 (2019-06-25): * firmware: Fix AWB exception bug * firmware: Updates for Pi4 * firmware: 2711: CORE, EMMC & BVB clock updates for WiFi / 4Kp60 * firmware: 711: Use boost instead of fixed freq for 4Kp60 ------------------------------------------------------------------ ------------------ 2019-6-25 - Jun 25 2019 ------------------- ------------------------------------------------------------------ ++++ multipath-tools: - Update to version 0.7.9+163+suse.7993fed: * mpathpersist: optimize for setups with many LUNs (bsc#1134648) * mpathpersist: add option -f/--batch-file (bsc#1134648) * libmultipath: get_prio(): really don't reset prio for inaccessible paths (bsc#1118495) - Upstream bug fixes from dm-devel (bsc#1139369): * multipath: call store_pathinfo with DI_BLACKLIST * multipathd: fix REALLOC_REPLY with max length reply * libmultipath: make vector_foreach_slot_backwards work as expected * multipathd: fix client response for socket activation (bsc#1133861) - hwtable: add Lenovo DE series (bsc#1125507) ------------------------------------------------------------------ ------------------ 2019-6-24 - Jun 24 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix iteration of FCP LUNs (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229). * Refresh grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch ++++ kernel-default: - crypto: algapi - guard against uninitialized spawn list in crypto_remove_spawns (bsc#1133401). - commit 543f67d - fonts: Prefer a bigger font for high resolution screens (bsc#1138496). - fonts: Use BUILD_BUG_ON() for checking empty font table (bsc#1138496). - fonts: Fix coding style (bsc#1138496). - commit f99f70b ++++ freetype2: - Update to version 2.10.0 * A bunch of new functions has been added to access and process COLR/CPAL data of OpenType fonts with color-layered glyphs. * As a GSoC 2018 project, Nikhil Ramakrishnan completely overhauled and modernized the API reference. * The logic for computing the global ascender, descender, and height of OpenType fonts has been slightly adjusted for consistency. * `TT_Set_MM_Blend' could fail if called repeatedly with the same arguments. * The precision of handling deltas in Variation Fonts has been increased.The problem did only show up with multidimensional designspaces. * New function `FT_Library_SetLcdGeometry' to set up the geometry of LCD subpixels. * FreeType now uses the `defaultChar' property of PCF fonts to set the glyph for the undefined character at glyph index 0 (as FreeType already does for all other supported font formats). As a consequence, the order of glyphs of a PCF font if accessed with FreeType can be different now compared to previous versions. This change doesn't affect PCF font access with cmaps. * `FT_Select_Charmap' has been changed to allow parameter value `FT_ENCODING_NONE', which is valid for BDF, PCF, and Windows FNT formats to access built-in cmaps that don't have a predefined `FT_Encoding' value. * A previously reserved field in the `FT_GlyphSlotRec' structure now holds the glyph index. * The usual round of fuzzer bug fixes to better reject malformed fonts. * `FT_Outline_New_Internal' and `FT_Outline_Done_Internal' have been removed.These two functions were public by oversight only and were never documented. * A new function `FT_Error_String' returns descriptions of error codes if configuration macro FT_CONFIG_OPTION_ERROR_STRINGS is defined. * `FT_Set_MM_WeightVector' and `FT_Get_MM_WeightVector' are new functions limited to Adobe MultiMaster fonts to directly set and get the weight vector. ++++ podman: - update dependency for slirp4netns to 0.3.0 or newer ++++ python-gobject: - Update to version 3.32.2: + Python 3.8b1 compatibility fixes. + tests: fix a test error when run under wayland. + setup.py: specify python_requires. ------------------------------------------------------------------ ------------------ 2019-6-23 - Jun 23 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.2-rc6 - Eliminated 5 patches - patches.suse/net-phy-rename-Asix-Electronics-PHY-driver.patch - patches.suse/tcp-limit-payload-size-of-sacked-skbs.patch - patches.suse/tcp-tcp_fragment-should-apply-sane-memory-limits.patch - patches.suse/tcp-add-tcp_min_snd_mss-sysctl.patch - patches.suse/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch - Refresh - patches.suse/apparmor-compatibility-with-v2.x-net.patch - commit 75acedc ++++ nvme-cli: - Add script to determine host NQN based on the system UUID, which adds a new dependency on dmidecode for the corresponding archs: x86_64, aarch64, i586 + 0108-nvme-cli-Add-script-to-determine-host-NQN.patch - Write hostnqn and hostid not only if the corresponding file doesn't exist, but also, when it is empty. - Add new internal only subpackage for regression testing - Add new udev rule for NetApp E-Series and adjust udev rule naming scheme accordingly. (bsc#1124564) + 0106-nvme-cli-add-default-IO-policy-rule-for-NetApp-E-Ser.patch + 0107-nvme-cli-Rename-udev-rule-for-ONTAP-controller.patch ------------------------------------------------------------------ ------------------ 2019-6-21 - Jun 21 2019 ------------------- ------------------------------------------------------------------ ++++ yast2: - deprecate Arch.ia64 and drop all support for ia64 (last seen in SLE 11) ------------------------------------------------------------------ ------------------ 2019-6-20 - Jun 20 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kernel-binary: rpm does not support multiline condition - commit aceae50 - kernel-binary: Use -c grep option in klp project detection. - commit 5def2a2 - kernel-binary: fix missing \ - commit 8325214 ++++ mozjs60: - Drop python-wheel BuildRequires: causes a build cycle, and is not needed. ++++ libsemanage: - Disable LTO due to symbol versioning (boo#1138812). ++++ libsepol: - Disable LTO due to symbol versioning (boo#1138813). ++++ salt: - Provide the missing features required for Yomi (Yet one more installer) - Added: * provide-the-missing-features-required-for-yomi-yet-o.patch ++++ yast2: - bsc#1137992 - PackageSystem.Installed: Fixed typo when passing the allowed return codes to Execute. - 4.2.10 ------------------------------------------------------------------ ------------------ 2019-6-19 - Jun 19 2019 ------------------- ------------------------------------------------------------------ ++++ fcoe-utils: - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: allow OBS to shortcut by using systemd-devel-mini. ++++ kernel-default: - config: refresh i386/default - commit a562f5a - Update config files. Enable SECURITY_YAMA to allow protection against ptrace attacks (bnc#1128245). - commit f841e66 ++++ kernel-firmware: - Update to version 20190618: * cavium: Add firmware for CNN55XX crypto driver. * linux-firmware: Update firmware file for Intel Bluetooth 22161 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: Update AMD SEV firmware (CVE-2019-9836, bsc#1139383) * linux-firmware: update licence text for Marvell firmware ++++ brltty: - BuildRequire pkgconfig(libsystemd) instead of systemd-devel: allow OBS to shortcut by using systemd-devel-mini. ++++ Mesa: - reverted latest change in specfile; it's not needed; llvm8 is already been chosen on factory/TW by default ... ++++ libvirt: - util: fix copying bitmap to larger data buffer 51f9f80d-fix-copying-bitmaps.patch bsc#1138734 ++++ python-py: - Switch to multibuild to avoid cycle bsc#1138666 ++++ yast2: - bsc#1137992 - PackageSystem.Installed: Use Yast::Execute instead of SCR to avoid false positives. - 4.2.9 ------------------------------------------------------------------ ------------------ 2019-6-18 - Jun 18 2019 ------------------- ------------------------------------------------------------------ ++++ gstreamer-plugins-base: - Update to version 1.16.0: + Highlights - GStreamer WebRTC stack gained support for data channels for peer-to-peer communication based on SCTP, BUNDLE support, as well as support for multiple TURN servers. - AV1 video codec support for Matroska and QuickTime/MP4 containers and more configuration options and supported input formats for the AOMedia AV1 encoder - Support for Closed Captions and other Ancillary Data in video - Support for planar (non-interleaved) raw audio - GstVideoAggregator, compositor and OpenGL mixer elements are now in -base - New alternate fields interlace mode where each buffer carries a single field - WebM and Matroska ContentEncryption support in the Matroska demuxer - new WebKit WPE-based web browser source element - Video4Linux: HEVC encoding and decoding, JPEG encoding, and improved dmabuf import/export - Hardware-accelerated Nvidia video decoder gained support for VP8/VP9 decoding, whilst the encoder gained support for H.265/HEVC encoding. - Many improvements to the Intel Media SDK based hardware-accelerated video decoder and encoder plugin (msdk): dmabuf import/export for zero-copy integration with other components; VP9 decoding; 10-bit HEVC encoding; video post-processing (vpp) support including deinterlacing; and the video decoder now handles dynamic resolution changes. - The ASS/SSA subtitle overlay renderer can now handle multiple subtitles that overlap in time and will show them on screen simultaneously - The Meson build is now feature-complete (*) and it is now the recommended build system on all platforms. The Autotools build is scheduled to be removed in the next cycle. - The GStreamer Rust bindings and Rust plugins module are now officially part of upstream GStreamer. - The GStreamer Editing Services gained a gesdemux element that allows directly playing back serialized edit list with playbin or (uri)decodebin - Many performance improvements - Switch to meson for Tumbleweed. - Adjust line to get the minimum required gstreamer version. - Disable tremor (needs libvorbisidec) - Disable examples. - Package libgstcompositor.so and libgstoverlaycomposition.so. - Adjust documentation directory. - Add gst-plugins-base-doc-build-fix.patch: fix build with automake. - Up gstreamer-plugins-bad Conflicts. - Now requires glib2 >= 2.40. - Obsolete libgstbadvideo-1_0-0: now part of -base. ++++ kernel-default: - Update config files. Set HARDENED_USERCOPY=y (bnc#1127808). This can be disabled on the commandline using hardened_usercopy=n. - commit 3b85d22 - config: enable CONFIG_FONT_TER16x32 for HiDPI monitors (boo#1138496) - commit 073136d ++++ libapparmor: - update to AppArmor 2.13.1 - some fixes in cache handling - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.3 for the detailed upstream changelog ++++ util-linux: - raw.service: Add RemainAfterExit=yes (bsc#1135534). ++++ Mesa: - use llvm8 on factory/TW ++++ suse-module-tools: - Update to version 15.2.2: * kmp-install, driver-check.sh, weak-modules2: Support for compressed kernel modules (bsc#1135854) ++++ util-linux-systemd: - raw.service: Add RemainAfterExit=yes (bsc#1135534). ++++ yast2: - Slideshow: Flag for switching on/off release notes tab. (bsc#1136708) - 4.2.8 ------------------------------------------------------------------ ------------------ 2019-6-17 - Jun 17 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 049+git94.aef7a52b: * ucode: properly include early only ucode (bsc#1098915, bsc#1125393) * keep network device naming scheme on upgrade (bsc#1136927) ++++ fuse-overlayfs: - Update to v0.4.1 (bsc#1137860): - create_directory: do not redeclare variable buf - fuse-overlayfs: accept option "dev" - fuse-overlayfs: add check to readdir for the node parent - fuse-overlayfs: add cleanup for layers - fuse-overlayfs: drop usage of static arrays for paths - fuse-overlayfs: refactor some xattrs common code - fuse-overlayfs: start using GCC autocleanup - fuse-overlayfs: use cleanup function for initializing node - fuse-overlays: fix interaction of unlink(2) with readdir(2) - main: add missing debug messages - main: do the unlink only after we created the temporary file - main: fix a fd leak - main: ignore EINVAL when copying xattrs - setattr: use fd from fi->fh for ftruncate() whenever possible ++++ grub2: - Use grub2-install to handle signed grub installation for UEFI secure boot and also provide options to override default (bsc#1136601) * grub2-secureboot-install-signed-grub.patch - Remove arm64 linuxefi patches as it's not needed for secure boot * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch ++++ kernel-default: - tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (CVE-2019-11479 bsc#1137586). - tcp: add tcp_min_snd_mss sysctl (CVE-2019-11479 bsc#1137586). - tcp: tcp_fragment() should apply sane memory limits (CVE-2019-11478 bsc#1137586). - tcp: limit payload size of sacked skbs (CVE-2019-11477 bsc#1137586). - commit ab45ff3 ------------------------------------------------------------------ ------------------ 2019-6-16 - Jun 16 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.2-rc5 - Config changes: - Sound: - SND_SOC_SOF_NOCODEC_SUPPORT=n on x86, =y on ARM - Storage: - MQ_IOSCHED_DEADLINE m -> y on arm64 - commit b5857f8 ++++ u-boot-rpiarm64: - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.07 * Fix boot on Tegra platforms: 0009-armv8-fix-typo-in-LINUX_KERNEL_IMAG.patch * Fix boot on Poplar board: 0010-poplar-increase-SYS_MALLOC_F_LEN-fo.patch ------------------------------------------------------------------ ------------------ 2019-6-15 - Jun 15 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Update to version 1.60.2: + docwriter: Fix Exception message attribute. + meson: fix default cairo DLL name on Windows. + scanner: Fix error on Windows in case source files are on different drives. + gi-test: Fix gir file tests with MSVC. + MSVC.README.rst: Update VS 2008/x64 build notes. + giscanner/scannerlexer.l: Include io.h on Windows. + build: Force-include msvc_recommended_pragmas.h on Visual Studio. + Update glib annotations. ++++ u-boot-rpiarm64: - rpi3: Override the text base for compatibility with TF-A ------------------------------------------------------------------ ------------------ 2019-6-14 - Jun 14 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Avoid high resolution when trying to keep current mode (bsc#1133842) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - Make GRUB_SAVEDEFAULT working with btrfs (bsc#1128592) * grub2-grubenv-in-btrfs-header.patch ++++ kexec-tools: - Bump to version 2.0.19 Changelog: http://git.kernel.org/cgit/utils/kernel/kexec/kexec-tools.git/log/?id=refs/tags/v2.0.18..v2.0.19 ++++ util-linux: - agetty: Return previous response of agetty for special characters (bsc#1085196, bsc#1125886, util-linux-agetty-smart-reload-13.patch, util-linux-agetty-smart-reload-14.patch). ++++ gpgme: - gpgme 1.13.1: * core: At debug levels up to 9 print only an ascii dump. * core: Add commented debug helper to posix-io.c. * core: Fix error return value of _gpgme_run_io_cb. * core: Prettify _gpgme_io_select debug output again and fix TRACE_SYSRES. * core: Improve the debug messages even more. * core: Avoid explicit locks in the debug code. * json: Print "nan", "-inf", "inf" if needed. * json: Improve handling of large exponents in the JSON parsor. * core: Implement recpstring option parsing for gpgsm. * core: Make gpgme_op_encrypt_ext work for CMS. * python: Fix typo in DecryptionError exception. * python: Make EXTRA_DIST files explicit. * Python, doc: Minor style improvement. * Always use maintainer mode -Wno cflags. * cpp: Fix initialization warning. * python: stop raising BadSignatures from decrypt(verify=True) * cpp: Add wrapper for gpgme_set_global_flag. * core: Fix duplication of close_notify_handler for gpgsm. ++++ plymouth: - Add dependency to dracut for plymouth-scripts(bnc#1138248). ++++ libvirt: - api: disallow virConnect*HypervisorCPU, virConnectGetDomainCapabilities, virDomainManagedSaveDefineXML, and virDomainSaveImageGetXMLDesc on read-only connections CVE-2019-10161-api-disallow-virDomainSaveImageGetXMLDesc.patch, CVE-2019-10166-api-disallow-virDomainManagedSaveDefineXML.patch, CVE-2019-10167-api-disallow-virConnectGetDomainCapabilities.patch, CVE-2019-10168-api-disallow-virConnect-HypervisorCPU.patch CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168 bsc#1138301, bsc#1138302, bsc#1138303, bsc#1138305 ++++ zstd: - Remove googletest-devel BuildRequires and pzstd-global-gtest.patch because we want zstd in ring0 (due to rpm's zstd payload support) Since googletest is only used in build time (it's for testing after all), this should be fine. ++++ salt: - Fix zypper pkg.list_pkgs test expectation and dpkg mocking - Added: * fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch - Set 'salt' group for files and directories created by salt-standalone-formulas-configuration package - Various fixes for virt module - Fix virt.volume_infos raising an exception when there is only virtual machine on the minion. - Fix virt.purge() on all non-KVM hypervisors. For instance on Xen, virt.purge would simply throw an exception about unsupported flag - Building a libvirt pool starts it. When defining a new pool, we need to let build start it or we will get libvirt errors. - Fix handling of Virtual Machines with white space in their name. - Added: * virt.pool_running-fix-pool-start.patch * virt-handle-whitespaces-in-vm-names.patch * virt.volume_infos-fix-for-single-vm.patch * try-except-undefineflags-as-this-operation-is-not-su.patch ++++ suse-module-tools: - Update to version 15.2.1: - Install sg.conf under /usr/lib/modules-load.d (bsc#1036463) * sg.conf: avoid file conflict with systemd - Update to version 15.2.0: * weak-modules2: emit "inconsistent" warning only if replacement fails (bsc#1127155) ++++ util-linux-systemd: - agetty: Return previous response of agetty for special characters (bsc#1085196, bsc#1125886, util-linux-agetty-smart-reload-13.patch, util-linux-agetty-smart-reload-14.patch). ------------------------------------------------------------------ ------------------ 2019-6-13 - Jun 13 2019 ------------------- ------------------------------------------------------------------ ++++ dbus-1: - Fix CVE-2019-12749 Authentication bypass (CVE-2019-12749 bsc#1137832) * added fix-CVE-2019-12749.patch ++++ glibc: - regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114) ++++ kernel-default: - Build klp-symbols in kernel devel projects. - commit ffd0ed9 - supported.conf: Enable it87_wdt and f71808e_wdt Both drivers are for watchdog devices included in Super-I/O chipsets which are popular on x86 PC mainboards. Code is clean and simple, so supporting them isn't a problem. - commit b818771 ++++ fuse3: - Update to version 3.6.1 (bsc#1137860) * Fixed version number (release 3.6.0 was shipped with a declared version of 3.0.0). - Update to version 3.6.0 * Added a new example (passthrough_hp). The functionality is similar to passthrough_ll, but the implementation focuses on performance and correctness rather than simplicity. * Added support for fuse kernel feature max_pages which allows to increase the maximum number of pages that can be used per request. This feature was introduced in kernel 4.20. max_pages is set based on the value in max_write. By default max_write will be 1MiB now for kernels that support max_pages. If you want smaller buffers or writes you have to set max_write manually. ++++ Mesa: - n_glesv1_cm-glesv2.patch * reenables build of GLESv1_CM and GLESv2 ... - readded pkgconfig files for GLESv1_CM and GLESv2 to filelists - removed again virtual provides for * pkgconfig(glesv1_cm) * pkgconfig(glesv2) ++++ libsolv: - make cleandeps jobs on patterns work [bnc#1137977] ++++ permissions: - Added ./0005-singularity-starter-suid.patch (bsc#1128598) New whitelisting for /usr/lib/singularity/bin/starter-suid ++++ u-boot-rpiarm64: - Update to v2019.07-rc4: * SPI fixes * Video fixes * Tegra updates * Support for managing the non-volatile attribute of UEFI variables is added though we do not have a backend for persistence yet. * Error messages for changes of UEFI variables are provided. * UEFI boottime service implementations are corrected. * Error messages for the 'setenv -e' and 'bootefi bootmgr' commands are added. * risc-v qemu updates * Enable MMC in SPL for helios4 * NET fixes * some fix for rk3399-puma * rockchip script make_fit_atf.py cleanup * Enable TPL for rk3399 orangepi and nanopi4; * add support for rk3399 boards: Nanopi NEO4, Rockpro64, Rock PI 4 * amlogic updates * DaVinci updates * FAT fixes - Update to v2019.07-rc3: * sh updates * SoCFPGA PL310 cleanup + A10 fix, A10 DT cleanup, DW GPIO fix * Several bug fixes for the UEFI sub-system are provided. * The SetTime() boottime service is implemented. * mips updates * stm32 updates * DM fixes * fsl updates * MMC fixes for i.MX53 * sunxi fixes * I2C fixes * Minor patches to improve UEFI specification compliance are provided. * To allow running the UEFI self compliance tests an outdated version of the Unicode collation protocol has been added as a configuration option (disabled by default). * Allow coreboot to process unhandled tags * Enable NVMe on QEMU x86_64 target * arndale fixes * SoCFPGA DT and reset cleanup, AE MCVEVK board support. ++++ yast2: - bsc#1137992 - PackageSystem.Installed: Increase the logs details. - 4.2.7 ------------------------------------------------------------------ ------------------ 2019-6-12 - Jun 12 2019 ------------------- ------------------------------------------------------------------ ++++ growpart: - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini ++++ gstreamer: - Update to version 1.16.0: + Highlights - GStreamer WebRTC stack gained support for data channels for peer-to-peer communication based on SCTP, BUNDLE support, as well as support for multiple TURN servers. - AV1 video codec support for Matroska and QuickTime/MP4 containers and more configuration options and supported input formats for the AOMedia AV1 encoder - Support for Closed Captions and other Ancillary Data in video - Support for planar (non-interleaved) raw audio - GstVideoAggregator, compositor and OpenGL mixer elements are now in -base - New alternate fields interlace mode where each buffer carries a single field - WebM and Matroska ContentEncryption support in the Matroska demuxer - new WebKit WPE-based web browser source element - Video4Linux: HEVC encoding and decoding, JPEG encoding, and improved dmabuf import/export - Hardware-accelerated Nvidia video decoder gained support for VP8/VP9 decoding, whilst the encoder gained support for H.265/HEVC encoding. - Many improvements to the Intel Media SDK based hardware-accelerated video decoder and encoder plugin (msdk): dmabuf import/export for zero-copy integration with other components; VP9 decoding; 10-bit HEVC encoding; video post-processing (vpp) support including deinterlacing; and the video decoder now handles dynamic resolution changes. - The ASS/SSA subtitle overlay renderer can now handle multiple subtitles that overlap in time and will show them on screen simultaneously - The Meson build is now feature-complete (*) and it is now the recommended build system on all platforms. The Autotools build is scheduled to be removed in the next cycle. - The GStreamer Rust bindings and Rust plugins module are now officially part of upstream GStreamer. - The GStreamer Editing Services gained a gesdemux element that allows directly playing back serialized edit list with playbin or (uri)decodebin - Many performance improvements - Switch to meson on Tumbleweed. - Rebase gstreamer-rpm-prov.patch. - Require libdw. Helps with generating backtraces. - Place gdb autoload files in -devel package. - Add gstreamer-pie.patch to generate position-independent executables. Previously done through CFLAGS/LDFLAGS, but this makes ninja pass -pie when linking libraries as well, causing the link to fail. - Now requires glib2 >= 2.40.0. ++++ libguestfs: - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini ++++ open-iscsi: - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini ++++ kdump: - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini ++++ Mesa: - reenable LTO with Mesa 19.1 (boo#1133265, comment#5) - enabled new gallium drivers * iris (newer Intel GPUs) * lima, panfrost on ARM64 - virtually provide * pkgconfig(glesv1_cm) * pkgconfig(glesv2) in libGLESv1_CM-devel/libGLESv2-devel packages, since these files have been removed from Mesa via git commit #1587586 ++++ python3-core: - FAKE RECORD FROM SLE-12 CHANNEL bsc#1137942: Avoid duplicate files with python3* packages (https://fate.suse.com/327309) ++++ libsolv: - fix favorq leaking between solver runs if the solver is reused - fix SOLVER_FLAG_FOCUS_BEST updateing packages without reason - be more correct with multiversion packages that obsolete their own name [bnc#1127155] - allow building with swig-4.0.0 [bnc#1135749] - bump version to 0.7.5 ++++ python3: - FAKE RECORD FROM SLE-12 CHANNEL bsc#1137942: Avoid duplicate files with python3* packages (https://fate.suse.com/327309) ++++ systemd-presets-branding-MicroOS: - BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini ------------------------------------------------------------------ ------------------ 2019-6-11 - Jun 11 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Update to version 2.60.4: + Fixes to improved network status detection with NetworkManager. + Leak fixes to some `glib-genmarshal` generated code. + Further fixes to the Happy Eyeballs (RFC 8305) implementation. + File system permissions fix to clamp down permissions in a small time window when copying files (CVE-2019-12450). + Bugs fixed: glgo#GNOME/GLib#1755, glgo#GNOME/GLib#1788, glgo#GNOME/GLib#1792, glgo#GNOME/GLib#1793, glgo#GNOME/GLib#1795, glgo#GNOME/GLib!865, glgo#GNOME/GLib!878. ++++ libcontainers-common: - Update to libpod v1.4.0 - The podman checkpoint and podman restore commands can now be used to migrate containers between Podman installations on different systems - The podman cp command now supports a pause flag to pause containers while copying into them - The remote client now supports a configuration file for pre-configuring connections to remote Podman installations - Fixed CVE-2019-10152 - The podman cp command improperly dereferenced symlinks in host context - Fixed a bug where podman commit could improperly set environment variables that contained = characters - Fixed a bug where rootless Podman would sometimes fail to start containers with forwarded ports - Fixed a bug where podman version on the remote client could segfault - Fixed a bug where podman container runlabel would use /proc/self/exe instead of the path of the Podman command when printing the command being executed - Fixed a bug where filtering images by label did not work - Fixed a bug where specifying a bing mount or tmpfs mount over an image volume would cause a container to be unable to start - Fixed a bug where podman generate kube did not work with containers with named volumes - Fixed a bug where rootless Podman would receive permission denied errors accessing conmon.pid - Fixed a bug where podman cp with a folder specified as target would replace the folder, as opposed to copying into it - Fixed a bug where rootless Podman commands could double-unlock a lock, causing a crash - Fixed a bug where Podman incorrectly set tmpcopyup on /dev/ mounts, causing errors when using the Kata containers runtime - Fixed a bug where podman exec would fail on older kernels - The podman commit command is now usable with the Podman remote client - The --signature-policy flag (used with several image-related commands) has been deprecated - The podman unshare command now defines two environment variables in the spawned shell: CONTAINERS_RUNROOT and CONTAINERS_GRAPHROOT, pointing to temporary and permanent storage for rootless containers - Updated vendored containers/storage and containers/image libraries with numerous bugfixes - Updated vendored Buildah to v1.8.3 - Podman now requires Conmon v0.2.0 - The podman cp command is now aliased as podman container cp - Rootless Podman will now default init_path using root Podman's configuration files (/etc/containers/libpod.conf and /usr/share/containers/libpod.conf) if not overridden in the rootless configuration - Update to image v1.5.1 - Vendor in latest containers/storage - docker/docker_client: Drop redundant Domain(ref.ref) call - pkg/blobinfocache: Split implementations into subpackages - copy: progress bar: show messages on completion - docs: rename manpages to *.5.command - add container-certs.d.md manpage - pkg/docker/config: Bring auth tests from docker/docker_client_test - Don't allocate a sync.Mutex separately - Update to storage v1.12.10 - Add function to parse out mount options from graphdriver - Merge the disparate parts of all of the Unix-like lockfiles - Fix unix-but-not-Linux compilation - Return XDG_RUNTIME_DIR as RootlessRuntimeDir if set - Cherry-pick moby/moby #39292 for CVE-2018-15664 fixes - lockfile: add RecursiveLock() API - Update generated files - Fix crash on tesing of aufs code - Let consumers know when Layers and Images came from read-only stores - chown: do not change owner for the mountpoint - locks: correctly mark updates to the layers list - CreateContainer: don't worry about mapping layers unless necessary - docs: fix manpage for containers-storage.conf - docs: sort configuration options alphabetically - docs: document OSTree file deduplication - Add missing options to man page for containers-storage - overlay: use the layer idmapping if present - vfs: prefer layer custom idmappings - layers: propagate down the idmapping settings - Recreate symlink when not found - docs: fix manpage for configuration file - docs: add special handling for manpages in sect 5 - overlay: fix single-lower test - Recreate symlink when not found - overlay: propagate errors from mountProgram - utils: root in a userns uses global conf file - Fix handling of additional stores - Correctly check permissions on rootless directory - Fix possible integer overflow on 32bit builds - Evaluate device path for lvm - lockfile test: make concurrent RW test determinisitc - lockfile test: make concurrent read tests deterministic - drivers.DirCopy: fix filemode detection - storage: move the logic to detect rootless into utils.go - Don't set (struct flock).l_pid - Improve documentation of getLockfile - Rename getLockFile to createLockerForPath, and document it - Add FILES section to containers-storage.5 man page - add digest locks - drivers/copy: add a non-cgo fallback - Add default SLES mounts for container-suseconnect usage ++++ Mesa: - Update to 19.1.0: * Mesa 19.1.0 implements the OpenGL 4.5 API, but the version reported by glGetString(GL_VERSION) or glGetIntegerv(GL_MAJOR_VERSION) / glGetIntegerv(GL_MINOR_VERSION) depends on the particular driver being used. Some drivers don't support all the features required in OpenGL 4.5. OpenGL 4.5 is only available if requested at context creation. Compatibility contexts may report a lower version depending on each driver. * The top highlights include: - GL_ARB_parallel_shader_compile for all drivers. - GL_EXT_gpu_shader4 on all GL 3.1 drivers. - GL_EXT_shader_image_load_formatted on radeonsi. - GL_EXT_texture_buffer_object on all GL 3.1 drivers. - GL_EXT_texture_compression_s3tc_srgb on Gallium and i965 drivers (ES extension). - GL_NV_compute_shader_derivatives on Iris and i965 drivers. - GL_KHR_parallel_shader_compile on all drivers. - GL_INTEL_conservative_rasterization on Iris. - Refresh patches with quilt. - Clean-up spec files for .pc and other files no longer built. ++++ NetworkManager: - Add nm-add-CAP_SYS_ADMIN-permission.patch: Add CAP_SYS_ADMIN which netconfig needs to call setdomainname (bsc#1129587). ++++ python3-core: - bsc#1094814: Add bpo23395-PyErr_SetInterrupt-signal.patch to handle situation when the SIGINT signal is ignored or not handled ++++ microos-tools: - Update to version 1.0+git20190611.6211f74: * Rename 51-corefiles.conf to 30-corefiles.conf, so that an user can override it by installing telemectrics-client or systemd-coredump. ++++ podman: - Update podman to v1.4.0: - The podman checkpoint and podman restore commands can now be used to migrate containers between Podman installations on different systems - The podman cp command now supports a pause flag to pause containers while copying into them - The remote client now supports a configuration file for pre-configuring connections to remote Podman installations - Fixed CVE-2019-10152 - The podman cp command improperly dereferenced symlinks in host context - Fixed a bug where podman commit could improperly set environment variables that contained = characters - Fixed a bug where rootless Podman would sometimes fail to start containers with forwarded ports - Fixed a bug where podman version on the remote client could segfault - Fixed a bug where podman container runlabel would use /proc/self/exe instead of the path of the Podman command when printing the command being executed - Fixed a bug where filtering images by label did not work - Fixed a bug where specifying a bing mount or tmpfs mount over an image volume would cause a container to be unable to start - Fixed a bug where podman generate kube did not work with containers with named volumes - Fixed a bug where rootless Podman would receive permission denied errors accessing conmon.pid - Fixed a bug where podman cp with a folder specified as target would replace the folder, as opposed to copying into it - Fixed a bug where rootless Podman commands could double-unlock a lock, causing a crash - Fixed a bug where Podman incorrectly set tmpcopyup on /dev/ mounts, causing errors when using the Kata containers runtime - Fixed a bug where podman exec would fail on older kernels - The podman commit command is now usable with the Podman remote client - The --signature-policy flag (used with several image-related commands) has been deprecated - The podman unshare command now defines two environment variables in the spawned shell: CONTAINERS_RUNROOT and CONTAINERS_GRAPHROOT, pointing to temporary and permanent storage for rootless containers - Updated vendored containers/storage and containers/image libraries with numerous bugfixes - Updated vendored Buildah to v1.8.3 - Podman now requires Conmon v0.2.0 - The podman cp command is now aliased as podman container cp - Rootless Podman will now default init_path using root Podman's configuration files (/etc/containers/libpod.conf and /usr/share/containers/libpod.conf) if not overridden in the rootless configuration ++++ python3: - bsc#1094814: Add bpo23395-PyErr_SetInterrupt-signal.patch to handle situation when the SIGINT signal is ignored or not handled ++++ python-six: - Fix pytest call - Fixdocumentation package generating ++++ qemu: - fixed regression for ksm.service was (bsc#1112646) ++++ zypper: - man: split '--with[out]' like options to ease searching. - Unhide 'ps' command in help - Add option to show more conflict information - Rephrased `zypper ps` hint (bsc#859480) - Fix repo refresh not returning 106-ZYPPER_EXIT_INF_REPOS_SKIPPED if --root is used (bsc#1134226) - Fix unknown package handling in zypper install (fixes bsc#1127608) - Fix the package build failure with CMake 3.14. - Re-show progress bar after pressing retry upon install error (bsc#1131113) - version 1.14.28 ------------------------------------------------------------------ ------------------ 2019-6-10 - Jun 10 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mpt3sas_ctl: fix double-fetch bug in _ctl_ioctl_main() (bsc#1136922 cve-2019-12456). - commit 42064d5 - Update to 5.2-rc4 - Eliminated 1 patch - patches.rpmify/mlx5-avoid-64-bit-division.patch - Refresh configs - IKHEADERS_PROC -> IKHEADERS - commit c8bdb02 ++++ kernel-firmware: - Update to version 20190607: * linux-firmware: update firmware for mhdp8546 * linux-firmware: rsi: update firmware images for Redpine 9113 chipset * imx: sdma: update firmware to v3.5/v4.5 * nvidia: update GP10[2467] SEC2 RTOS with the one already used on GP108 ++++ python-rpm-macros: - Update to version 20190610.2ee3233: * Fix typo, missing opening brace. * Add the first draft of pyproject_wheel and pyproject_install macros. * Yet another attempt to preserve $PYTHONPATH set in the environment. * Document also %pytest_arch * Document %pytest in README.md * Multiline macros don't work correctly on older RPMs. * Add missing $ expansion on the pytest call * Rewrite pytest and pytest_arch into Lua macros with multiple arguments. * We should preserve existing PYTHONPATH. * Add --ignore to pytest calls to ignore build directories. - Update to version 20190610.2ee3233: * Fix typo, missing opening brace. ++++ qemu: - Content of packaged %_docdir/%name/interop/_static/ dir depends on python-Sphinx version, so lets just wildcard specifying those files, rather than trying to manage a specific file list ------------------------------------------------------------------ ------------------ 2019-6-9 - Jun 9 2019 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.60.3: + Fix clobbering of the thread-default main context after certificate verification failure during async handshakes since 2.60.1. + Fix GTlsDatabase initialization failures in OpenSSL backend due to uninitialized memory use. + Fix minor leak of ALPN protocols. ------------------------------------------------------------------ ------------------ 2019-6-7 - Jun 7 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/post.sh: correct typo in err msg (bsc#1137625) - commit 9fe85cc ++++ zlib: - Do not enable the previous patchset on s390 but just s390x bsc#1137624 ++++ openslp: - Use tcp connects to talk with other DAs [bnc#1117969] new patch: openslp.tcpknownda.diff - Fix segfault in predicate match if a registered service has a malformed attribute list [bnc#1136136] new patch: openslp.nullattr.diff ++++ podman: - Add fuse-overlayfs dependency to support overlay based rootless image manipulations ++++ python-PyYAML: - update to 5.1.1 * Re-release of 5.1 with regenerated Cython sources to build properly for Python 3.8 ++++ qemu: - Last change exposed that we still do rely on python2. Make spec file adjustment - Switch from python-Sphinx to Sphinx from python variant we are building with (new Sphinx is for python3 only) ++++ read-only-root-fs: - Update to version 1.0+git20190607.11f8587: * Determine /@ programmatically ------------------------------------------------------------------ ------------------ 2019-6-6 - Jun 6 2019 ------------------- ------------------------------------------------------------------ ++++ cni-plugins: - Updated plugins to v0.8.1: + Bugs: * bridge: fix ipMasq setup to use correct source address * fix compilation error on 386 * bandwidth: get bandwidth interface in host ns through container interface + Improvements: * Release: bump go to v1.12 * host-device: add pciBusID property - Drop patches merged upstream: + 0001_use_Go_facilities_to_get_a_socket.patch ++++ glibc: - crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710) ++++ gzip: - add gzip-1.10-ibm_dfltcc_support.patch [jsc#SLE-5818] [jsc#SLE-8914] * it adds support for DFLTCC (hardware-accelerated deflation) for s390x arch * enable it via "--enable-dfltcc" option ++++ ignition: - Update to version 2.0.0+git20190603.0c1da80: * news: update for v2.0.0 * build*: use --always with git describe * vendor: switch to coreos/vcontext * config/validate: add tests for duplicate checking * build: export GOFLAGS so they get used * config/validate: add test for validation * config/validate: check for unused keys * internal/util/docs: update to use new validation * internal: update to use new validation code * config/validate: replace old validation with vcontext * config/v3*: update to use new validation functions * vendor: add vcontext * internal: create dev aliases in /run/ignition/ instead of / * Update hostname example * tests/*: rename bb tests * release-checklist: split out 0.x and 2.x+ bits ++++ kernel-default: - s390: drop meaningless 'targets' from tools Makefile (s390 kmp build fix). - commit b4eda05 ++++ zlib: - Add patchset for s390 improvements jsc#SLE-5807 bsc#1136717: * 410.patch ++++ perl-Bootloader: - merge gh#openSUSE/perl-bootloader#121 - Fix secureboot on aarch64 (boo#1136601) - [RFC] Fix secureboot on aarch64 (boo#1136601) - 0.924 ++++ read-only-root-fs: - Update to version 1.0+git20190606.e1f756c: * Mount writable /boot subvolume in GRUB environment - Create /boot/writable subvolume to provide a place to store the GRUB environment block or Ignition's firstboot flag on a ro root device ++++ vim: - Add source-check-sandbox.patch to fix CVE-2019-12735 boo#1137443 ------------------------------------------------------------------ ------------------ 2019-6-5 - Jun 5 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Update to 7.65.1 * Bugfixes: - CURLOPT_LOW_SPEED_* repaired - NTLM: reset proxy "multipass" state when CONNECT request is done - PolarSSL: deprecate support step 1. Removed from configure - cmake: check for if_nametoindex() - cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variables - conncache: Remove the DEBUGASSERT on length check - conncache: make "bundles" per host name when doing proxy tunnels - curl_share_setopt.3: improve wording - dump-header.d: spell out that no headers == empty file - example/http2-download: fix format specifier - examples: cleanups and compiler warning fixes - http2: Stop drain from being permanently set - http: don't parse body-related headers in bodyless responses - md4: build correctly with openssl without MD4 - md4: include the mbedtls config.h to get the MD4 info - multi: track users of a socket better - nss: allow to specify TLS 1.3 ciphers if supported by NSS - parse_proxy: make sure portptr is initialized - parse_proxy: use the IPv6 zone id if given - sectransp: handle errSSLPeerAuthCompleted from SSLRead() - singlesocket: use separate variable for inner loop - ssl: Update outdated "openssl-only" comments for supported backends - tests: add HAProxy keywords - tests: make test 1420 and 1406 work with rtsp-disabled libcurl - tls13-docs: mention it is only for OpenSSL >= 1.1.1 - tool_setopt: for builds with disabled-proxy, skip all proxy setopts() - url: fix bad feature-disable #ifdef - url: use correct port in ConnectionExists() ++++ glibc: - ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973) ++++ kernel-default: - Enhance kvmsmall configuration (bsc#1137361) Add a minimal set of modules to kvmsmall, to make this config usable to set up guest VMs interacting with the host. - commit 34c4eab - config: refresh configs No functional change. - commit cbc8b7e ++++ salt: - avoid batch.py exception when minion does not respond (bsc#1135507) - Added: * batch.py-avoid-exception-when-minion-does-not-respon.patch ++++ raspberrypi-firmware: - Update to e289f6a59 (2019-05-28): * firmware: smservice: Avoid a double free * firmware: arm_loader/display: All the framebuffer allocation to be made on the ARM * firmware: isp_tuners: Fix memory leak in error path * firmware: testc: Fix dps parsing * firmware: camera_subsystem: Fix hardware sync pulses off disable_camera_led * firmware: Replace the remaining direct users of C(mask_gpu_interrupt[0|1]) * firmware: arm_display: Kick transposer for the rainbow screen if required * firmware: dispmanx: Do not allow transpose if using Full KMS See: raspberrypi/linux#2891 * firmware: Revert: arm_loader/display: All the framebuffer allocation to be made on the ARM * firmware: arm_loader: Further conditionals for passing in a frame buffer * firmware: di_adv: Drop back to fast if QPUs are masked off ++++ raspberrypi-firmware-config: - Update to e289f6a59 (2019-05-28): * firmware: smservice: Avoid a double free * firmware: arm_loader/display: All the framebuffer allocation to be made on the ARM * firmware: isp_tuners: Fix memory leak in error path * firmware: testc: Fix dps parsing * firmware: camera_subsystem: Fix hardware sync pulses off disable_camera_led * firmware: Replace the remaining direct users of C(mask_gpu_interrupt[0|1]) * firmware: arm_display: Kick transposer for the rainbow screen if required * firmware: dispmanx: Do not allow transpose if using Full KMS See: raspberrypi/linux#2891 * firmware: Revert: arm_loader/display: All the framebuffer allocation to be made on the ARM * firmware: arm_loader: Further conditionals for passing in a frame buffer * firmware: di_adv: Drop back to fast if QPUs are masked off ++++ raspberrypi-firmware-dt: - Switch branch to 'rpi-5.1.y' to match the kernel version - Update to f1d85e3870 (2019-06-03): * remove 3dlab-nano-player, upstream-aux-interrupt (deprecated and no more needed) * add draws, i-sabre-q2m, ilitek251x, iqaudio-codec, max98357a, piglow, udrc ++++ transactional-update: - Update to version 2.15 - Move description of interactiveness [boo#1132438] - Enable network during update [boo#1137890] - Add compatibilty with new overlayfs versions [boo#1140057] - Allow updates of the bootloader on EFI systems [boo#1139015] - Add support for /boot/writable [boo#1138725] ++++ yast2: - bsc#1086454 - Recognize IB interfaces based on IPOIB_MODE ifcfg attribute - 4.2.6 ------------------------------------------------------------------ ------------------ 2019-6-4 - Jun 4 2019 ------------------- ------------------------------------------------------------------ ++++ glibc: - force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275) ++++ open-iscsi: - Added latest upstream changes, including: - iscsiuio: Stop using /var directory for PIDfile and locks - iscsiuio: improve daemon synchronization (bsc#1135070) - fix pipe notification code - add systemd support for iscsiuio - make iscsid systemd usage optional - fix possible discovery hang timeout - fix iscsiuio systemd disablement Updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - Update config files. Enable CRASH_DUMP and RELOCATABLE on ppc64le to be on par with the other archs and to allow for kdump (bnc#1135217). - commit a6a9f0e ++++ libcontainers-common: - Add util-linux and grep as Requires(post) to ensure btrfs config gets made correctly ++++ python-Babel: - version update to 2.7.0 Possibly incompatible changes * General: Internal uses of ``babel.util.odict`` have been replaced with ``collections.OrderedDict`` from The Python standard library. Improvements * CLDR: Upgrade to CLDR 35.1 - Alberto Mardegan, Aarni Koskela (#626, #643) * General: allow anchoring path patterns to the start of a string - Brian Cappello (#600) * General: Bumped version requirement on pytz - @chrisbrake (#592) * Messages: `pybabel compile`: exit with code 1 if errors were encountered - Aarni Koskela (#647) * Messages: Add omit-header to update_catalog - Cédric Krier (#633) * Messages: Catalog update: keep user comments from destination by default - Aarni Koskela (#648) * Messages: Skip empty message when writing mo file - Cédric Krier (#564) * Messages: Small fixes to avoid crashes on badly formatted .po files - Bryn Truscott (#597) * Numbers: `parse_decimal()` `strict` argument and `suggestions` - Charly C (#590) * Numbers: don't repeat suggestions in parse_decimal strict - Serban Constantin (#599) * Numbers: implement currency formatting with long display names - Luke Plant (#585) * Numbers: parse_decimal(): assume spaces are equivalent to non-breaking spaces when not in strict mode - Aarni Koskela (#649) * Performance: Cache locale_identifiers() - Aarni Koskela (#644) Bugfixes * CLDR: Skip alt=... for week data (minDays, firstDay, weekendStart, weekendEnd) - Aarni Koskela (#634) * Dates: Fix wrong weeknumber for 31.12.2018 - BT-sschmid (#621) * Locale: Avoid KeyError trying to get data on WindowsXP - mondeja (#604) * Locale: get_display_name(): Don't attempt to concatenate variant information to None - Aarni Koskela (#645) * Messages: pofile: Add comparison operators to _NormalizedString - Aarni Koskela (#646) * Messages: pofile: don't crash when message.locations can't be sorted - Aarni Koskela (#646) ------------------------------------------------------------------ ------------------ 2019-6-3 - Jun 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.2-rc3 - Eliminated 1 patch - patches.suse/kvm-memunmap-also-needs-HAS_IOMEM.patch - commit 038ee83 ++++ libselinux: - In selinux-ready * Removed check for selinux-policy package as we don't ship one (bsc#1136845) * Add check that restorecond is installed and enabled ++++ python-libvirt-python: - Update to 5.4.0 - Add all new APIs and constants in libvirt 5.4.0 ++++ salt: - Preserve already defined DESTRUCTIVE_TESTS and EXPENSIVE_TESTS env variables - Added: * preserve-already-defined-destructive_tests-and-expen.patch ------------------------------------------------------------------ ------------------ 2019-6-2 - Jun 2 2019 ------------------- ------------------------------------------------------------------ ++++ libseccomp: - Update to new upstream release 2.4.1 * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. ++++ zstd: - Update description with 1.4.0 statistics. ------------------------------------------------------------------ ------------------ 2019-5-31 - May 31 2019 ------------------- ------------------------------------------------------------------ ++++ gstreamer: - Update to version 1.14.5: + aggregator: - Take the pad lock around queue gap event removal. - Don’t leak gap buffer when out of segment. + buffer: fix possible memory corruption in gst_buffer_foreach_meta() when removing metas. + bus: - Make removing of signal/bus watches thread-safe. - Don’t allow removing signal watches with gst_bus_remove_watch(). + controlbinding: Check if the weak pointer was cleared before explicitly removing it. + ptp clock: Wait for ANNOUNCE before selecting a master; increase tolerance for late follow-up and delay-resp. + segment: Allow stop == -1 in gst_segment_to_running_time() and negative rate. + g-i: annotations fixes. ++++ gstreamer-plugins-base: - Update to version 1.14.5: + audioconvert: fix endianness conversion for unpacked formats (e.g. S24_32BE). + audioringbuffer: Fix wrong memcpy address when reordering channels. + decodebin2: Make sure to remove pad probes when freeing GstDecodeGroup. + glviewconvert: fix output when a transformation matrix is used. + glupload: - Prevent segfault when updating caps. - dmabuf: be explicit about gl formats used. + gl/egl: Determine correct format on dmabuf import. + id3tag: validate the year from v1 tags before passing to GstDateTime. + rtpbasepayload: Fix sequence numbers when using buffer lists. + rtspconnection: - Fix security issue, potential heap overflow (CVE-2019-9928). - Fix GError set over the top of a previous GError. - Do not duplicate authentication headers. + subparse: don’t assert when failing to parse subrip timestamp. + video: various convert sample frame fixes. + video-converter: fix conversion from I420_10LE/BE, I420_12LE/BE, A420_10LE/BE to BGRA/RGBA which created corrupted output. + video-format: Fix GBRA_10/12 alpha channel pixel strides. - Drop upstream fixed patches: + CVE-2019-9928.patch + 0001-id3tag-Correctly-validate-the-year-from-v1-tags-befo.patch ++++ openssh: - Fix a crash with GSSAPI key exchange (bsc#1136104) * modify openssh-7.7p1-gssapi_key_exchange.patch ++++ yast2: - Use new schema of desktop files (boo#1084864) - Clean up spec - Rename desktop files - 4.2.5 ------------------------------------------------------------------ ------------------ 2019-5-30 - May 30 2019 ------------------- ------------------------------------------------------------------ ++++ yast2: - Drop old testsuite - Convert from autotools to rake based installation ------------------------------------------------------------------ ------------------ 2019-5-29 - May 29 2019 ------------------- ------------------------------------------------------------------ ++++ bash: - Add patch bash-4.4-bgpoverflow.patch which is a backport from bash 5.0 to perform better with large numbers of sub processes (bsc#1133773) ++++ kernel-default: - config: refresh vanilla configs - commit cbe6c1c - reenable ARM architectures - commit 194828b - refresh configs after Tumbleweed switch to gcc9 as default - commit 3b7ae7e - config: armv7hl: lpae: Update to v5.2.0-rc2 - commit 38ac345 - config: armv7hl: Update to v5.2.0-rc2 - commit 737b08e - config: armv6hl: Update to v5.2.0-rc2 - commit c7bc712 ++++ mozjs60: - No longer pass --enable-debug to configure. It is not needed for our endusers, and will only slow down the engine. Nor have we built it with debug in the past. ++++ NetworkManager: - Update to version 1.16.2: + Use FQDN for persistent hostname on Slackware. + Fix wrong permissions of the /var/lib/NetworkManager/secret_key file. + Don't terminate teamd when assuming existing team connections. + Fix incorrect persistence of connections with EAP-TLS and a PKCS#12 certificate when using the ifcfg-rh plugin. + Fix reapply of the MTU property on devices. + Restore IPv6 configuration when the link goes up. + Fix build with sanitizers. + Other various bug fixes and improvements. ++++ polkit: - Update to version 0.116: + Leaking zombie child processes. + Possible resource leak found by static analyzer. + Output messages tuneup. + Sanity fixes. + pkttyagent tty echo disabled on SIGINT. + HACKING: add link to Code of Conduct. + polkitbackend: comment typos fix. + configure.ac: fix detection of systemd with cgroups v2. + CVE-2018-19788 High UIDs overflow fix. + CVE-2019-6133 Slowfork vulnerability fix. + Allow unset process-uid. + Port the JS authority to mozjs-60. + Use JS_EncodeStringToUTF8. + Updated translations. - Replace pkgconfig(mozjs-52) with pkgconfig(mozjs-60) BuildRequires following upstreams changes. - Drop patches fixed upstream: + polkit-fix-possible-resource-leak.patch + polkit-fix-leaking-zombie-child-processes.patch + polkit-CVE-2018-19788.patch - Refresh patches with quilt. ++++ libssh: - Fix the typo in Obsoletes for -devel-doc subpackage - Actually remove the description for -devel-doc subpackage ++++ podman: - Update podman to v1.3.2: - Fixed a bug where podman would fail to run if a volume was mounted over an image volume ++++ salt: - Do not break repo files with multiple line values on yumpkg (bsc#1135360) - Added: * do-not-break-repo-files-with-multiple-line-values-on.patch ++++ qemu: - Fix a number of compatibility issues with the stricter gcc9 checks * Disable warning for taking address of packed structure members 0048-pc-bios-s390-ccw-net-avoid-warning-.patch * Fix case of strncpy where null terminated string not guaranteed 0046-target-ppc-ensure-we-get-null-termi.patch * Disable warning for taking address of packed structure members and fix case of passing null pointer as "%s" format parameter skiboot-gcc9-compat.patch - Fix configure script which caused firmware to be built in linux-user only build. 0047-configure-only-populate-roms-if-sof.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ------------------------------------------------------------------ ------------------ 2019-5-28 - May 28 2019 ------------------- ------------------------------------------------------------------ ++++ iptables: - Update to new upstream release 1.8.3 * ebtables: Fix rule listing with counters * ebtables-nft: Support user-defined chain policies - Remove 0001-include-extend-the-headers-conflict-workaround-to-in.patch 0001-include-fix-build-with-kernel-headers-before-4.2.patch (upstreamed) ++++ kernel-default: - config: arm64: Update to v5.2.0-rc2 - commit 18d0586 ++++ libidn2: - Update to version 2.2.0 CVE-2019-12290 bsc#1154884: * Perform A-Label roundtrip for lookup functions by default * Stricter check of input to punycode decoder * Fix punycode decoding with no ASCII chars but given delimiter * Fix 'idn2 --no-tr64' (was a no-op) * Allow _ as a basic code point in domain labels * Fail building documentation if 'ronn' isn't installed * git tag changed to reflect https://semver.org/ ++++ libnftnl: - Update to new upstream release 1.1.3 * expr: osf: add version option support * udata: add NFTNL_UDATA_* definitions * chain: support per chain rules listing ++++ systemd: - Import commit eaa7b8b148927d471609de75e542dffcc1b36df4 7e58b89136 udevd: change the default value of udev.children-max (again) (bsc#1107617) - Add 0001-rc-local-generator-deprecate-halt.local-support.patch /etc/init.d/halt.local support will removed from the next systemd version (v243) so for now on warn (hopefully the few) users who rely on this script so they have a chance to switch to systemd-shutdown interface. ++++ libzypp: - Drop unused InterProcessMutex class and test - Drop unused WebpinResult class and test - Give posttrans script a parameter of 0 (issue #168) - Use CURL_HTTP_VERSION_2TLS if available (fixes #141) - version 17.12.0 (12) ++++ python-M2Crypto: - Fix use of urlunsplit (bsc#1135009) ------------------------------------------------------------------ ------------------ 2019-5-27 - May 27 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.2-rc2 - Eliminated 4 patches - patches.suse/dm-make-sure-to-obey-max_io_len_target_boundary.patch - patches.suse/kvm-make-kvm_vcpu_-un-map-dependency-on-CONFIG_HAS_I.patch - patches.suse/vfio_pci-Add-local-source-directory-as-include.patch - patches.suse/x86-kvm-pmu-Set-AMD-s-virt-PMU-version-to-1.patch - add s390x/zfcpdump build fix - patches.suse/kvm-memunmap-also-needs-HAS_IOMEM.patch - commit b02c459 ++++ systemd: - Add 0001-Revert-insserv.conf-generator.patch (bsc#1052837) All remaining packages have been fixed so they don't rely on the insser-generator to generate proper deps. So let's drop it as all services should carry the proper dependencies itself. - Drop debug-only-remove-new-policies.patch The new DBUS methods have been reviewed by the security team. ------------------------------------------------------------------ ------------------ 2019-5-25 - May 25 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Bump to 049 - Contains fixes for bsc#1134472, bsc#1134347 and bsc#1133819 - Patches are now maintained in git * Removed 0012-40network-Fix-race-condition-when-wait-for-networks.patch * Removed 0013-40network-always-start-netroot-in-ifup.sh.patch * Removed 0015-40network-replace-dhclient-with-wickedd-dhcp-supplic.patch * Removed 0016-Add-new-s390x-specific-rule-files.patch * Removed 0017-45ifcfg-use-distro-specific-scripts.patch * Removed 0020-00warpclock-Set-correct-timezone.patch * Removed 0021-95dcssblk-Add-new-module-for-DCSS-block-devices.patch * Removed 0048-40network-Only-enable-network-interfaces-if-explicit.patch * Removed 0053-01fips-fixup-loading-issues.patch * Removed 0056-81cio_ignore-handle-cio_ignore-commandline.patch * Removed 0057-01fips-Include-some-more-hmacs.patch * Removed 0058-dracut-add-warning-when-including-unsupported-module.patch * Removed 0059-99suse-Add-SUSE-specific-initrd-parsing.patch * Removed 0060-45ifcfg-Add-SUSE-specific-write-ifcfg-file.patch * Removed 0061-45ifcfg-Fixup-error-message-in-write-ifcfg-suse.patch * Removed 0075-95dasd_rules-enable-parsing-of-rd.dasd-commandline-p.patch * Removed 0076-Correctly-set-cio_ignore-for-dynamic-s390-rules.patch * Removed 0079-95dasd_rules-fixup-rd.dasd-parsing.patch * Removed 0080-95dasd_rules-print-out-rd.dasd-commandline.patch * Removed 0081-95dasd_mod-do-not-set-module-parameters-if-dasd_cio_.patch * Removed 0083-95zfcp_rules-Fixup-rd.zfcp-parsing.patch * Removed 0085-95zfcp_rules-print-out-rd.zfcp-commandline-parameter.patch * Removed 0086-95zfcp_rules-Auto-generate-udev-rule-for-ipl-device.patch * Removed 0087-95dasd_rules-Auto-generate-udev-rule-for-ipl-device.patch * Removed 0088-91zipl-Add-new-module-to-update-s390x-configuration.patch * Removed 0089-40network-create-var-lib-wicked-in-ifup.sh.patch * Removed 0090-dracut-caps-Remove-whole-caps-module.patch * Removed 0091-dracut-biosdevname-In-SUSE-biosdevname-package-is-in.patch * Removed 0094-Implement-shortcut-ip-ifname-static-for-static-confi.patch * Removed 0107-Fixup-typo-firmare-instead-of-firmware.patch * Removed 0108-91zipl-Store-commandline-correctly.patch * Removed 0109-95dasd_rules-Store-all-devices-in-commandline.patch * Removed 0110-95zfcp_rules-Store-all-devices-in-commandline.patch * Removed 0113-91zipl-Install-script-as-executable.patch * Removed 0114-91zipl-Translate-ext2-3-into-ext4.patch * Removed 0116-Mark-scripts-as-executable.patch * Removed 0117-95dasd_rules-Enable-the-device-before-checking-devic.patch * Removed 0118-95zfcp_rules-Enable-the-device-before-checking-devic.patch * Removed 0121-Adjust-initramfs-kernel.img-to-SUSE-default-initrd-k.patch * Removed 0123-95zfcp_rules-fix-typo-in-module_setup.patch * Removed 0124-40network-Update-iBFT-scanning-code-to-handle-IPv6.patch * Removed 0125-40network-separate-mask-and-prefix.patch * Removed 0126-01fips-Add-drbg-module-to-force-loaded-modules.patch * Removed 0128-90lvm-Install-dm-snapshot-module.patch * Removed 0130-nfs-Always-add-all-kernel-modules-for-kdump.patch * Removed 0131-40network-handle-prefixed-IP-addresses-correctly.patch * Removed 0132-40network-fixup-static-network-configuration.patch * Removed 0133-Allow-multiple-configurations-per-network-interface-.patch * Removed 0137-Switch-from-Mozilla-NSS-sha256hmac-checking-to-fipsc.patch * Removed 0138-fips_add_aesni-intel.patch * Removed 0139-fips-kernel-4.4-fixes.patch * Removed 0142-40network-Don-t-report-error-for-etc-sysconfig-netwo.patch * Removed 0144-90crypt-Fixed-crypttab_contains-to-also-work-with-de.patch * Removed 0145-40network-handle-ip-ifname-static-correctly.patch * Removed 0150-Find-kernel-modules-in-extra-and-weak-updates-path-a.patch * Removed 0157-Add-boot-zipl-to-host-devs-if-it-is-a-mount-point.patch * Removed 0158-Add-SUSE-kernel-module-dependencies-in-etc-modprobe.patch * Removed 0159-network-Try-to-load-xennet.patch * Removed 0160-s390-update_active_devices_initrd.patch * Removed 0161-95zfcp_rules-simplified-rd.zfcp-commandline-for-NPIV.patch * Removed 0162-network-Request-DHCP-lease-instead-of-getting-applyi.patch * Removed 0163-Install-etc-sysconfig-console-to-see-specific-fonts.patch * Removed 0164-Fix-initramfs-ver.img-vs-initrd-ver-in-dracut-initra.patch * Removed 0168-remove_plymouth_logo_file.patch * Removed 0169-network_set_mtu_macaddr_for_dhcp.patch * Removed 0170-iscsi-skip-ibft-invalid-dhcp.patch * Removed 0180-i18n_add_correct_fontmaps.patch * Removed 0182-fix-include-parsing.patch * Removed 0183-fix_add_drivers_hang.patch * Removed 0188-95dasd_rules-Install-collect-udev-helper-binary.patch * Removed 0190-replace-iscsistart-with-systemd-service-files.patch * Removed 0191-static_network_setup_return_zero.patch * Removed 0192-iscsi_set_boot_protocol_from_ifcfg.patch * Removed 0193-95iscsi-Set-number-of-login-retries.patch * Removed 0196-ibft-wait-for-session-on-all-paths.patch * Removed 0197-95iscsi-Do-not-require-network-for-qla4xxx-flash-ses.patch * Removed 0198-95iscsi-set-rd.iscsi.firmware-for-qla4xxx-sessions.patch * Removed 0199-rd-iscsi-waitnet-default-false.patch * Removed 0200-dracut_fix_multipath_without_config.patch * Removed 0201-fix_nfs_with_ip_instead_of_hostname.patch * Removed 0202-dracut_dmraid_use_udev.patch * Removed 0203-no-fail-builtin-module.patch * Removed 0204-mkinitrd-fix-monster.patch * Removed 0205-mdraid_ignore_hostonly.patch * Removed 0206-nfs_dns_alias.patch * Removed 0207-handle_module_aliases.patch * Removed 0208-no_forced_virtnet.patch * Removed 0209-fix_modules_load_d_hostonly.patch * Removed 0210-add_fcoe_uefi_check.patch * Removed 0212-fcoe_reorder_init_path.patch * Removed 0213-Fix-wrong-keymap-inclusion.patch * Removed 0214-95fcoe-Do-not-overwrite-FCoE-configuration.patch * Removed 0215-95fcoe-Do-not-complain-about-missing-etc-hba.conf.patch * Removed 0216-95fcoe-silence-lldpad-warnings.patch * Removed 0217-95fcoe-Allow-to-specify-the-FCoE-mode-via-the-fcoe-p.patch * Removed 0218-40network-allow-persistent-interface-names.patch * Removed 0219-95fcoe-use-interface-names-instead-of-MAC-addresses.patch * Removed 0220-95fcoe-always-set-AUTO_VLAN-for-fcoemon.patch * Removed 0221-95fcoe-Add-shutdown-script.patch * Removed 0222-90dm-Fixup-shutdown-script.patch * Removed 0223-90dm-fixup-dependency-cycle-between-MD-and-DM-shutdo.patch * Removed 0224-95iscsi-setup-bnx2i-offload-connections-properly.patch * Removed 0225-95fcoe-do-not-start-fcoemon-twice.patch * Removed 0300-dracut_dont_use_dpkg_defaults_on_SUSE.patch * Removed 0301-include_sysconfig_language.patch * Removed 0302-Revert-90multipath-add-hostonly-multipath.conf-in-ca.patch * Removed 0303-fix_multipath_check_hostonly.patch * Removed 0304-90multipath-Start-daemon-after-udev-settle.patch * Removed 0305-90multipath-load-dm_multipath-module-during-startup.patch * Removed 0306-90multipath-add-shutdown-script.patch * Removed 0307-90multipath-parse-kernel-commandline-option-multipat.patch * Removed 0308-mdraid_add_IMSM_NO_PLATFORM_env.patch * Removed 0309-90dmraid-do-not-delete-partitions.patch * Removed 0310-95resume-Do-not-resume-on-iSCSI.patch * Removed 0311-95iscsi-ip-ibft-is-deprecated.patch * Removed 0312-40network-Do-not-print-message-about-tmp-net.ibft0.c.patch * Removed 0313-90mdraid-Use-stock-MD-rules-to-assemble-RAID-arrays.patch * Removed 0314-nfs_do_not_pass_ifname_for_bonding_devices.patch * Removed 0402-driver-fail-summary.patch * Removed 0403-95lunmask-Add-module-to-handle-LUN-masking.patch * Removed 0404-dracut-emergency-optionally-print-fs-help.patch * Removed 0450-Strip-NUL-bytes-in-stream-before-push-in-string.patch * Removed 0451-systemd-initrd-add-initrd-root-device.target.patch * Removed 0452-Always-try-to-add-pinctrl-cherryview.patch * Removed 0453-Resolve-symbolic-links-for-i-and-k-parameters-bsc-90.patch * Removed 0454-Add-md4-and-arc4-modules-for-ntlm.patch * Removed 0500-Reset-IFS-variable.patch * Removed 0501-dasd_fix_ssid_bigger_zero.patch * Removed 0502-persistent_device_policy_param_enhance.patch * Removed 0503-dracut.sh-create-the-initramfs-non-world-readable-al.patch * Removed 0504-ibft-fix-boot-flag-check.patch * Removed 0505-Allow-booting-from-degraded-MD-RAID-arrays.patch * Removed 0506-Boot-on-s390x-with-fips-1-on-the-kernel-commnad-line.patch * Removed 0507-Set-TaskMax-inifinite-for-the-emergency-shell.patch * Removed 0508-90multipath-start-before-local-fs-pre.target.patch * Removed 0509-01fips-Remove-zlib-module-as-requirement.patch * Removed 0510-01fips-Some-modules-use-separators-other-than.patch * Removed 0511-01fips-ensure-fips-initialization-succeeds-on-s390-x.patch * Removed 0512-Make-binutils-optional-when-elfutils-are-available.patch * Removed 0513-Fix-regression-caused-by-6f9bf2b8ac436259bdccb110545.patch * Removed 0514-man-make-the-k-option-clear-using-mkinitrd.patch * Removed 0515-90kernel-modules-also-add-block-device-driver-revers.patch * Removed 0516-mkinitrd-suse.sh-Fix-prefix-calculation.patch * Removed 0517-95fcoe-fixup-fcoe-genrules.sh-for-VN2VN-mode.patch * Removed 0518-90kernel-modules-Fix-backlight-on-Cherrytrail-device.patch * Removed 0519-90kernel-modules-Ensure-phy-drivers-are-loaded-in-in.patch * Removed 0520-Ignore-module-resolution-errors.patch * Removed 0521-Ensure-udev-persistent-storage-compat-rules-get-crea.patch * Removed 0522-Fix-typo-from-commit-3f1cdb520.patch * Removed 0523-98dracut-systemd-Fix-module-force-loading-with-syste.patch * Removed 0524-Suppress-nonsensical-error-message-bsc-1032029.patch * Removed 0525-backport-bail-out-if-module-directory-does-not-exist.patch * Removed 0526-iscsiroot-call-handle_firmware-only-for-non-iface-in.patch * Removed 0527-switch-fips-checking-to-use-the-libkcapi-based-fipsc.patch * Removed 0528-Ensure-dracut.sh-responds-properly-to-hostonly_cmdli.patch * Removed 0529-systemd-add-missing-.slice-unit.patch * Removed 0530-dracut-systemd-dracut-cmdline-ask-fix-dracut-kernel-.patch * Removed 0531-dracut-systemd-.service-conflict-with-shutdown-targe.patch * Removed 0532-List-drivers-rather-than-looking-for-reverse-depende.patch * Removed 0533-instmods-check-modules.builtin-in-srcmods.patch * Removed 0534-ssh-client-Include-nss_-libraries.patch * Removed 0535-Sync-initramfs-after-creation.patch * Removed 0536-90multipath-drop-67-kpartx-compat.rules.patch * Removed 0537-dracut-init.sh-ignore-crc32.ko-in-builtin-test.patch * Removed 0538-Enable-core-dumps-with-systemd-from-initrd.patch * Removed 0539-Add-IMA-functionality-fate-323289.patch * Removed 0540-Check-the-proper-variable-for-a-custom-IMA-keys-dire.patch * Removed 0541-Make-sure-70-persistent-net.rules-is-included-in-ini.patch * Removed 0542-Include-crc32c-intel-module-when-using-btrfs.patch * Removed 0543-Remove-00systemd-bootchart.patch * Removed 0544-40network-Make-ip-dhcp-work.patch * Removed 0545-Add-early-microcode-support-for-AMD-family-16h.patch * Removed 0546-Support-Microcode-Updates-for-AMD-CPU-Family-0x17.patch * Removed 0547-Fix-task-limit-in-emergency.service-the-same-change-.patch * Removed 0548-95fcoe-Switch-back-to-using-fipvlan-for-bnx2fc.patch * Removed 0549-fcoe-up-Increase-sleeptime-to-13s.patch * Removed 0550-95fcoe-add-timeout-initqueue-entries.patch * Removed 0551-fips-use-lib-modules-uname-r-modules.fips.patch * Removed 0552-98integrity-support-validating-the-IMA-policy-file-s.patch * Removed 0553-98integrity-support-loading-x509-into-the-trusted-bu.patch * Removed 0554-98integrity-support-X.509-only-EVM-configuration.patch * Removed 0555-Avoid-executing-emergency-hooks-twice.patch * Removed 0556-95qeth_rules-Add-new-module-to-copy-qeth-rules.patch * Removed 0557-40network-make-arping-optional.patch * Removed 0558-40network-remove-brctl-dependency.patch * Removed 0559-Add-wickedd-duid.xml-and-iaid.xml-if-available.patch * Removed 0560-90kernel-modules-Ensure-PCI-host-modules-are-include.patch * Removed 0561-Add-the-qedi-driver-to-driver-list-for-iscsi-boot.patch * Removed 0562-Adjust-driver-list-to-modern-kernels.patch * Removed 0563-40network-collapse-arping-and-dhcp-calls-into-wicked.patch * Removed 0564-40network-Always-set-the-gw-variable.patch * Removed 0565-90kernel-modules-Include-Intel-Volume-Management-Dev.patch * Removed 0566-95nfs-If-no-server-is-configured-read-BOOTSERVERADDR.patch * Removed 0567-Fix-booting-with-fips-1-on-SLES-15.patch * Removed 0568-95multipath-Pickup-files-in-etc-multipath-conf.d.patch * Removed 0569-10i18n-Load-all-keymaps-for-a-given-locale.patch * Removed 0570-10i18n-Fix-possible-infinite-recursion.patch * Removed 0571-40network-Fix-static-network-setup.patch * Removed 0572-lsinitrd-no-more-cat-write-error-Broken-pipe.patch * Removed 0573-lsinitrd.sh-quote-filename-in-extract_files.patch * Removed 0574-s-find_btrfs_devs-btrfs_devs.patch * Removed 0580-check_for_CONFIG_ACPI_TABLE_UPGRADE.patch * Removed 0581-kernel-modules-add-nfit.patch * Removed 0582-98dracut-systemd-Start-systemd-vconsole-setup-before.patch * Removed 0583-99base-Allow-files-with-backslashes-in-hostonly-file.patch * Removed 0584-95dasd_rules-mark-dasd-rules-host_only.patch * Removed 0585-emergency-mode-use-sulogin.patch * Removed 0586-95zfcp_rules-parse-zfcp.sh-remove-rule-existence-check.patch * Removed 0587-Fix-a-missing-space-in-example-configs.patch * Removed 0588-Ensure-mmc-host-modules-get-included-properly.patch * Removed 0589-Fix-98dracut-systemd-dracut-emergency.sh.patch * Removed 0590-00systemd-check-if-systemd-version-is-a-number.patch * Removed 0591-91zipl-Don-t-use-contents-of-commented-lines.patch * Removed 0592-95iscsi-handle-qedi-like-bnx2i.patch * Removed 0593-dracut-only-copy-xattr-if-root.patch * Removed 0594-Check-SUSE-kernel-module-dependencies-recursively.patch * Removed 0595-iscsi-don-t-continue-waiting-if-the-root-device-is-p.patch * Removed 0596-network-stop-waiting-for-interfaces-if-root-device-i.patch * Removed 0597-iscsiroot-parse_iscsi_root-overwrites-command-line-a.patch * Removed 0598-iscsiroot-there-s-never-more-than-one-target-per-cal.patch * Removed 0599-iscsiroot-try-targets-only-once.patch * Removed 0600-iscsiroot-remove-bashisms.patch * Removed 0601-base-dracut-lib.sh-dev_unit_name-guard-against-dev-b.patch ++++ opus: - Update to version 1.3.1 * This release fixes an issue with the analysis on files with digital silence (all zeros), especially on x87 builds (mostly affects 32-bit builds). * Two new features: + A new OPUS_GET_IN_DTX query to know if the encoder is in DTX mode (last frame was either a comfort noise frame or not encoded at all) + A new (and still experimental) CMake-based build system that is eventually meant to replace the VS2015 build system (the autotools one will stay). ------------------------------------------------------------------ ------------------ 2019-5-24 - May 24 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-firmware: - Update to version 20190514: * linux-firmware: Update firmware file for Intel Bluetooth 8265 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 22161 * amlogic: add video decoder firmwares * iwlwifi: update -46 firmwares for 22260 and 9000 series * iwlwifi: add firmware for 22260 and update 9000 series -46 firmwares * iwlwifi: add -46.ucode firmwares for 9000 series ++++ mozilla-nss: - update to NSS 3.44 * (3.44) required by Firefox 68.0 New functionality * Support XDG basedir specification (bmo#818686) * HASH_GetHashOidTagByHashType - convert type HASH_HashType to type SECOidTag * SSL_SendCertificateRequest - allow server to request post-handshake client authentication. To use this both peers need to enable the SSL_ENABLE_POST_HANDSHAKE_AUTH option. Notable changes * The following CA certificates were added: CN = emSign Root CA - G1 CN = emSign ECC Root CA - G3 CN = emSign Root CA - C1 CN = emSign ECC Root CA - C3 CN = Hongkong Post Root CA 3 Bugs fixed: * CVE-2018-18508 (bmo#1507135, bmo#1507174) Add additional null checks to several CMS functions to fix a rare CMS crash. * Improve Gyp build system handling (bmo#1528669, bmo#1529308) * Reject invalid CH.legacy_version in TLS 1.3 (bmo#1490006) * A fix for Solaris where Firefox 60 core dumps during start when using profile from version 52 (bmo#1513913) * Improve NSS S/MIME tests for Thunderbird (bmo#1529950, bmo#1521174) * If Docker isn't installed, try running a local clang-format as a fallback (bmo#1530134) * Enable FIPS mode automatically if the system FIPS mode flag is set (bmo#1531267) * Add a -J option to the strsclnt command to specify sigschemes (bmo#1528262) * Add manual for nss-policy-check (bmo#1513909) * Fix a deref after a null check in SECKEY_SetPublicValue (bmo#1531074) * Properly handle ESNI with HRR (bmo#1517714) * Expose HKDF-Expand-Label with mechanism (bmo#1529813) * Align TLS 1.3 HKDF trace levels (bmo#1535122) * Use getentropy on compatible versions of FreeBSD. (bmo#1530102) ++++ libselinux: - Set License: to correct value (bsc#1135710) ++++ libvirt: - network: delay global firewall setup if no networks are running 9f4e35dc-network-improve-chain-create-error-report.patch, 686803a1-network-split-ipv4-ipv6-chains.patch, c1c235eb-nework-clear-cached-error.patch, 4330d138-network-refactor-global-chains.patch, 3b66bd9a-add-debug-chain-creation.patch, c6cbe187-network-delay-global-fw-setup.patch, Dropped patches: revert-7431b3eb.patch, revert-8b967198.patch bsc#1133229 - Renamed patches to include commit id: CVE-2019-10132-admin-reject-clients.patch -> 96f41cd7-admin-reject-clients.patch CVE-2019-10132-locking-restrict-sockets-to-mode-0600.patch -> f111e094-locking-restrict-sockets-to-mode-0600.patch CVE-2019-10132-logging-restrict-sockets-to-mode-0600.patch -> e37bd65f-logging-restrict-sockets-to-mode-0600.patch ++++ salt: - Fix return status when installing or updating RPM packages with "ppc64le" arch (bsc#1133647) - Added: * add-ppc64le-as-a-valid-rpm-package-architecture.patch ------------------------------------------------------------------ ------------------ 2019-5-23 - May 23 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Set umask to 022 before running glib-compile-schemas (boo#1131761). - Update to version 2.60.3: + * Various fixes to small key/value support in `GHashTable`. * Bugs fixed: - Critical in g_socket_client_async_connect_complete. - New GHashTable implementation confuses valgrind. - test_month_names: assertion failed. - GNetworkAddressAddressEnumerator unsafely modifies cache in GNetworkAddress. - Leaks in gsocketclient.c connection code. - glib/date test fails. - GDB pretty-printer for GHashTable no longer works + Updated translations. ++++ hwinfo: - merge gh#openSUSE/hwinfo#80 - fix Makefile and allow building for old distros - 21.66 - merge gh#openSUSE/hwinfo#79 - return BIOS UUID in decoded (with '-'s) form (bsc#1135819) - 21.65 ++++ libssh: - Add support for new AES-GCM encryption types; (bsc#1134193) * Add 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch * Add 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch * Add 0001-tests-Add-aes-gcm-ciphers-tests.patch ++++ libvirt: - spec: add systemd-container dependency to qemu and lxc drivers bsc#1136109 ++++ salt: - Add new "salt-standalone-formulas-configuration" package (fate#327791) - Added: * add-standalone-configuration-file-for-enabling-packa.patch ------------------------------------------------------------------ ------------------ 2019-5-22 - May 22 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Update to 7.65.0 [bsc#1135176, CVE-2019-5435][bsc#1135170, CVE-2019-5436] * Changes: - CURLOPT_DNS_USE_GLOBAL_CACHE: removed - CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse - pipelining: removed * Bugfixes: - CVE-2019-5435: Integer overflows in curl_url_set - CVE-2019-5436: tftp: use the current blksize for recvfrom() - --config: clarify that initial : and = might need quoting - CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk - CURLOPT_ADDRESS_SCOPE: fix range check and more - CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value - CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE - CURL_MAX_INPUT_LENGTH: largest acceptable string input size - Curl_disconnect: treat all CONNECT_ONLY connections as "dead" - OS400/ccsidcurl: replace use of Curl_vsetopt - OpenSSL: Report -fips in version if OpenSSL is built with FIPS - WRITEFUNCTION: add missing set_in_callback around callback - altsvc: Fix building with cookies disabled - auth: Rename the various authentication clean up functions - base64: build conditionally if there are users - cmake: avoid linking executable for some tests with cmake 3.6+ - cmake: clear CMAKE_REQUIRED_LIBRARIES after each use - cmake: set SSL_BACKENDS - configure: avoid unportable '==' test(1) operator - configure: error out if OpenSSL wasn't detected when asked for - configure: fix default location for fish completions - cookie: Guard against possible NULL ptr deref - curl: make code work with protocol-disabled libcurl - curl: report error for "--no-" on non-boolean options - curlver.h: use parenthesis in CURL_VERSION_BITS macro - docs/INSTALL: fix broken link - doh: acknowledge CURL_DISABLE_DOH - doh: disable DOH for the cases it doesn't work - examples: remove unused variables - ftplistparser: fix LGTM alert "Empty block without comment" - hostip: acknowledge CURL_DISABLE_SHUFFLE_DNS - http: Ignore HTTP/2 prior knowledge setting for HTTP proxies - http: acknowledge CURL_DISABLE_HTTP_AUTH - http: mark bundle as not for multiuse on < HTTP/2 response - http_digest: Don't expose functions when HTTP and Crypto Auth are disabled - http_negotiate: do not treat failure of gss_init_sec_context() as fatal - http_ntlm: Corrected the name of the include guard - http_ntlm_wb: Handle auth for only a single request - http_ntlm_wb: Return the correct error on receiving an empty auth message - lib509: add missing include for strdup - lib557: initialize variables - mbedtls: enable use of EC keys - mime: acknowledge CURL_DISABLE_MIME - multi: improved HTTP_1_1_REQUIRED handling - netrc: acknowledge CURL_DISABLE_NETRC - nss: allow fifos and character devices for certificates - nss: provide more specific error messages on failed init - ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup - ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4 - openssl: mark connection for close on TLS close_notify - openvms: Remove pre-processor for SecureTransport - parse_proxy: use the URL parser API - parsedate: disabled on CURL_DISABLE_PARSEDATE - pingpong: disable more when no pingpong protocols are enabled - polarssl_threadlock: remove conditionally unused code - progress: acknowledge CURL_DISABLE_PROGRESS_METER - proxy: acknowledge DISABLE_PROXY more - resolve: apply Happy Eyeballs philosophy to parallel c-ares queries - revert "multi: support verbose conncache closure handle" - sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616 - sasl: only enable if there's a protocol enabled using it - singleipconnect: show port in the verbose "Trying ..." message - socks5: user name and passwords must be shorter than 256 - socks: fix error message - socksd: new SOCKS 4+5 server for tests - spnego_gssapi: fix return code on gss_init_sec_context() failure - ssh-libssh: remove unused variable - ssh: define USE_SSH if SSH is enabled (any backend) - ssh: move variable declaration to where it's used - test1002: correct the name - test2100: Fix typos in test description - tests: Run global cleanup at end of tests - tests: make Impacket (SMB server) Python 3 compatible - tool_cb_wrt: fix bad-function-cast warning - tool_formparse: remove redundant assignment - tool_help: Warn if curl and libcurl versions do not match - tool_help: include for strcasecmp - url: always clone the CUROPT_CURLU handle - url: convert the zone id from a IPv6 URL to correct scope id - urlapi: add CURLUPART_ZONEID to set and get - urlapi: increase supported scheme length to 40 bytes - urlapi: require a non-zero host name length when parsing URL - urlapi: stricter CURLUPART_PORT parsing - urlapi: strip off zone id from numerical IPv6 addresses - urlapi: urlencode characters above 0x7f correctly - vauth/cleartext: update the PLAIN login to match RFC 4616 - vauth/oauth2: Fix OAUTHBEARER token generation - vauth: Fix incorrect function description for Curl_auth_user_contains_domain - vtls: fix potential ssl_buffer stack overflow - wildcard: disable from build when FTP isn't present - xattr: skip unittest on unsupported platforms ++++ elfutils: - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bnc#1112723) Add patch: arlib-check-that-sh_entsize-isnt-zero.patch - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bnc#1033088) Add patch: elflint-check-symbol-table-data-is-big-enough-before-check.patch - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bnc#1033087) Add patch: elflint-dont-check-section-group-without-flags-word.patch - CVE-2018-16403: heap buffer overflow in readelf (bnc#1107067) Add patch: libdw-check-end-of-attributes-list-consistently.patch - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bnc#1106390) Add patch: libdw-readelf-make-sure-there-is-enough-data-to-read.patch - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bnc#1111973) Add patch: libdwfl-sanity-check-partial-core-file-data-reads.patch - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bnc#1123685) Add patch: libdwfl-sanity-check-partial-core-file-dyn-data-read.patch - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bnc#1125007) Add patch: libebl-check-NT_PLATFORM-core-notes.patch - CVE-2017-7609: memory allocation failure in __libelf_decompress (bnc#1033086) Add patch: libelf-check-compression-before-allocate-output-buffer.patch - CVE-2018-16402: Double-free crash in nm and readelf (bnc#1107066) Add patch: libelf-error-if-elf_compress_gnu-is-used-on-SHF_COMPRESSED.patch - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bnc#1033084) Add patch: readelf-fix-off-by-one-sanity-check.patch - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bnc#1112726) Add patch: size-handle-recursive-elf-ar-files.patch - CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bnc#1033085) Add patch: use-the-empty-string-for-note-names-with-zero-size.patch ++++ iptables: - Add 0001-include-fix-build-with-kernel-headers-before-4.2.patch, 0001-include-extend-the-headers-conflict-workaround-to-in.patch to fix build with older linux-glibc-devel. [boo#1132821] ++++ kernel-default: - Delete patches.suse/Revert-Bluetooth-btusb-driver-to-enable-the-usb-wake.patch (boo#1130448). Should be fixed in 5.1-rc5 commit 771acc7e4a6e5dba779cb1a7fd851a164bc81033 Author: Brian Norris Date: Tue Apr 9 11:49:17 2019 -0700 Bluetooth: btusb: request wake pin with NOAUTOEN - commit b225e5a - dm: make sure to obey max_io_len_target_boundary (bnc#1135868). - commit dbeb07c ++++ Mesa: - Update to 19.0.5 * Things have slowed back down from the last release, which is good for this late in the series. No one area has received too much work, with a little bit sprinkled in here and there in both core code and drivers. ++++ podman: - Update podman to v1.3.1: - The podman cp command can now read input redirected to STDIN, and output to STDOUT instead of a file, using - instead of an argument. - The Podman remote client now displays version information from both the client and server in podman version - The podman unshare command has been added, allowing easy entry into the user namespace set up by rootless Podman (allowing the removal of files created by rootless Podman, among other things) - Fixed a bug where Podman containers with the --rm flag were removing created volumes when they were automatically removed - Fixed a bug where container and pod locks were incorrectly marked as released after a system reboot, causing errors on container and pod removal - Fixed a bug where Podman pods could not be removed if any container in the pod encountered an error during removal - Fixed a bug where Podman pods run with the cgroupfs CGroup driver would encounter a race condition during removal, potentially failing to remove the pod CGroup - Fixed a bug where the podman container checkpoint and podman container restore commands were not visible in the remote client - Fixed a bug where podman remote ps --ns would not print the container's namespaces - Fixed a bug where removing stopped containers with healthchecks could cause an error - Fixed a bug where the default libpod.conf file was causing parsing errors - Fixed a bug where pod locks were not being freed when pods were removed, potentially leading to lock exhaustion - Fixed a bug where 'podman run' with SD_NOTIFY set could, on short-running containers, create an inconsistent state rendering the container unusable - The remote Podman client now uses the Varlink bridge to establish remote connections by default - Update conmon to 0.2.0 and switched to containers/conmon upstream project ------------------------------------------------------------------ ------------------ 2019-5-21 - May 21 2019 ------------------- ------------------------------------------------------------------ ++++ xz: - add SUSE-Public-Domain licence as some parts of xz utils (liblzma, xz, xzdec, lzmadec, documentation, translated messages, tests, debug, extra directory) are in public domain licence [bsc#1135709] ++++ NetworkManager: - Avoid using "systemctl enable" in spec file (bsc#1038403). ++++ u-boot-rpiarm64: - Update update_git.sh - Update to v2019.07-rc2: * Net updates * UEFI updates for EBBR compliance * Minor fixes * Rockchip improvements and new features * Marvell boards updates * Sunxi updates * x86 fixes * SPI fixes * i.MX updates ------------------------------------------------------------------ ------------------ 2019-5-20 - May 20 2019 ------------------- ------------------------------------------------------------------ ++++ cni-plugins: - Updated plugins to v0.8.0: + New plugins: * bandwidth - limit incoming and outgoing bandwidth * firewall - add containers to firewall rules * sbr - convert container routes to source-based routes * static - assign a fixed IP address * win-bridge, win-overlay: Windows plugins + Plugin features / changelog: * CHECK Support * macvlan: - Allow to configure empty ipam for macvlan - Make master config optional * bridge: - Add vlan tag to the bridge cni plugin - Allow the user to assign VLAN tag - L2 bridge Implementation. * dhcp: - Include Subnet Mask option parameter in DHCPREQUEST - Add systemd unit file to activate socket with systemd - Add container ifName to the dhcp clientID, making the clientID value * flannel: - Pass through runtimeConfig to delegate * host-local: - host-local: add ifname to file tracking IP address used * host-device: - Support the IPAM in the host-device - Handle empty netns in DEL for loopback and host-device * tuning: - adds 'ip link' command related feature into tuning + Bug fixes & minor changes * Correctly DEL on ipam failure for all plugins * Fix bug on ip revert if cmdAdd fails on macvlan and host-device * host-device: Ensure device is down before rename * Fix -hostprefix option * some DHCP servers expect to request for explicit router options * bridge: release IP in case of error * change source of ipmasq rule from ipn to ip + Build fixes: * test: add coveralls support * plugins: correctly output build version, cosmetic cleanups * Move Windows tests to Travis - from version v0.7.5: + This release takes a minor change to the portmap plugin: * Portmap: append, rather than prepend, entry rules + This fixes a potential issue where firewall rules may be bypassed by port mapping - Include patch to fix the build on i586: + 0001_use_Go_facilities_to_get_a_socket.patch - Use new build_linux.sh script instead of removed build.sh ++++ kernel-default: - kvm: make kvm_vcpu_(un)map dependency on CONFIG_HAS_IOMEM explicit. Fixes build of s390x/zfcpdump. - commit b33dbfc - config: refresh vanilla configs - commit 4c41263 - net: phy: rename Asix Electronics PHY driver. Fix duplicate module name asix by renaming phy driver to ax88796b. - Update config files. - commit df18320 - mlx5: avoid 64-bit division. Fix i386 build. - commit 89c5a47 - Update to 5.2-rc1 - Eliminated 106 patches (105 stable, 1 other) - ARM configs need update - Refresh patches.rpmify/scripts-mkmakefile-honor-second-argument.patch patches.suse/dm-mpath-leastpending-path-update patches.suse/supported-flag patches.suse/supported-flag-external patches.suse/vfs-add-super_operations-get_inode_dev - New config options: - General setup - IKHEADERS_PROC=n - SHUFFLE_PAGE_ALLOCATOR=y - Security - SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING=n - Filesystems - UNICODE=y - UNICODE_NORMALIZATION_SELFTEST=n - Crypto - CRYPTO_ECRDSA=m - Networking - BATMAN_ADV_SYSFS=y - BT_MTKSDIO=m - XILINX_LL_TEMAC=m - MT7615E=m - RTW88=m - RTW88_8822BE=y - RTW88_8822CE=y - RTW88_DEBUG=n - RTW88_DEBUGFS=n - INFINIBAND_EFA=m - Storage - DM_DUST=m - MTD drivers - MTD_RAW_NAND=m - MTD_NAND_ECC_SW_BCH=y - MTD_NAND_ECC_SW_HAMMING_SMC=n - Input - KEYBOARD_QT1050=m - TOUCHSCREEN_IQS5XX=m - INPUT_GPIO_VIBRA=n - INPUT_REGULATOR_HAPTIC=m - HID_MACALLY=m - HID_U2FZERO=m - INPUT_MAX77650_ONKEY=m - Serial - NULL_TTY=m - SERIAL_SIFIVE=m - Power management - CHARGER_MANAGER=y - CHARGER_LT3651=m - CHARGER_UCS1002=m - SENSORS_IR38064=m - SENSORS_ISL68137=m - SENSORS_LTC2978_REGULATOR=y - THERMAL_MMIO=m - MFD_MAX77650=m - MFD_STMFX=m - REGULATOR_DEBUG=n - REGULATOR_FIXED_VOLTAGE=m - REGULATOR_VIRTUAL_CONSUMER=m - REGULATOR_USERSPACE_CONSUMER=m - REGULATOR_88PG86X=m - REGULATOR_ACT8865=m - REGULATOR_AD5398=m - REGULATOR_AXP20X=m - REGULATOR_DA9062=m - REGULATOR_DA9210=m - REGULATOR_DA9211=m - REGULATOR_FAN53555=m - REGULATOR_GPIO=m - REGULATOR_ISL9305=m - REGULATOR_ISL6271A=m - REGULATOR_LM363X=m - REGULATOR_LP3971=m - REGULATOR_LP3972=m - REGULATOR_LP872X=m - REGULATOR_LP8755=m - REGULATOR_LTC3589=m - REGULATOR_LTC3676=m - REGULATOR_MAX1586=m - REGULATOR_MAX77650=m - REGULATOR_MAX8649=m - REGULATOR_MAX8660=m - REGULATOR_MAX8907=m - REGULATOR_MAX8952=m - REGULATOR_MAX8973=m - REGULATOR_MCP16502=m - REGULATOR_MT6311=m - REGULATOR_PFUZE100=m - REGULATOR_PV88060=m - REGULATOR_PV88080=m - REGULATOR_PV88090=m - REGULATOR_PWM=m - REGULATOR_QCOM_SPMI=m - REGULATOR_SY8106A=m - REGULATOR_TPS51632=m - REGULATOR_TPS62360=m - REGULATOR_TPS65023=m - REGULATOR_TPS6507X=m - REGULATOR_TPS65132=m - REGULATOR_TPS6524X=m - REGULATOR_VCTRL=m - CHARGER_MAX77650=m - Media - MEDIA_CONTROLLER_REQUEST_API=y - VIDEO_V4L2_SUBDEV_API=y - V4L2_FLASH_LED_CLASS=m - VIDEO_COBALT=n - VIDEO_IPU3_CIO2=m - VIDEO_CADENCE_CSI2RX=m - VIDEO_CADENCE_CSI2TX=m - VIDEO_MUX=m - VIDEO_XILINX=m - VIDEO_XILINX_TPG=m - VIDEO_VIMC=m - VIDEO_IPU3_IMGU=m - DRM - NOUVEAU_LEGACY_CTX_SUPPORT=n - DRM_PANEL_FEIYANG_FY07024DI26A30D=n - DRM_PANEL_ROCKTECH_JH057N00900=n - DRM_PANEL_RONBO_RB070D30=n - Sound - SND_SOC_FSL_AUDMIX=n - SND_SOC_SOF_TOPLEVEL=y - SND_SOC_SOF_PCI=m - SND_SOC_SOF_ACPI=m - SND_SOC_SOF_NOCODEC=n - SND_SOC_SOF_STRICT_ABI_CHECKS=n - SND_SOC_SOF_DEBUG=n - SND_SOC_SOF_INTEL_TOPLEVEL=y - SND_SOC_SOF_BAYTRAIL_SUPPORT=y - SND_SOC_SOF_BROADWELL_SUPPORT=y - SND_SOC_SOF_MERRIFIELD_SUPPORT=y - SND_SOC_SOF_APOLLOLAKE_SUPPORT=y - SND_SOC_SOF_GEMINILAKE_SUPPORT=y - SND_SOC_SOF_CANNONLAKE_SUPPORT=y - SND_SOC_SOF_COFFEELAKE_SUPPORT=y - SND_SOC_SOF_ICELAKE_SUPPORT=y - SND_SOC_SOF_HDA_LINK=y - SND_SOC_SOF_HDA_AUDIO_CODEC=y - SND_SOC_INTEL_SOF_RT5682_MACH=m - USB - TYPEC_NVIDIA_ALTMODE=m - LEDS - LEDS_LM3532=m - LEDS_REGULATOR=m - LEDS_MAX77650=m - Platform - CROS_EC_RPMSG=m - CROS_USBPD_LOGGER=m - CLK_SIFIVE=n - IXP4XX_QMGR=n - IXP4XX_NPE=m - IIO - CC10001_ADC=n - TI_ADS8344=n - FXAS21002C=n - MB1232=n - MAX31856=m - Misc drivers - I2C_AMD_MP2=m - PINCTRL_STMFX=n - FIELDBUS_DEV=n - KPC2000=n - NVMEM_SYSFS=y - COUNTER=n - GPIO_MAX77650=m - Library - PACKING=n - Debugging and testing - DEBUG_INFO_BTF=n - DEBUG_MISC=n - DEBUG_PLIST=n - TEST_STRSCPY=n - x86 - ACPI_HMAT=y - INTEL_CHT_INT33FE=m - INTEL_ISH_FIRMWARE_DOWNLOADER=m - i386 - MEMORY_HOTPLUG=y - MEMORY_HOTPLUG_DEFAULT_ONLINE=n - MEMORY_HOTREMOVE - XEN_BALLOON_MEMORY_HOTPLUG=y - XEN_BALLOON_MEMORY_HOTPLUG_LIMIT=4 - DEV_DAX_KMEM=m - MEMORY_NOTIFIER_ERROR_INJECT=m - ACPI_HOTPLUG_MEMORY=y - ppc64 / ppc64le - PPC_KUEP=y - PPC_KUAP=y - PPC_KUAP_DEBUG=n - MTD_NAND_DENALI_PCI=m - MTD_NAND_CAFE=m - MTD_NAND_GPIO=m - MTD_NAND_PLATFORM=m - MTD_NAND_NANDSIM=m - MTD_NAND_RICOH=m - MTD_NAND_DISKONCHIP=m - MTD_NAND_DISKONCHIP_PROBE_ADVANCED=n - MTD_NAND_DISKONCHIP_BBTWRITE=n - INTEGRITY_PLATFORM_KEYRING=y - OPTIMIZE_INLINING=y - XMON_DEFAULT_RO_MODE=y - s390x - KEXEC_VERIFY_SIG=n - RELOCATABLE=y - RANDOMIZE_BASE=y - PROTECTED_VIRTUALIZATION_GUEST=y - LCD_CLASS_DEVICE=n - BACKLIGHT_CLASS_DEVICE=n - INTEGRITY_PLATFORM_KEYRING=y - OPTIMIZE_INLINING=n - commit c8b1101 ++++ libvirt: - cpu: add tests for md-clear feature Updated 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch and added 5cd9db3a-cputest-add-data-E3-1225-v5.patch bsc#1135273 - CVE-2019-10132: admin: reject clients unless their UID matches the server UID CVE-2019-10132-admin-reject-clients.patch, CVE-2019-10132-locking-restrict-sockets-to-mode-0600.patch, CVE-2019-10132-logging-restrict-sockets-to-mode-0600.patch bsc#1134348 ++++ python-rpm-macros: - Update to version 20190511.2ed22b6: * Add the first draft of pyproject_wheel and pyproject_install macros. ++++ salt: - Switch firewalld state to use change_interface (bsc#1132076) - Added: * switch-firewalld-state-to-use-change_interface.patch ++++ xfsprogs: - xfs_info: enable offline (unmounted) filesystem geometry queries (bsc#1129859) * Add xfsprogs-libfrog-refactor-fs-geometry-printing-function.patch * Add xfsprogs-mkfs-use-geometry-generation-helper-functions.patch * Add xfsprogs-xfs-hoist-xfs_fs_geometry-to-libxfs.patch * Add xfsprogs-xfs-refactor-the-geometry-structure-filling-function.patch * Add xfsprogs-xfs_db-add-a-superblock-info-command.patch * Add xfsprogs-xfs_info-call-xfs_db-for-offline-filesystems.patch * Add xfsprogs-xfs_info-move-to-xfs_spaceman.patch * Add xfsprogs-xfs_info-use-findmnt-to-handle-mounted-block-devices.patch * Add xfsprogs-xfs_spaceman-add-a-superblock-info-command.patch ------------------------------------------------------------------ ------------------ 2019-5-18 - May 18 2019 ------------------- ------------------------------------------------------------------ ++++ u-boot-rpiarm64: - Clean up multibuild conversion * Rename is_risc5 to is_riscv64 * Fix armv6 board builds (rpi) * Fix RK3288 board builds and SPL installation (firefly-rk3288, tinker-rk3288) * Fix RK3399 SPL build and installation * Fix H5 board builds (orangepipc2) * TBD: am335xboneblack, sinovoipbpim2plus ------------------------------------------------------------------ ------------------ 2019-5-17 - May 17 2019 ------------------- ------------------------------------------------------------------ ++++ cni: - Update to version 0.7.0: * Spec changes: + Use more RFC2119 style language in specification (must, should...) + add notes about ADD/DEL ordering + Make the container ID required and unique. + remove the version parameter from ADD and DEL commands. + Network interface name matters + be explicit about optional and required structure members + add CHECK method + Add a well-known error for "try again" + SPEC.md: clarify meaning of 'routes' * Library changes: + pkg/types: Makes IPAM concrete type + libcni: return error if Type is empty + skel: VERSION shouldn't block on stdin + non-pointer instances of types.Route now correctly marshal to JSON + libcni: add ValidateNetwork and ValidateNetworkList functions + pkg/skel: return error if JSON config has no network name + skel: add support for plugin version string + libcni: make exec handling an interface for better downstream testing + libcni: api now takes a Context to allow operations to be timed out or cancelled + types/version: add helper to parse PrevResult + skel: only print about message, not errors + skel,invoke,libcni: implementation of CHECK method + cnitool: Honor interface name supplied via CNI_IFNAME environment variable. + cnitool: validate correct number of args + Don't copy gw from IP4.Gateway to Route.GW When converting from 0.2.0 + add PrintTo method to Result interface + Return a better error when the plugin returns none - Install sleep binary into CNI plugin directory - Restore build.sh script which was removed upstream ++++ grub2: - Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457) (Getting rid of hardcoded 'vmlinuz', which failed on PPC as well.) * grub2-systemd-sleep.sh - Try to refresh zipl-kernel on failed kexec. (bsc#1127293) * grub2-s390x-04-grub2-install.patch - Fully support "previous" zipl-kernel, with 'mem=1G' being available on dedicated entries. (bsc#928131) * grub2-s390x-09-improve-zipl-setup.patch - Refresh * grub2-zipl-setup-fix-btrfs-multipledev.patch ++++ kernel-default: - Revert "selinux: do not report error on connect(AF_UNSPEC)" (git-fixes). - Revert "Don't jump to compute_result state from check_result state" (git-fixes). - commit 3d34296 - Linux 5.1.3 (bnc#1012628). - f2fs: Fix use of number of devices (bnc#1012628). - PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary (bnc#1012628). - PCI: hv: Add hv_pci_remove_slots() when we unload the driver (bnc#1012628). - PCI: hv: Fix a memory leak in hv_eject_device_work() (bnc#1012628). - virtio_ring: Fix potential mem leak in virtqueue_add_indirect_packed (bnc#1012628). - powerpc/booke64: set RI in default MSR (bnc#1012628). - powerpc/powernv/idle: Restore IAMR after idle (bnc#1012628). - powerpc/book3s/64: check for NULL pointer in pgd_alloc() (bnc#1012628). - drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#1012628). - drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#1012628). - isdn: bas_gigaset: use usb_fill_int_urb() properly (bnc#1012628). - flow_dissector: disable preemption around BPF calls (bnc#1012628). - net: phy: fix phy_validate_pause (bnc#1012628). - tuntap: synchronize through tfiles array instead of tun->numqueues (bnc#1012628). - tuntap: fix dividing by zero in ebpf queue selection (bnc#1012628). - vrf: sit mtu should not be updated when vrf netdev is the link (bnc#1012628). - vlan: disable SIOCSHWTSTAMP in container (bnc#1012628). - tipc: fix hanging clients using poll with EPOLLOUT flag (bnc#1012628). - selinux: do not report error on connect(AF_UNSPEC) (bnc#1012628). - packet: Fix error path in packet_init (bnc#1012628). - net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#1012628). - net: seeq: fix crash caused by not set dev.parent (bnc#1012628). - net: macb: Change interrupt and napi enable order in open (bnc#1012628). - net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering (bnc#1012628). - net: dsa: Fix error cleanup path in dsa_init_module (bnc#1012628). - ipv4: Fix raw socket lookup for local traffic (bnc#1012628). - fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied (bnc#1012628). - dpaa_eth: fix SG frame cleanup (bnc#1012628). - bridge: Fix error path for kobject_init_and_add() (bnc#1012628). - bonding: fix arp_validate toggling in active-backup mode (bnc#1012628). - Don't jump to compute_result state from check_result state (bnc#1012628). - rtlwifi: rtl8723ae: Fix missing break in switch statement (bnc#1012628). - mwl8k: Fix rate_idx underflow (bnc#1012628). - USB: serial: fix unthrottle races (bnc#1012628). - virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace (bnc#1012628). - kernfs: fix barrier usage in __kernfs_new_node() (bnc#1012628). - i2c: core: ratelimit 'transfer when suspended' errors (bnc#1012628). - selftests/seccomp: Handle namespace failures gracefully (bnc#1012628). - hwmon: (occ) Fix extended status bits (bnc#1012628). - hwmon: (pwm-fan) Disable PWM if fetching cooling data fails (bnc#1012628). - platform/x86: dell-laptop: fix rfkill functionality (bnc#1012628). - platform/x86: thinkpad_acpi: Disable Bluetooth for some machines (bnc#1012628). - platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012628). - commit 073196d ++++ NetworkManager: - Remove legacy checks which fixes bnc#803058 during distribution upgrade from 12.2 to 12.3 in .spec file. ++++ podman: - Update `systemd-devel` to actually be `pkgconfig(libsystemd)` to allow OBS to shortcut through systemd-mini-devel ++++ qemu: - Fix regression in autorepeat key handling 0045-kbd-state-fix-autorepeat-handling.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 - Fix file list ++++ suse-module-tools: - Only ship RPM macros up to suse_version 1500: after that, the macros can be found in the rpm-config-SUSE package. ++++ yast2: - create log directory with control.xml and merged installation.xml - 4.2.4 ------------------------------------------------------------------ ------------------ 2019-5-16 - May 16 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix [bsc#1135170, CVE-2019-5436] * A heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server * Added curl-CVE-2019-5436.patch ++++ e2fsprogs: - e2fsck-check-and-fix-tails-of-all-bitmaps.patch: e2fsck: check and fix tails of all bitmap blocks (bsc#1128383) ++++ gstreamer-plugins-base: - Add CVE-2019-9928.patch: fix a heap overflow in the rtsp connection parser (boo#1133375 CVE-2019-9928). ++++ kernel-default: - Update config files: disable CONFIG_IDE for ppc64/ppc64le (bsc#1135333) - commit 012b7ed ++++ gnutls: - Explicitly require libnettle 3.4.1 (bsc#1134856) * The RSA decryption code was rewritten in GnuTLS 3.6.5 in order to fix CVE-2018-16868, the new implementation makes use of a new rsa_sec_decrypt() function introduced in libnettle 3.4.1 * libnettle was recently updated to the 3.4.1 version but we need to add explicit dependency on it to prevent missing symbol errors with the older versions ++++ spice: - Update to v0.14.2 stable release The main changes are support for Meson build and graphic device info messages allowing to better support multi-monitor configurations. * support H265 in stream-channel * add support for building with meson/ninja * minor tests fixes improving CI * set char device state for smartcard, allowing Qemu optimization * improve red-parse-qxl.c interface making it more consistent * add some instrumentation for streaming device * QXL interface: add a function to identify monitors in the guest (spice_qxl_set_device_info) * add support for GraphicsDeviceInfo messages * video-stream: prevent crash on stream reattach * make channel client callbacks virtual functions * bumped minimum required glib version to 2.38 * attempt to have a reliable led state for keyboard modifiers - Removed patches: (The first two are altered versions of what is carried upstream. I think we're fine with what upstream does here) 0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch 0002-lz-More-checks-on-image-sizes.patch 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch ++++ podman: - Update podman to v1.3.0 * Podman now supports container restart policies! The --restart-policy flag on podman create and podman run allows containers to be restarted after they exit. Please note that Podman cannot restart containers after a system reboot - for that, see our next feature * Podman podman generate systemd command was added to generate systemd unit files for managing Podman containers * The podman runlabel command now allows a $GLOBAL_OPTS variable, which will be populated by global options passed to the podman runlabel command, allowing custom storage configurations to be passed into containers run with runlabel * The podman play kube command now allows File and FileOrCreate volumes * The podman pod prune command was added to prune unused pods * Added the podman system migrate command to migrate containers using older configurations to allow their use by newer Libpod versions * Podman containers now forward proxy-related environment variables from the host into the container with the --http-proxy flag (enabled by default) * Read-only Podman containers can now create tmpfs filesystems on /tmp, /var/tmp, and /run with the --read-only-tmpfs flag (enabled by default) * The podman init command was added, performing all container pre-start tasks without starting the container to allow pre-run debugging - Update conmon to cri-o v1.14.1 - Update libpod.conf to match latest feature set ++++ python-requests: - Update to version 2.20.1 (bsc#1111622) * Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443). ++++ yast2: - Make sure the wizard buttons always remain visible in NCurses (bsc#1133367) - 4.2.3 ------------------------------------------------------------------ ------------------ 2019-5-15 - May 15 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/kvm/pmu: Set AMD's virt PMU version to 1 (https://patchwork.kernel.org/patch/10936271/). - commit d737fc7 ++++ libvirt: - cpu_map: add cpu feature md-clear. CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 538d8735-cpu_map-Define-md-clear-CPUID-bit.patch bsc#1111331 bsc#1135273 ++++ qemu: - Yet another gcc9 related code fix (bsc#1121464) 0044-hw-intc-exynos4210_gic-provide-more.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ------------------------------------------------------------------ ------------------ 2019-5-14 - May 14 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Linux 5.1.2 (bnc#1012628). - x86/speculation/mds: Fix documentation typo (bnc#1012628). - Documentation: Correct the possible MDS sysfs values (bnc#1012628). - x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012628). - x86/speculation/mds: Add 'mitigations=' support for MDS (bnc#1012628). - s390/speculation: Support 'mitigations=' cmdline option (bnc#1012628). - powerpc/speculation: Support 'mitigations=' cmdline option (bnc#1012628). - x86/speculation: Support 'mitigations=' cmdline option (bnc#1012628). - cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012628). - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bnc#1012628). - x86/speculation/mds: Fix comment (bnc#1012628). - x86/speculation/mds: Add SMT warning message (bnc#1012628). - x86/speculation: Move arch_smt_update() call to after mitigation decisions (bnc#1012628). - x86/speculation/mds: Add mds=full,nosmt cmdline option (bnc#1012628). - Documentation: Add MDS vulnerability documentation (bnc#1012628). - Documentation: Move L1TF to separate directory (bnc#1012628). - x86/speculation/mds: Add mitigation mode VMWERV (bnc#1012628). - x86/speculation/mds: Add sysfs reporting for MDS (bnc#1012628). - x86/speculation/mds: Add mitigation control for MDS (bnc#1012628). - x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bnc#1012628). - x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bnc#1012628). - x86/speculation/mds: Clear CPU buffers on exit to user (bnc#1012628). - x86/speculation/mds: Add mds_clear_cpu_buffers() (bnc#1012628). - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bnc#1012628). - x86/speculation/mds: Add BUG_MSBDS_ONLY (bnc#1012628). - x86/speculation/mds: Add basic bug infrastructure for MDS (bnc#1012628). - x86/speculation: Consolidate CPU whitelists (bnc#1012628). - x86/msr-index: Cleanup bit defines (bnc#1012628). - commit 5a8c05f - config: keep LSM empty in s390x/zfcpdump This config doesn't really build AppArmor and always had DEFAULT_SECURITY_DAC so it seems more consistent to keep LSM list empty. - commit 3073856 - config: enable AppArmor by default again (bsc#1134906) AppArmor used to be enabled in kernel by default by after the recent introduction of CONFIG_LSM, we disabled all LSM modules. Enable AppArmor again. - commit 953db35 - Update upstream reference: patches.suse/efifb-Omit-memory-map-check-on-legacy-boot.patch - commit 133a780 ++++ icu: - Add 075cefb2e21f57f4cac1bc2868e93dd1b8c077cc.patch to fix a regression with the C.UTF-8 locale https://unicode-org.atlassian.net/browse/ICU-20575 ++++ openldap2: - bsc#1111388 - incorrect post script call causes tmpfiles create not to be run. ++++ systemd: - Import commit 9984a86d0d2259d54c7060f9c09f214202b4efa7 f2459bf373 random-util: eat up bad RDRAND values seen on AMD CPUs c90a2e9793 util-lib: fix a typo in rdrand 4db1cc9d46 random-util: rename "err" to "success" 981a62a102 random-util: hash AT_RANDOM getauxval() value before using it 64a9c3d918 random-util: use gcc's bit_RDRND definition if it exists c5d6ecfdca random-util: rename RANDOM_DONT_DRAIN → RANDOM_MAY_FAIL 298d13df7e network: remove redunant link name in message 77cbde31f2 hwdb: Align airplane mode toggle key mapping for all Acer series 460f03794e Revert "hwdb: Apply Acer mappings to all Gateway and Packard Bell models" fe9271ad84 test: return a non-zero return code when 'nobody' user doesn't exist 29d355e755 fstab-generator: Prevent double free of reused FILE* f30f1adc11 meson: make source files including nspawn-settings.h depend on libseccomp 84bab914b8 alloc-util: don't use malloc_usable_size() to determine allocated size 5240972d8d units: drop reference to sushell man page 0a26de5e33 codespell: fix spelling errors 582de105c8 nspawn-expose-ports: fix a typo in error message ++++ qemu: - Switch to now upstreamed version of patch and add one more gcc9 related patch * Patches renamed: 0041-qxl-fix-Waddress-of-packed-member.patch - > 0041-qxl-avoid-unaligned-pointer-reads-w.patch 0042-libvhost-user-fix-Waddress-of-packe.patch - Add x86 cpu feature "md-clear" (CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 bsc#1111331) 0043-target-i386-define-md-clear-bit.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ------------------------------------------------------------------ ------------------ 2019-5-13 - May 13 2019 ------------------- ------------------------------------------------------------------ ++++ rdma-core: - Update to rdma-core v23.1 - No release notes available - Replace prebuild-pandoc.sh by post_download.sh to patch the spec file form upstream for OBS setup ++++ systemd: - Buildrequire polkit so /usr/share/polkit-1/rules.d has an owner (bsc#1145023) Otherwise the "post build checks" would complain and would force systemd to own this directory. The owner should still be "polkit" and the perms should be in sync with the perm set by polkit itself. ++++ system-user-root: - Bump to version 20190513: * Invalidate root password by default (bsc#1134524) ------------------------------------------------------------------ ------------------ 2019-5-11 - May 11 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Linux 5.1.1 (bnc#1012628). - arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP (bnc#1012628). - locking/futex: Allow low-level atomic operations to return - EAGAIN (bnc#1012628). - i3c: Fix a shift wrap bug in i3c_bus_set_addr_slot_status() (bnc#1012628). - ASoC: Intel: avoid Oops if DMA setup fails (bnc#1012628). - UAS: fix alignment of scatter/gather segments (bnc#1012628). - Bluetooth: hci_bcm: Fix empty regulator supplies for Intel Macs (bnc#1012628). - Bluetooth: Fix not initializing L2CAP tx_credits (bnc#1012628). - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bnc#1012628). - Bluetooth: hidp: fix buffer overflow (bnc#1012628). - scsi: qla2xxx: Fix device staying in blocked state (bnc#1012628). - scsi: qla2xxx: Set remote port devloss timeout to 0 (bnc#1012628). - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bnc#1012628). - scsi: lpfc: change snprintf to scnprintf for possible overflow (bnc#1012628). - soc: sunxi: Fix missing dependency on REGMAP_MMIO (bnc#1012628). - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate (bnc#1012628). - cpufreq: armada-37xx: fix frequency calculation for opp (bnc#1012628). - iio: adc: qcom-spmi-adc5: Fix of-based module autoloading (bnc#1012628). - intel_th: pci: Add Comet Lake support (bnc#1012628). - genirq: Prevent use-after-free and work list corruption (bnc#1012628). - usb-storage: Set virt_boundary_mask to avoid SG overflows (bnc#1012628). - USB: cdc-acm: fix unthrottle races (bnc#1012628). - USB: serial: f81232: fix interrupt worker not stop (bnc#1012628). - usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012628). - usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON (bnc#1012628). - staging: most: sound: pass correct device when creating a sound card (bnc#1012628). - staging: most: cdev: fix chrdev_region leak in mod_exit (bnc#1012628). - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context (bnc#1012628). - staging: greybus: power_supply: fix prop-descriptor request size (bnc#1012628). - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings (bnc#1012628). - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() (bnc#1012628). - commit 8e0a089 ++++ qemu: - Correct logic of which ipxe patches get included based on suse_version. We were wrongly excluding a gcc9 related patch for example ++++ xfsprogs: - xfs_repair: allow '/' in attribute names (bsc#1122271) * Add xfsprogs-xfs_repair-allow-in-attribute-names.patch - xfs_repair: Add missing braces to allow zeroing of corrupt log (bsc#1073421) * Add xfsprogs-xfs_repair-Add-missing-braces-to-allow-zeroing-of-co.patch ------------------------------------------------------------------ ------------------ 2019-5-10 - May 10 2019 ------------------- ------------------------------------------------------------------ ++++ Mesa: - Update to 19.0.4 * It's been a pretty active release, especially for how late in the cyle we are. Radv was the busiest component, but there were also a few changes for intel, radeonsi, some core vulkan work, and a little bit of other stuff here and there. ++++ nghttp2: - Update to 1.38.0: * This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry. * It also fixes the bug that HTTP/1.1 chunked request stalls. * Now nghttpx does not log authorization request header field value with -LINFO. * This release fixes possible backend stall when header and request body are sent in their own packets. * The backend option gets weight parameter to influence backend selection. * This release fixes compile error with BoringSSL. - Add patch from upstream to build with new boost bsc#1134616: * boost170.patch ++++ polkit: - Use systemd_ordering instead of systemd_requires: strictly speaking, polkit does not require systemd to be present. Just that when we install on a system with systemd (e.g outside containers) we would want systemd to be present before installing polkit. Help also reduce a cycle without special hacks in systemd.spec. ++++ qemu: - Switch to now upstreamed version of some patches * Patches renamed: 0036-util-qemu-sockets-Fix-GCC-9-build-w.patch - > 0036-sockets-avoid-string-truncation-war.patch 0039-linux-user-uname-Fix-GCC-9-build-wa.patch - > 0039-linux-user-avoid-string-truncation-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ++++ suse-module-tools: - Move RPM macros to %_rpmmacrodir. ------------------------------------------------------------------ ------------------ 2019-5-9 - May 9 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Sign non-x86 kernels when possible (boo#1134303) - commit bac621c ++++ systemd: - Add debug-only-remove-new-policies.patch A temporary patch to suppress the new DBUS methods introduced by v242 until they are reviewed and whitelisted by the secteam. - Add a comment explaining why static enablement symlinks in /etc are suppressed Also remove any /etc/systemd/system/*.requires/ symlinks for the same reason. ++++ qemu: - Create /usr/share/qemu/firmware and /etc/qemu/firmware directories in support of the firmware descriptor feature now in use as of libvirt v5.2 ++++ supportutils: - Updated to version 3.1.3 + Uses SUSE FTP servers (bsc#1132865) + btrfs quota #43 + supportconfig: open-files: add file flags #44 + Merged etc_info: Add support for .cfg files in /etc dir #46 + Silence warning in rpm backup db collection path #47 + Set files in tarball to 660 instead of 600 #48 + SUSE separation finalized (bsc#1125623) + Default compression through xz, but -z forces bzip2 + Updated man pages (bsc#1088234) + Changed VAR_OPTION_BIN_TIMEOUT_SEC from 300 to 120 + Avoids some IO delays (bsc#1100529) + Corrected supported services help info for -U + Collects iSCSI Target information (bsc#1133844) + FTPES uses --ssl-reqd instead of depricated --ftp-ssl + Defaults to https FTP server uploads (bsc#1134599) ++++ u-boot-rpiarm64: - Update to v2019.07-rc1: * Board fixes * btrfs fixes * ext4 symlink support and other fixes * ext4 block group descriptor sizing * UEFI rework * Add and enable brcmnand driver on a number of relevant platforms. Also add and enable LED drivers on more bcm platforms. * Various ARMv8 fixes/improvements, including extending PSCI functionality. * fs_loader improvments * Various FIT/SPL improvements * PCI bugfixes * adds support for the BootNext and BootCurrent variables * doc/README.ARM-memory-map was dropped (9ad996adcc135bc34b185957567c8c46deb90d4f) - Update update_git.sh to remove reference to pre_checkin.sh ------------------------------------------------------------------ ------------------ 2019-5-8 - May 8 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Move glib2.macros to %_rpmmacrodir. /etc is for the system admin. ++++ pango: - Move RPM macros to %_rpmmacrodir. ++++ python-libvirt-python: - Update to 5.3.0 - Add all new APIs and constants in libvirt 5.3.0 ++++ salt: - Fix async-batch to fire a single done event - Added: * fix-async-batch-multiple-done-events.patch ------------------------------------------------------------------ ------------------ 2019-5-7 - May 7 2019 ------------------- ------------------------------------------------------------------ ++++ krb5: - Move LDAP schema files from /usr/share/doc/packages/krb5 to /usr/share/kerberos/ldap; (bsc#1134217); ++++ salt: - Do not make Salt CLI to crash when there are IPv6 established connections (bsc#1130784) - Added: * do-not-crash-when-there-are-ipv6-established-connect.patch ++++ yast2: - give more verbose feedback in 'view_anymsg' client (bsc#1132658) - 4.2.2 ------------------------------------------------------------------ ------------------ 2019-5-6 - May 6 2019 ------------------- ------------------------------------------------------------------ ++++ distribution-logos-openSUSE: - Add viewBox and preserveAspectRatio to SVGs ++++ health-checker: - Update to version 1.2.3 * Fix crio RPM name ++++ kernel-default: - Update to 5.1 final - Eliminated 1 patch - New config options: - PCI: - PCIE_BW=n (recommended default) - commit a974d8b ++++ nvme-cli: - Increase size of ONTAP namespace path variable + 0014-nvme-cli-Increase-size-of-ONTAP-namespace-path-varia.patch - Fix failing service on devices without fc-hardware (bsc#1133594) + 0105-nvme-cli-Check-for-sysfs-interface-before-NVMe-disco.patch ++++ qemu: - Disable LTO as suggested by Martin Liska (boo#1133281) - Remove and obsolete qemu-oss-audio subpackage. OSS audio is very old, and we didn't really even configure the package properly for it for a very long time, so presumably there can't be any users of it as far as qemu is concerned - Avoid warnings which gcc9 complains about 0036-util-qemu-sockets-Fix-GCC-9-build-w.patch 0037-hw-usb-hcd-xhci-Fix-GCC-9-build-war.patch 0038-hw-usb-dev-mtp-Fix-GCC-9-build-warn.patch 0039-linux-user-uname-Fix-GCC-9-build-wa.patch 0040-linux-user-elfload-Fix-GCC-9-build-.patch 0041-qxl-fix-Waddress-of-packed-member.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ------------------------------------------------------------------ ------------------ 2019-5-3 - May 3 2019 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.60.2: + OpenSSL backend now defaults to system trust store. + Fix client auth failure error with GnuTLS 3.6.7 (bsc#1134795). - Drop 0001-gnutls-Handle-new-GNUTLS_E_CERTIFICATE_REQUIRED.patch: fixed upstream. ++++ glib2: - Update to version 2.60.2: + Fix crash when displaying notifications on macOS. + Improve network status detection with NetworkManager. + Bugs fixed: glgo#GNOME/GLib!790, glgo#GNOME/GLib!793, glgo#GNOME/GLib!803. + Updated translations. ++++ grub2: - Fix GCC 9 build failure (bsc#1121208) * 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch * 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch * 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch * 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch * 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch * 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch * 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch * 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch ++++ kernel-firmware: - Update to version 20190502: * amdgpu: update vega20 to the latest 19.10 firmware * amdgpu: update vega12 to the latest 19.10 firmware * amdgpu: update vega10 to the latest 19.10 firmware * amdgpu: update polaris11 to the latest 19.10 firmware * amdgpu: update polaris10 to the latest 19.10 firmware * amdgpu: update raven2 to the latest 19.10 firmware * amdgpu: update raven to the latest 19.10 firmware * amdgpu: update picasso to the latest 19.10 firmware * linux-firmware: update fw for qat devices * Mellanox: Add new mlxsw_spectrum firmware 13.2000.1122 * drm/i915/firmware: Add ICL HuC v8.4.3238 * drm/i915/firmware: Add ICL GuC v32.0.3 * drm/i915/firmware: Add GLK HuC v03.01.2893 * drm/i915/firmware: Add GLK GuC v32.0.3 * drm/i915/firmware: Add KBL GuC v32.0.3 * drm/i915/firmware: Add SKL GuC v32.0.3 * drm/i915/firmware: Add BXT GuC v32.0.3 ++++ salt: - Include aliases in FQDNS grain (bsc#1121439) ------------------------------------------------------------------ ------------------ 2019-5-2 - May 2 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 2.0.0~beta+git20190429.1eeb201: * build_releases: update for using go mod * news: add news for v2.0.0-beta * doc: mv spec 3.1.0 -> 3.1.0-experimental * contributing.md: add pointer to development guide * doc/operator-notes: add section on config merging * test: turn on docs checking * doc/migrating-configs.md: update for spec 3.0.0 * doc/development.md: update doc for spec 3.0.0 * doc/getting-started.md: update for spec 3.0.0 * doc/examples.md: update for spec 3.0.0 ++++ multipath-tools: - Update to version 0.7.9+148+suse.5179c8d: * fix compilation of external programs with -lmultipath (bsc#1133957) ++++ util-linux: - Fix problems in reading of login.defs values (bsc#1121197, util-linux-login_defs-priority1.patch, util-linux-login_defs-priority2.patch, util-linux-login_defs-SYS_UID.patch). - Perform one-time reset of /etc/default/su (bsc#1121197). ++++ libcroco: - Add libcroco-CVE-2017-8834.patch: fix infinite loop on invalid UTF-8 (boo#1043898 boo#1043899 bgo#782647 CVE-2017-8834 CVE-2017-8871). ++++ systemd: - preset remote-cryptsetup.target during package installation This target is supposed to be part of the targets that should be enabled (or not depending on the presets) at package installation. - Upgrade to v242 (commit 071c380dcc434dca2a0c8b6de0519cc9e816c6d6) See https://github.com/openSUSE/systemd/blob/SUSE/v242/NEWS for details. This includes the following bug fixes: - upstream commit bf65b7e0c9fc215897b676ab9a7c9d1c688143ba (CVE-2019-3843) - upstream commit bf65b7e0c9fc215897b676ab9a7c9d1c688143ba (CVE-2019-3844) - upstream commit 37ed15d7edaf59a1fc7c9e3552cd93a83f3814ef (bsc#1124122) - upstream commit bf65b7e0c9fc215897b676ab9a7c9d1c688143ba (bsc#1133506) - upstream commit bf65b7e0c9fc215897b676ab9a7c9d1c688143ba (bsc#1133509) - upstream commit 1f82f5bb4237ed5f015daf93f818e9db95e764b8 (bsc#1150595) - upstream commit e55bdf9b6c5f72475b258a7a4585a0480551cb60 (bsc#1173422) ++++ patterns-base: - recomment issue-generator in the minimal_base pattern rather than the release package (boo#1133636) ++++ python-rpm-macros: - Update to version 20190430.5260267: * Yet another attempt to preserve $PYTHONPATH set in the environment. * Document also %pytest_arch * Document %pytest in README.md ++++ salt: - Fix issue preventing syndic to start - Update year on spec copyright notice - Added: * fix-syndic-start-issue.patch ++++ util-linux-systemd: - Fix problems in reading of login.defs values (bsc#1121197, util-linux-login_defs-priority1.patch, util-linux-login_defs-priority2.patch, util-linux-login_defs-SYS_UID.patch). - Perform one-time reset of /etc/default/su (bsc#1121197). ------------------------------------------------------------------ ------------------ 2019-5-1 - May 1 2019 ------------------- ------------------------------------------------------------------ ++++ qemu: - Update to v4.0.0: See http://wiki.qemu.org/ChangeLog/4.0 Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package Some noteworthy changes: * ARM: ARMv8+ extensions for SB, PredInv, HPD, LOR, FHM, AA32HPD, PAuth, JSConv, CondM, FRINT, and BTI * ARM: new emulation support for "Musca" and "MPS2" development boards * ARM: virt: support for >255GB of RAM and u-boot "noload" image types * ARM: improved emulation of ARM PMU * HPPA: support for TLB protection IDs and TLB trace events * MIPS: support for multi-threaded TCG emulation * MIPS: emulation support for I7200 I6500 CPUs, QMP-base querying of CPU types, and improved support for SAARI and SAAR configuration registers * MIPS: improvements to Interthread Communication Unit, Fulong 2E machine types, and end-user documentation. * PowerPC: pseries/powernv: support for POWER9 large decrementer * PowerPC: pseries: emulation support for XIVE interrupt controller * PowerPC: pseries: support for hotplugging PCI host bridges (PHBs) * PowerPC: pseries: Spectre/Meltdown mitigations enabled by default, additional support for count-cache-flush mitigation * RISC-V: virt: support for PCI and USB * RISC-V: support for TSR, TW, and TVM fields of mstatus, FS field now supports three stats (dirty, clean, and off) * RISC-V: built-in gdbserver supports register lists via XML files * s390: support for z14 GA 2 CPU model, Multiple-epoch and PTFF features now enabled in z14 CPU model by default * s390: vfio-ap: now supports hot plug/unplug, and no longer inhibits memory ballooning * s390: emulation support for floating-point extension facility and vector support instructions * x86: HAX accelerator now supported POSIX hosts other than Darwin, including Linux and NetBSD * x86: Q35: advertised PCIe root port speeds will now optimally default to maximum link speed (16GT/s) and width (x32) provided by PCIe 4.0 for QEMU 4.0+ machine types; older machine types will retain 2.5GT/x1 defaults for compatibility. * x86: Xen PVH images can now be booted with "-kernel" option * Xtensa: xtfpga: improved SMP support for linux (interrupt distributor, IPI, and runstall) and new SMP-capable test_mmuhifi_c3 core configuration * Xtensa: support for Flexible length instructions extension (FLIX) * GUI: new '-display spice-app' to configure/launch a Spice client GUI with a similar UI to QEMU GTK. VNC server now supports access controls via tls-authz/sasl-authz options * QMP: support for "out-of-band" command execution, can be useful for postcopy migration recovery. Additional QMP commands for working with block devices and dirty bitmaps * VFIO: EDID interface for supported mdev (Intel vGPU for kernel 5.0+), allows resolution setting via xres/yres options. * Xen: new 'xen-disk' device which can create a Xen PV disk backend, and performance improvements for Xen PV disk backend. * Network Block Device: improved tracing and error diagnostics, improved client compatibility with buggy NBD server implementations, new - -bitmap, --list, --tls-authz options for qemu-nbd * virtio-blk now supports DISCARD and WRITE_ZEROES * qemu-test-suite output is now in TAP format * Sphinx now used for part of qemu documentation * A few more configure features are enabled: iconv, lzfse (for openSUSE) * Provide better logo icons - Made these package building changes: * Removed this token from spec file: #!BuildIgnore: gcc-PIE * Created ability to build qemu source out-of-tree * Added BSD-2-Clause license clause due to EDK II code inclusion * Patches dropped (upstream unless otherwise noted): 0010-Remove-problematic-evdev-86-key-fro.patch 0025-Fix-tigervnc-long-press-issue.patch 0026-string-input-visitor-Fix-uint64-par.patch 0027-test-string-input-visitor-Add-int-t.patch 0028-test-string-input-visitor-Add-uint6.patch 0029-tests-Add-QOM-property-unit-tests.patch 0030-tests-Add-scsi-disk-test.patch 0033-smbios-Add-1-terminator-if-any-stri.patch (different approach used) 0034-qemu-io-tests-comment-out-problemat.patch (not as needed) 0039-xen_disk-Avoid-repeated-memory-allo.patch 0041-vfio-ap-flag-as-compatible-with-bal.patch 0042-hw-s390x-Fix-bad-mask-in-time2tod.patch 0043-pcie-set-link-state-inactive-active.patch 0044-pc-piix4-Update-smbus-I-O-space-aft.patch 0045-hw-usb-fix-mistaken-de-initializati.patch 0046-usb-mtp-use-O_NOFOLLOW-and-O_CLOEXE.patch 0047-pvrdma-release-device-resources-in-.patch 0048-rdma-check-num_sge-does-not-exceed-.patch 0049-pvrdma-add-uar_read-routine.patch 0050-pvrdma-check-number-of-pages-when-c.patch 0051-pvrdma-check-return-value-from-pvrd.patch 0052-pvrdma-release-ring-object-in-case-.patch 0053-block-Fix-hangs-in-synchronous-APIs.patch 0054-linux-user-make-pwrite64-pread64-fd.patch 0055-xen-Add-xen-v4.12-based-xc_domain_c.patch 0056-slirp-check-data-length-while-emula.patch 0057-s390x-Return-specification-exceptio.patch 0059-memory-Fix-the-memory-region-type-a.patch 0060-target-i386-sev-Do-not-pin-the-ram-.patch 0061-slirp-check-sscanf-result-when-emul.patch 0062-ppc-add-host-serial-and-host-model-.patch 0063-i2c-ddc-fix-oob-read.patch 0064-device_tree.c-Don-t-use-load_image.patch 0065-spapr-Simplify-handling-of-host-ser.patch ipxe-efi-guard-strncpy-with-gcc-warning-ignore-pragma.patch ipxe-fix-build.patch skiboot-hdata-i2c.c-fix-building-with-gcc8.patch * Patches renamed: 0011-linux-user-use-target_ulong.patch - > 0010-linux-user-use-target_ulong.patch 0012-Make-char-muxer-more-robust-wrt-sma.patch - > 0011-Make-char-muxer-more-robust-wrt-sma.patch 0013-linux-user-lseek-explicitly-cast-no.patch - > 0012-linux-user-lseek-explicitly-cast-no.patch 0014-AIO-Reduce-number-of-threads-for-32.patch - > 0013-AIO-Reduce-number-of-threads-for-32.patch 0015-xen_disk-Add-suse-specific-flush-di.patch - > 0014-xen_disk-Add-suse-specific-flush-di.patch 0016-qemu-bridge-helper-reduce-security-.patch - > 0015-qemu-bridge-helper-reduce-security-.patch 0017-qemu-binfmt-conf-use-qemu-ARCH-binf.patch - > 0016-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0018-linux-user-properly-test-for-infini.patch - > 0017-linux-user-properly-test-for-infini.patch 0019-roms-Makefile-pass-a-packaging-time.patch - > 0018-roms-Makefile-pass-a-packaging-time.patch 0020-Raise-soft-address-space-limit-to-h.patch - > 0019-Raise-soft-address-space-limit-to-h.patch 0021-increase-x86_64-physical-bits-to-42.patch - > 0020-increase-x86_64-physical-bits-to-42.patch 0022-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch - > 0021-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0023-i8254-Fix-migration-from-SLE11-SP2.patch - > 0022-i8254-Fix-migration-from-SLE11-SP2.patch 0024-acpi_piix4-Fix-migration-from-SLE11.patch - > 0023-acpi_piix4-Fix-migration-from-SLE11.patch 0031-Switch-order-of-libraries-for-mpath.patch - > 0024-Switch-order-of-libraries-for-mpath.patch 0032-Make-installed-scripts-explicitly-p.patch - > 0025-Make-installed-scripts-explicitly-p.patch 0035-tests-test-thread-pool-is-racy-add-.patch - > 0027-tests-test-thread-pool-is-racy-add-.patch 0036-xen-add-block-resize-support-for-xe.patch - > 0028-xen-add-block-resize-support-for-xe.patch 0037-tests-qemu-iotests-Triple-timeout-o.patch - > 0029-tests-qemu-iotests-Triple-timeout-o.patch 0038-tests-block-io-test-130-needs-some-.patch - > 0030-tests-block-io-test-130-needs-some-.patch 0040-xen-ignore-live-parameter-from-xen-.patch - > 0031-xen-ignore-live-parameter-from-xen-.patch 0058-Revert-target-i386-kvm-add-VMX-migr.patch - > 0034-Revert-target-i386-kvm-add-VMX-migr.patch * Patches added: 0026-hw-smbios-handle-both-file-formats-.patch 0032-tests-Fix-Makefile-handling-of-chec.patch 0033-Conditionalize-ui-bitmap-installati.patch 0035-tests-change-error-message-in-test-.patch ipxe-efi-Avoid-string-op-warning-with-cross-gcc-7-compile.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0 ------------------------------------------------------------------ ------------------ 2019-4-30 - Apr 30 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Fix devices drop open error message (bsc#1122666) + bug-1122666_devices-drop-open-error-message.patch ++++ kernel-default: - rdma: fix build errors on s390 and MIPS due to bad ZERO_PAGE use (http://lkml.kernel.org/r/20190429052136.GA21672@unicorn.suse.cz). - Delete patches.suse/rdma-fix-argument-of-ZERO_PAGE-in-rdma_umap_fault.patch. - commit a764394 ++++ multipath-tools: - Update to version 0.7.9+147+suse.689dcaf: * Avoid deadlock situation during udev settle (bsc#1131789, bsc#1125145) - multipath -u: test socket connection in non-blocking mode * Avoid device IO in "multipath -u" (bsc#1125145) * Fix priority handling for offline paths (bsc#1118495) * Fix daemon shutdown issues (bsc#1110060, bsc#1110439) - multipathd: protect all access to running_state - multipathd: allow shutdown during configure() ++++ lvm2: - Fix devices drop open error message (bsc#1122666) + bug-1122666_devices-drop-open-error-message.patch ++++ python3-core: - Update to 3.6.8: - bugfixes only - removed patches (subsumed in the upstream tarball): - CVE-2018-20406-pickle_LONG_BINPUT.patch - refreshed patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - CVE-2019-9636-urlsplit-NFKC-norm.patch - Python-3.0b1-record-rpm.patch - python-3.3.0b1-fix_date_time_compiler.patch - python-3.3.0b1-test-posix_fadvise.patch - python-3.3.3-skip-distutils-test_sysconfig_module.patch - python-3.6.0-multilib-new.patch - python3-sorted_tar.patch - subprocess-raise-timeout.patch - switch off LTO and PGO optimization (bsc#1133452) - bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch Address the issue by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause a ValueError to be raised. ++++ sg3_utils: - Update to version 1.44~763+19.1ed0757: * rescan-scsi-bus.sh: use LUN wildcard in idlist (bsc#1069384) * 40-usb-blacklist.rules: use ID_SCSI_INQUIRY (bsc#840054, bsc#1131482) ++++ permissions: - Added 0004-var-cache-man.patch. Removed entry for /var/cache/man. Conflicts with packaging and man:man is the better setting anyway (bsc#1133678) ++++ python3: - Update to 3.6.8: - bugfixes only - removed patches (subsumed in the upstream tarball): - CVE-2018-20406-pickle_LONG_BINPUT.patch - refreshed patches: - CVE-2019-5010-null-defer-x509-cert-DOS.patch - CVE-2019-9636-urlsplit-NFKC-norm.patch - Python-3.0b1-record-rpm.patch - python-3.3.0b1-fix_date_time_compiler.patch - python-3.3.0b1-test-posix_fadvise.patch - python-3.3.3-skip-distutils-test_sysconfig_module.patch - python-3.6.0-multilib-new.patch - python3-sorted_tar.patch - subprocess-raise-timeout.patch - switch off LTO and PGO optimization (bsc#1133452) - bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch Address the issue by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause a ValueError to be raised. ++++ salt: - Use ThreadPool from multiprocessing.pool to avoid leakings when calculating FQDNs - Do not report patches as installed on RHEL systems when not all the related packages are installed (bsc#1128061) - Added: * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch * do-not-report-patches-as-installed-when-not-all-the-.patch ++++ shadow: - Split shadow-login_defs.patch hunks to its logical components (bsc#1121197): * shadow-login_defs-unused-by-pam.patch * shadow-login_defs-comments.patch * shadow-util-linux.patch * shadow-login_defs-suse.patch * Move appropriate hunks to chkname-regex.patch and encryption_method_nis.patch * Remove GROUPADD_CMD that is not supported (bsc#1121197#c14). - Split getdef-new-defs.patch hunks to its logical components (bsc#1121197): * encryption_method_nis.patch * chkname-regex.patch * shadow-util-linux.patch Add support for login: ALWAYS_SET_PATH and LOGIN_PLAIN_PROMPT. * useradd-script.patch, userdel-script.patch * Remove duplicated definitions of MOTD_FILE and ENV_PATH. ------------------------------------------------------------------ ------------------ 2019-4-29 - Apr 29 2019 ------------------- ------------------------------------------------------------------ ++++ gpg2: - Allow coredumps in X11 desktop sessions (bsc#1124847) * Added gnupg-gpg-agent-ulimit.patch ++++ kernel-default: - Update to 5.1-rc7 - add patches.suse/rdma-fix-argument-of-ZERO_PAGE-in-rdma_umap_fault.patch (tentative s390x build fix) - New config options: - ARM: - KEYBOARD_SNVS_PWRKEY=m - armv7hl: - FRAME_POINTER=y - UNWINDER_FRAME_POINTER=y - commit 04c1966 ++++ libtasn1: - Add libtasn1-object-id-recursion.patch: limit recursion in _asn1_expand_object_id (boo#1105435 CVE-2018-1000654 (https://gitlab.com/gnutls/libtasn1/merge_requests/8) ++++ patterns-base: - Move haveged from enhanced_base to minimal_base (bsc#1131369). ++++ runc: - Upgrade to runc v1.0.0~rc8. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc8 - Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553). - Remove upstreamed patches: - CVE-2019-5736.patch ++++ transactional-update: - Update to version 2.14.2 - Prevent unnecessary error message on systems not installed with YaST (e.g. KIWI) ++++ u-boot-rpiarm64: - Convert spec file(s) to multibuild ------------------------------------------------------------------ ------------------ 2019-4-26 - Apr 26 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Use FAT LTO objects in order to provide proper static library (boo#1133129). ++++ gstreamer-plugins-base: - Added: 0001-id3tag-Correctly-validate-the-year-from-v1-tags-befo.patch which fixes: https://gitlab.freedesktop.org/gstreamer/gstreamer/issues/384 "Segfault since 1.16" which also occurs in 1.14.4. ++++ kdump: - kdump-kdumprd-Look-for-boot-image-and-boot-Image.patch: kdumprd: Look for /boot/image-* and /boot/Image-* (bsc#1132799). ++++ Mesa: - Update to 19.0.3 * quiet release with just 19 patches (excluding release churn) since 19.0.2 * no sub component was touched too much * virgl, glsl, nir, intel, radeonsi, radv, ac, and gallivm received a few patches ++++ polkit: - bsc#1130588: Require shadow instead of old pwdutils - User proper Requires(pre)/Requires(post) for permissions and shadow ++++ libssh2_org: - Fix upstream patch for CVE-2019-3859 [bsc#1133528, bsc#1130103] - Added libssh2_org-CVE-2019-3859-fix.patch ++++ zstd: - Use FAT LTO objects in order to provide proper static library (boo#1133297). ++++ salt: - Update to 2019.2.0 complete (FATE#327138, bsc#1133523) - Fix batch/batch-async related issues - Calculate FQDNs in parallel to avoid blockings (bsc#1129079) - Incorporate virt.volume_info fixes (PR#131) - Re-adds patch because of increased offset due to previous patch removal - Removing patch to add root parameter to zypper module - Fix for -t parameter in mount module - Added: * mount-fix-extra-t-parameter.patch * add-batch_presence_ping_timeout-and-batch_presence_p.patch * fix-async-batch-race-conditions.patch * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch - Modified: * don-t-call-zypper-with-more-than-one-no-refresh.patch * add-virt.volume_infos-and-virt.volume_delete.patch - Removed: * zypper-add-root-configuration-parameter.patch ++++ yast2: - Uninstall the "SUSE-Manager-Proxy" product when upgrading from SLES12 + SUMA Proxy + SUMA Branch Server (bsc#1133215) - 4.2.1 ------------------------------------------------------------------ ------------------ 2019-4-25 - Apr 25 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - dracut-lib.sh:dev_unit_name() guard against $dev beginning with "-" (bsc#1132448) * adds 0601-base-dracut-lib.sh-dev_unit_name-guard-against-dev-b.patch ++++ ignition: - Update to version 0.30.0+git20190424.9212ea6: * doc: add docs for existing link behavior * tests: add test for matching links * tests: fix test runner to link in the correct root * stages/files: do not fail if links are correct * tests/positive: test hardlinking to symlinks * tests/validator: use os.Lstat() not os.Stat() * config/*/types/storage: fail on hardlinked dirs ++++ bluez: - Add hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch * amp_assoc_dump() didn't check the length of amp assoc struct. (bsc#1013712)(CVE-2016-9798)(bsc#1013708)(CVE-2016-9797) Add hcidump-Fix-memory-leak-with-malformed-packet.patch * Do not allow to read more than allocated data buffer size. (bsc#1015171)(CVE-2016-9917) - Refresh patches: patches/bluez-cups-libexec.patch patches/bluez-5.45-disable-broken-tests.diff - fix bluez.changes: add (bsc#1013893)(CVE-2016-9802) tag for last log. ++++ libselinux: - Disable LTO (boo#1133244). ++++ sg3_utils: - Spec file: add fc_wwpn_id to generate by-path links for fibrechannel (bsc#1005063) - Update to version 1.44~763+17.35f525b: * Changed versioning scheme (svn r763, pre-release of upstream 1.44, plus 16 SUSE patches, SUSE git commit b2fedfa) * Code-identical to previous release except for the following: * 59-fc-wwpn-id.rules: fix rule syntax (bsc#1133418) ++++ libvirt: - Revert commits 5f1e6a7d and f6c5babb to avoid loading conntrack module at libvird start revert-7431b3eb.patch, revert-8b967198.patch bsc#1133229 ------------------------------------------------------------------ ------------------ 2019-4-24 - Apr 24 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - 95iscsi: avoid error messages when building initrd, multipath timeouts (bsc#1130114, bsc#1130107, bsc#1121238) * adds 0595-iscsi-don-t-continue-waiting-if-the-root-device-is-p.patch * adds 0596-network-stop-waiting-for-interfaces-if-root-device-i.patch * adds 0597-iscsiroot-parse_iscsi_root-overwrites-command-line-a.patch * adds 0598-iscsiroot-there-s-never-more-than-one-target-per-cal.patch * adds 0599-iscsiroot-try-targets-only-once.patch * adds 0600-iscsiroot-remove-bashisms.patch ++++ Mesa: - Disable LTO (boo#1133265). ++++ libsolv: - always prefer to stay with the same package name if there are multiple alternatives [bnc#1131823] ++++ systemd: - Drop "BuildRequires: -post-build-checks" from the specfile (bsc#1130230) The syntax of this directive is obsolete and should be replaced by "#!BuildIgnore: post-build-checks". However there's no good reasons to disable these SUSE extra checks, so let's re-enable them and fix the few errors it detected. ------------------------------------------------------------------ ------------------ 2019-4-23 - Apr 23 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 0.30.0+git20190417.ccc74c4: * doc/config-v3_*: Add notes about uniqueness ++++ libapparmor: - Disable LTO (boo#1133091). ++++ libdrm: - Update to version 2.4.98 * This release adds marketing names for AMDGPU devices, a fallback path in drmDevice for devices lacking OF data and drmIsMaster API, amongst other changes. ------------------------------------------------------------------ ------------------ 2019-4-21 - Apr 21 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to v5.1-rc6 - New config options: - IIO: - SENSIRION_SGP30=n - commit ab97af0 ------------------------------------------------------------------ ------------------ 2019-4-20 - Apr 20 2019 ------------------- ------------------------------------------------------------------ ++++ python-gobject: - Update to version 3.32.1: + tests/gimarshallingtestsextra.c/h: relicense to LGPLv2.1+. + meson: add ``tests`` option for disabling tests. + meson: tests: pass ``--quiet`` to g-ir-scanner. + Fix a crash when marshalling a GError to Python fails. + Fix leak of transfer-full/container C arrays. ------------------------------------------------------------------ ------------------ 2019-4-19 - Apr 19 2019 ------------------- ------------------------------------------------------------------ ++++ rdma-core: - Update to rdma-core v23 - No release notes available - Enable pyverbs package - Remove patches that were merged upstream - Update-kernel-headers.patch - bnxt_re-lib-Enable-Broadcom-s-57500-RoCE-adapter.patch ------------------------------------------------------------------ ------------------ 2019-4-18 - Apr 18 2019 ------------------- ------------------------------------------------------------------ ++++ bzip2: - add bzip2-1.0.6-CVE-2016-3189.patch to fix a heap use after free vulnerability that was reported in bzip2recover [bsc#985657] [CVE-2016-3189] ++++ icu: - Update to new upstream release 64.2 * This maintenance update for ICU 64 includes draft Unicode 12.1 update, CLDR 35.1 locale data and support for the new Japanese era Reiwa (令和). (boo#1112183, bnc#1103893, FATE#325570) ------------------------------------------------------------------ ------------------ 2019-4-17 - Apr 17 2019 ------------------- ------------------------------------------------------------------ ++++ libguestfs: - Fixing issue with virt-customize in SLES and openSUSE guests (boo#1132790) Patches added: 28bd06227b-inspect-handle-os-release-opensuse-tumbleweed-as-ope.patch 70407cd622-inspection-Parse-os-release-opensuse-leap-as-opensus.patch ++++ fuse3: - Update to 3.5.0: * Changed ioctl commands to "unsigned int" in order to support commands which do not fit into a signed int. Commands issued by applications are still truncated to 32 bits. * Added SMB2 to whitelist (so users can now mount FUSE filesystems on mountpoints within SMB 2.0 filesystems). * Added a new cache_readdir flag to fuse_file_info to enable caching of readdir results. Supported by kernels 4.20 and newer. * Add support and documentation for FUSE_CAP_NO_OPENDIR_SUPPORT. ++++ Mesa: - Drop patches n_VDPAU-XVMC-libs-Replace-hardlinks-with-copies.patch and archlinux_0001-Fix-linkage-against-shared-glapi.patch: These patches only work when building mesa with autotools. As we use meson instead now, these patches do nothing. - Drop version 19.0.1 tarballs ++++ orc: - Add relax-tests.patch to increase test timeouts to 2 minutes, also limit the max value for memcpy_speed.c test bsc#1130085 ++++ libpng16: - security update - added patches CVE-2019-7317 [bsc#1124211] + libpng16-CVE-2019-7317.patch ++++ sqlite3: - Upgrade to 3.28.0: * CVE-2019-9936, bsc#1130326: running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read. * CVE-2019-9937, bsc#1130325: interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference. * Enhanced window functions * Enhanced VACUUM INTO so that it works for read-only databases. * New query optimizations. * Added the sqlite3_value_frombind() API for determining if the argument to an SQL function is from a bound parameter. * Security and compatibilities enhancements to fts3_tokenizer(). * Improved robustness against corrupt database files. ++++ zstd: - Update to new upstream release 1.4.0 * perf: level 1 compression speed was improved by ~6–8% * cli: added --[no-]compress-literals flag to enable or disable literal compression - Reword "real-time" in description by some actual statistics, because 603MB/s (lowest zstd level) is not "real-time" for quite some applications. ++++ transactional-update: - Add requires for bc, needed for some calculations ++++ yast2: - Allow not prescribing UI in yast2, to use YUILoader::loadUI. Required to load integration tests framework (poo#36712, bsc#1132247) - 4.2.0 ------------------------------------------------------------------ ------------------ 2019-4-16 - Apr 16 2019 ------------------- ------------------------------------------------------------------ ++++ kdump: - kdump-Add-skip_balance-option-to-BTRFS-mounts.patch: Add skip_balance option to BTRFS mounts (bsc#1108255). ++++ kernel-default: - series.conf: cleanup patches.suse/ext2-fsync-err was deleted in 2011 but its (commented out) line in series.conf was left behind. - commit d2aebe3 ++++ gnutls: - Restored autoreconf in build. - Removed gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch since the version requirements of required libraries are once again automatically determined. - Added gnutls-3.6.7-SUSE_SLE15_guile_site_directory.patch because it is a better patch name for handling the '--with-guile-site-dir=' problem in 3.6.7. ------------------------------------------------------------------ ------------------ 2019-4-15 - Apr 15 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Update to version 2.60.1: + Fix documentation for `gdbus-tool wait` to use correct units. + Bugs fixed: glgo#GNOME/GLib#1709, glgo#GNOME/GLib#1725, glgo#GNOME/GLib#1737, glgo#GNOME/GLib!711, glgo#GNOME/GLib!722, glgo#GNOME/GLib!727, glgo#GNOME/GLib!729, glgo#GNOME/GLib!758, glgo#GNOME/GLib!775. + Updated translations. - Drop upstream fixed patch: 0001-Handle-an-UNKNOWN-NetworkManager-connectivity-as-NONE.patch. ++++ ignition: - Update to version 0.30.0+git20190411.205ae79: * providers/vmware: update for new vmware library * vendor: update to use vmware libraries * tests: update code for google's uuid package * vendor: switch to github.com/google/uuid * vendor: bump go-semver to latest * vendor: update aws-sdk-go to latest tag * doc: Document new proxy configuration options * vendor: Add golang.org/x/net/http/httpproxy dep * tests: Initial positive/negative tests * engine: Update http client based on proxy config * schema: Add proxy config and properties * *: bump import path * platform: drop "pxe" * doc: add documentation for 3.1.0-experimental spec * tests: turn on 3.1.0-experimental tests * *: switch to using 3.1.0-experimental everywhere * tests: don't fail on 3.1.0-experimental * config: add v3.1.0-experimental spec * tests/runner: use generic parse * providers/util: use generic parse * internal/engine: use generic parse * tests: add test for directory correction * doc/spec-3_0: clarify behavior with overwrite * stages/file: fail if relabeling and no restorecon * stages/files: allow directory matching * config/v3_0/types: add files verification tests * config/v3_0/types/file: add more validation * config/helpers: make StrToPtr strict * doc/spec-3_0: clarify overwrite behavior * stages/files: refactor overwrite handling * config/v3_0: disallow overwrite and nil source * config: validate fs entries dont use symlinks * platform: drop compat alias for "ec2" platform ID * config/shared/errors: drop unused errors * doc/spec-v3_0: remove deprecated size and start * tests: add test for file conflicts * stages/files: check that files dont conflict * config: remove partition start and size * internal: don't use partitions.{size,start} * tests: change partitioning bb to use MiB * build_blackbox_tests: fix for go mod * stages/files: fix unit relabeling to exclude DestDir * Fix configspec link to remove `-experimental` * doc/spec-v3_0: update to not be -experimental * tag_release: allow -suffixes on tags * doc/spec-v3_0: remove docs on removed field * doc: drop -experimental from spec filename * news: add news for 2.0.0-alpha * tests/positive/general: use hashes from server * tests: make servers generate their own hashes * *: stablize spec 3.0.0 * stages/files: fix relabel path to be relative to sysroot * tests: add bb test for invalid merged configs * exec/engine: validate merged config before use * tests/blackbox: make runner print config * config/types: call IgnoreDuplicates correctly * config: test to ensure config type is valid * config/types: de-pointer config.ignition.replace * config/merge: add tests * config: replace config appending with merging * config/v3_0_exp: rename config.append to merge * config: rework schema for better merging * *: rename ec2 -> aws and gce -> gcp * stages/files: Also relabel subuid/subgid files * doc/config-spec: drop passwd.users.create * config: drop passwd.users.create * config/validate: allow dups on some fields * config/validate_test: add tests for detecting dups * doc/config-v3_0_exp: add doc for new append logic * config/v3_0_exp: reject duplicate partition labels * config/v3_0_exp: require partition label or number * config/validate: validate no duplicates exist * config/v3_0_exp/types: implement Key() for types * tests/files: add test appending to existing file * tests: apply mode/owner in bb test runner input * config/v3_0_exp/types: rework storage.files.append * config: refactor * *: use config/ver instead of internal/config * config: move json schema to be with its types * test: don't validate docs * tests/negative/files: add ForceFileCreationNoOverwrite * *: default file.overwrite config option to false * tests/positive/passwd: add test UseAuthorizedKeysFile * tests/*: expose env vars through Test.Env * internal/*: drop merging authorized_keys.d into authorized_keys * vendor: switch to go modules * MAINTAINERS: update ++++ kernel-default: - Delete patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. - Delete patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. - Delete patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. - Delete patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. - Delete patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. Drop SUSE-specific IBRS-on-SKL implementation. Please refer to page 16 of [1] [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf - commit 5e8da3a - Update to 5.1-rc5 - commit 2fd333d ++++ kernel-firmware: - Update to version 20190409: * linux-firmware: Add firmware file for Intel Bluetooth 22161 * cxgb4: update firmware to revision 1.23.4.0 (bsc#1136334) * linux-firmware: Update NXP Management Complex firmware to version 10.14.3 * linux-firmware: add firmware for MT7615E * mediatek: update MT8173 VPU firmware to v1.1.2 [decoder] Enlarge struct vdec_pic_info to support more capture buffer plane and capture buffer format change. * linux-firmware: update Marvell 8797/8997 firmware images * nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.23 * cxgb4: update firmware to revision 1.23.3.0 * linux-firmware: Update firmware file for Intel Bluetooth 8265 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: Update firmware file for Intel Bluetooth 9560 ++++ openldap2: - bsc#1114845 - broken shebang line in openldap_update_modules_path.sh - fix the script ++++ rsync: - Fixed bug numbers in spec file ------------------------------------------------------------------ ------------------ 2019-4-13 - Apr 13 2019 ------------------- ------------------------------------------------------------------ ++++ distribution-logos-openSUSE: - Initial package ++++ python-Jinja2: - update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341): * "SandboxedEnvironment" securely handles "str.format_map" in order to prevent code execution through untrusted format strings. The sandbox already handled "str.format". ++++ rsync: - Add patch: rsync-fix-prealloc-to-keep-file-size-0-when-possible.patch (boo#1108562) ------------------------------------------------------------------ ------------------ 2019-4-12 - Apr 12 2019 ------------------- ------------------------------------------------------------------ ++++ systemd: - Import commit 4e6e66ea94cf5125f9044f0869939a86801ed2d8 430877e794 pam-systemd: use secure_getenv() rather than getenv() (bsc#1132348 CVE-2019-3842) 3cff2e6514 man: document that if the main process exits after SIGTERM we go directly to SIGKILL 26c4f7191c bus: fix memleak on invalid message ------------------------------------------------------------------ ------------------ 2019-4-11 - Apr 11 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Do not provide kernel-default from kernel-default-base (boo#1132154, bsc#1106751). - commit 0e54e61 - rpm/kernel-subpackage-spec: only provide firmware actually present in subpackage. - commit 839debd ++++ kernel-default-base: - dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574). ++++ Mesa: - Update to 19.0.2 * Just a few fixes for radeon, a few for nir, a couple for radv, a couple for v3d, and a few other patches here and there. ++++ libxslt: - Security fix: [bsc#1132160, CVE-2019-11068] * Bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. * Added libxslt-CVE-2019-11068.patch ------------------------------------------------------------------ ------------------ 2019-4-10 - Apr 10 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kernel-subpackage-spec: Add dummy package to ensure subpackages are rebuilt with kernel update (bsc#1106751). In factory packages are not rebuilt automatically so a dependency is needed on the old kernel to get a rebuild with the new kernel. THe subpackage itself cannot depend on the kernel so add another empty pacakge that does depend on it. - commit 6d14837 ++++ nvme-cli: - Add new 'ontapdevices' command and corresponding documentation. Requested in (bsc#1131930). + 0011-nvme-cli-add-netapp-ontapdevices-command.patch + 0012-nvme-cli-add-netapp-ontapdevices-man-page.patch + 0104-nvme-cli-Fix-documentation-syntax-and-typo.patch - Revert stop-on-failure patch for connect-all, which caused unintended behaviour (bsc#1132124) + 0013-nvme-cli-Revert-stop-on-failure-with-connect-all.patch ------------------------------------------------------------------ ------------------ 2019-4-9 - Apr 9 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Install curl.fish completions file from curl rather than from the fish package - update to version 7.64.1 * Changes: - alt-svc: experiemental support added - configure: add --with-amissl * Bugfixes: - AppVeyor: switch VS 2015 builds to VS 2017 image - CURLU: fix NULL dereference when used over proxy - Curl_easy: remove req.maxfd - never used! - Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning - DoH: inherit some SSL options from user's easy handle - Secure Transport: no more "darwinssl" - Secure Transport: tvOS 11 is required for ALPN support - cirrus: Added FreeBSD builds using Cirrus CI - cleanup: make local functions static - cli tool: do not use mime.h private structures - cmdline-opts/proxytunnel.d: the option tunnnels all protocols - configure: add additional libraries to check for LDAP support - configure: remove the unused fdopen macro - configure: show features as well in the final summary - conncache: use conn->data to know if a transfer owns it - connection: never reuse CONNECT_ONLY connections - connection_check: restore original conn->data after the check - connection_check: set ->data to the transfer doing the check - cookie: Add support for cookie prefixes - cookies: dotless names can set cookies again - cookies: fix NULL dereference if flushing cookies with no CookieInfo set - curl.1: --user and --proxy-user are hidden from ps output - curl.1: mark the argument to --cookie as - curl.h: use __has_declspec_attribute for shared builds - curl: display --version features sorted alphabetically - curl: fix FreeBSD compiler warning in the --xattr code - curl: remove MANUAL from -M output - curl_easy_duphandle.3: clarify that a duped handle has no shares - curl_multi_remove_handle.3: use at any time, just not from within callbacks - curl_url.3: this API is not experimental anymore - dns: release sharelock as soon as possible - docs: update max-redirs.d phrasing - examples/10-at-a-time.c: improve readability and simplify - examples/cacertinmem.c: use multiple certificates for loading CA-chain - examples/crawler: Fix the Accept-Encoding setting - examples/ephiperfifo.c: various fixes - examples/externalsocket: add missing close socket calls - examples/http2-download: cleaned up - examples/http2-serverpush: add some sensible error checks - examples/http2-upload: cleaned up - examples/httpcustomheader: Value stored to 'res' is never read - examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory' - examples/sftpuploadresume: Value stored to 'result' is never read - examples: only include - examples: remove recursive calls to curl_multi_socket_action - examples: remove superfluous null-pointer checks - file: fix "Checking if unsigned variable 'readcount' is less than zero." - fnmatch: disable if FTP is disabled - gnutls: remove call to deprecated gnutls_compression_get_name - gopher: remove check for path == NULL - gssapi: fix deprecated header warnings - hostip: make create_hostcache_id avoid alloc + free - http2: multi_connchanged() moved from multi.c, only used for h2 - http2: verify :athority in push promise requests - http: make adding a blank header thread-safe - http: send payload when (proxy) authentication is done - http: set state.infilesize when sending multipart formposts - makefile: make checksrc and hugefile commands "silent" - mbedtls: make it build even if MBEDTLS_VERSION_C isn't set - mbedtls: release sessionid resources on error - memdebug: log pointer before freeing its data - memdebug: make debug-specific functions use curl_dbg_ prefix - mime: put the boundary buffer into the curl_mime struct - multi: call multi_done on connect timeouts, fixes CURLINFO_TOTAL_TIME - multi: remove verbose "Expire in" ... messages - multi: removed unused code for request retries - multi: support verbose conncache closure handle - negotiate: fix for HTTP POST with Negotiate - openssl: add support for TLS ASYNC state - openssl: if cert type is ENG and no key specified, key is ENG too - pretransfer: don't strlen() POSTFIELDS set for GET requests - rand: Fix a mismatch between comments in source and header - runtests: detect "schannel" as an alias for "winssl" - schannel: be quiet - remove verbose output - schannel: close TLS before removing conn from cache - schannel: support CALG_ECDH_EPHEM algorithm - scripts/completion.pl: also generate fish completion file - singlesocket: fix the 'sincebefore' placement - source: fix two 'nread' may be used uninitialized warnings - ssh: fix Condition '!status' is always true - ssh: loop the state machine if not done and not blocking - strerror: make the strerror function use local buffers - test578: make it read data from the correct test - tests: Fixed XML validation errors in some test files - tests: add stderr comparison to the test suite - tests: fix multiple may be used uninitialized warnings - threaded-resolver: shutdown the resolver thread without error message - tool_cb_wrt: fix writing to Windows null device NUL - tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr - tool_operate: build on AmigaOS - tool_operate: fix typecheck warning - transfer.c: do not compute length of undefined hex buffer - travis: add build using gnutls - travis: add scan-build - travis: bump the used wolfSSL version to 4.0.0 - travis: enable valgrind for the iconv tests - travis: use updated compiler versions: clang 7 and gcc 8 - unit1307: require FTP support - unit1651: survive curl_easy_init() fails - url/idnconvert: remove scan for <= 32 ascii values - url: change conn shutdown order to ensure SOCKETFUNCTION callbacks - urlapi: reduce variable scope, remove unreachable 'break' - urldata: convert bools to bitfields and move to end - urldata: simplify bytecounters - urlglob: Argument with 'nonnull' attribute passed null - version.c: silent scan-build even when librtmp is not enabled - vtls: rename some of the SSL functions - wolfssl: stop custom-adding curves - x509asn1: "Dereference of null pointer" - x509asn1: cleanup and unify code layout - zsh.pl: escape ':' character - zsh.pl: update regex to better match curl -h output - Dropped patches fixed upstream: * 0001-connection_check-set-data-to-the-transfer-doing-the-.patch * 0002-connection_check-restore-original-conn-data-after-th.patch * curl-singlesocket-sincebefore-placement.patch ++++ gobject-introspection: - Update to version 1.60.1: + Update glib annotations. + shlibs: fall back to basename on macOS for relative paths. + meson: always pass --quiet to g-ir-scanner. + docs: include '--c-include' in g-ir-scanner man page. + tests: Fix compatibility with Python 3.5. ++++ kernel-default: - Disable CONFIG_SERIO_OLPC_APSP on all but armv7 This driver is only used by ARMv7-based OLPC laptops. - commit 7b1b640 - Disable CONFIG_SENSORS_OCC_* These drivers are running on the BMC of PowerPC servers. The BMC runs OpenBMC and is not a target for SUSE distributions. - commit a82eb87 ++++ python3-core: - bsc#1129346: add CVE-2019-9636-urlsplit-NFKC-norm.patch Characters in the netloc attribute that decompose under NFKC normalization (as used by the IDNA encoding) into any of ``/``, ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the URL is decomposed before parsing, or is not a Unicode string, no error will be raised. (CVE-2019-9636) Upstream gh#python/cpython#12224 ++++ libssh2_org: - Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header ++++ python3: - bsc#1129346: add CVE-2019-9636-urlsplit-NFKC-norm.patch Characters in the netloc attribute that decompose under NFKC normalization (as used by the IDNA encoding) into any of ``/``, ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the URL is decomposed before parsing, or is not a Unicode string, no error will be raised. (CVE-2019-9636) Upstream gh#python/cpython#12224 ++++ u-boot-rpiarm64: - Update to v2019.04: * Various last minute bug fixes * we've hit the deadline for DM_MMC conversion * Release info: - https://lists.denx.de/pipermail/u-boot/2019-April/364431.html - Rename Sinovoip BPI M2 Plus to Bananapi M2 Plus H3, to follow upstream: * http://git.denx.de/?p=u-boot.git;a=commitdiff;h=268ae6548779ccd8ba38ce39d43f41be7e0bc133 ++++ yast2: - Updated map for evaluating upgraded products (e.g. for SUSE-Manager). (bsc#1131503) - Upgrade: Evaluating product obsoletes in order to show it in the proposal overview. - 4.1.68 - Use noun phrase in summary. ------------------------------------------------------------------ ------------------ 2019-4-8 - Apr 8 2019 ------------------- ------------------------------------------------------------------ ++++ libguestfs: - Fixing issue with virt-customize uninstall and '-l' (bnc#1131342) Patches added: fd43730e-error-with-uninstall-option-on-SUSE.patch ++++ kernel-default: - config: disable DEVKMEM (bsc#1128045) - commit 1478096 - Update to 5.1-rc4 - Refresh configs - commit e334e4f ++++ python-rpm-macros: - Update to version 20190408.32abece bsc#1128323: * Multiline macros don't work correctly on older RPMs. ------------------------------------------------------------------ ------------------ 2019-4-6 - Apr 6 2019 ------------------- ------------------------------------------------------------------ ++++ libcroco: - Update to version 0.6.13: + Visual Studio builds: Enhance security of x64 binaries. + win32/replace.py: Fix replacing items in files with UTF-8 content. + tknzr: support only max long rgb values. + input: check end of input before reading a byte. - Drop upstream fixed patches: + libcroco-fix-CVE-2017-7960.patch. + libcroco-fix-CVE-2017-7961.patch. - Stop exporting -fno-strict-aliasing" to configure, no longer needed. - Update URL to new gitlab home. ------------------------------------------------------------------ ------------------ 2019-4-5 - Apr 5 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-05-ae2a49183ba0ad9dff6b8c1efd4de076bd34ab0f.patch * /etc/profile does not work in AppArmor-confined containers (bsc#1096191) ++++ python-kiwi: - Bump version: 9.17.14 → 9.17.15 ++++ glib-networking: - Handle new GnuTLS error GNUTLS_E_CERTIFICATE_REQUIRED + https://gitlab.gnome.org/GNOME/glib-networking/issues/70 + add 0001-gnutls-Handle-new-GNUTLS_E_CERTIFICATE_REQUIRED.patch ++++ libvirt: - CVE-2019-3886: disallow virDomainGetHostname and virDomainGetTime for read-only connections and users CVE-2019-3886-api.patch, CVE-2019-3886-remote.patch bsc#1131595 ++++ wicked: - version 0.6.54 - switch to use systemd notify and prevent event backlog at start by calling udevadm settle before starting wickedd (bsc#1118206) - dhcp6: don't discard confirm reply without status (bsc#1127340) - ethtool: set lro legacy flag and not txvlan (bsc#1123555) - init memory before use in ioctl - fsm: fix find pending worker loop segfault (boo#1106809) ------------------------------------------------------------------ ------------------ 2019-4-4 - Apr 4 2019 ------------------- ------------------------------------------------------------------ ++++ iptables: - Add iptables-1.8.2-dont_read_garbage.patch that fixes a situation where 'iptables -L' reads garbage from the struct as the kernel never filled it in the bugged case. This can lead to issues like mapping a few TiB of memory [bsc#1106751]. ++++ kernel-default-base: - Add dw_mmc-bluefield driver (bsc#1118752) - Add back bpfilter, got lost during split (boo#1106751) ++++ libzypp: - Enhance scanning /sys for modaliases (bsc#1130161) - version 17.11.4 (9) ------------------------------------------------------------------ ------------------ 2019-4-3 - Apr 3 2019 ------------------- ------------------------------------------------------------------ ++++ glibc: - japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964) ++++ python-libvirt-python: - Update to 5.2.0 - Add all new APIs and constants in libvirt 5.2.0 ++++ zypper: - Fix build with CMake >= 3.14 Starting with CMake 3.14, EXCLUDE_FROM_ALL now spreads from directories to targets. 'make -C someSubdir' when 'someSubdir' uses the 'EXCLUDE_FROM_ALL' keyword does nothing. - Remove unneeded CMake commands. ------------------------------------------------------------------ ------------------ 2019-4-2 - Apr 2 2019 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.60.1: + Improve reliability of client auth failure tests. + Fix excessive CPU usage after sync handshake. ++++ gnutls: - Update gnutls to 3.6.7 * * libgnutls, gnutls tools: Every gnutls_free() will automatically set the free'd pointer to NULL. This prevents possible use-after-free and double free issues. Use-after-free will be turned into NULL dereference. The counter-measure does not extend to applications using gnutls_free(). * * libgnutls: Fixed a memory corruption (double free) vulnerability in the certificate verification API. Reported by Tavis Ormandy; addressed with the change above. [GNUTLS-SA-2019-03-27, #694] [bsc#1130681] (CVE-2019-3829) * * libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] [bsc#1130682] (CVE-2019-3836) * * libgnutls: enforce key usage limitations on certificates more actively. Previously we would enforce it for TLS1.2 protocol, now we enforce it even when TLS1.3 is negotiated, or on client certificates as well. When an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). * * libgnutls: the default number of tickets sent under TLS 1.3 was increased to two. This makes it easier for clients which perform multiple connections to the server to use the tickets sent by a default server. * * libgnutls: enforce the equality of the two signature parameters fields in a certificate. We were already enforcing the signature algorithm, but there was a bug in parameter checking code. * * libgnutls: fixed issue preventing sending and receiving from different threads when false start was enabled (#713). * * libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable session, as non-writeable security officer sessions are undefined in PKCS#11 (#721). * * libgnutls: no longer send downgrade sentinel in TLS 1.3. Previously the sentinel value was embedded to early in version negotiation and was sent even on TLS 1.3. It is now sent only when TLS 1.2 or earlier is negotiated (#689). * * gnutls-cli: Added option --logfile to redirect informational messages output. - Disabled dane support since dane is not shipped with SLE-15 - Changed configure script to hardware guile site directory since command-line option '--with-guile-site-dir=' was removed from the configure script in 3.6.7. * * Modified gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch - Modified gnutls-3.6.0-disable-flaky-dtls_resume-test.patch to fix compilation issues on PPC - Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification (in 3.6.5) [bsc#1118087] (CVE-2018-16868) ++++ libzypp: - Prevent SEGV if the application sets an empty TextLocale (bsc#1127026) ++++ python-rpm-macros: - Update to version 20190402.c88be49: * Add missing $ expansion on the pytest call ------------------------------------------------------------------ ------------------ 2019-4-1 - Apr 1 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Update compression flag for qcow2 format In case of a qcow2 format we store the result uncompressed Since the format conversion only takes the real bytes into account such that the sparseness of the raw disk will not result in the output format and can be taken one by one This Fixes bsc#1128146 In addition the commit includes a refactoring for the evaluation of the compress flag in the runtime config. Instead of the global overwrite, the flag gets evaluated individually at the time the result metadata is created ++++ kernel-default: - efifb: Omit memory map check on legacy boot (bsc#1127339). - commit 8a60576 - Update to 5.1-rc3 - Eliminated 1 patch - Config changes: - SECURITY_DEFAULT_* are back - enable CONFIG_OF in i386/pae and copy dependent options from default - commit 7474ec2 ++++ libcontainers-common: - Update to libpod v1.2.0 * Rootless Podman can now be used with a single UID and GID, without requiring a full 65536 UIDs/GIDs to be allocated in /etc/subuid and /etc/subgid * Move pkg/util default storage functions from libpod to containers/storage - Update to image v1.5 * Minor behind the scene bugfixes, no user facing changes - Update to storage v1.12.1 * Move pkg/util default storage functions from libpod to containers/storage * containers/storage no longer depends on containers/image - Version 20190401 ++++ icu: - Update to new upstream release 64.1 * Updates to Unicode 12 and to CLDR 35 locale data with many additions and corrections, and some new languages. ICU adds a data filtering/subsetting mechanism, improved formatting API, and a C++ LocaleBuilder. - New python3 dependency to build intermediate file test/testdata/rules.mk. ++++ libzypp: - Fix build with CMake >= 3.14.0: Starting with CMake 3.14, EXCLUDE_FROM_ALL now spreads from directories to targets. 'make -C someSubdir' when 'someSubdir' uses the 'EXCLUDE_FROM_ALL' keyword does nothing. (gh/libzypp#libzypp#165) ++++ patterns-base: - Remove btrfsmaintenance from patterns-base (boo#1063638) ++++ podman: - Update to podman 1.2.0 * Podman now supports image healthchecks! The podman healthcheck run command was added to manually run healthchecks, and the status of a running healthcheck can be viewed via podman inspect * The podman events command was added to show a stream of significant events * The podman ps command now supports a --watch flag that will refresh its output on a given interval * The podman image tree command was added to show a tree representation of an image's layers * The podman logs command can now display logs for multiple containers at the same time * The podman exec command can now pass file descriptors to the process being executed in the container via the --preserve-fds option * The podman images command can now filter images by reference * The podman system df command was added to show disk usage by Podman * The --add-host option can now be used by containers sharing a network namespace * The podman cp command now has an --extract option to extract the contents of a Tar archive and copy them into the container, instead of copying the archive itself * Podman now allows manually specifying the path of the slirp4netns binary for rootless networking via the --network-cmd-path flag * Rootless Podman can now be used with a single UID and GID, without requiring a full 65536 UIDs/GIDs to be allocated in /etc/subuid and /etc/subgid * The podman runlabel command now supports the --replace option to replace containers using the name requested * Infrastructure containers for Podman pods will now attempt to use the image's CMD and ENTRYPOINT instead of a fixed command * The podman play kube command now supports the HostPath and VolumeMounts YAML fields * Added support to disable creation of resolv.conf or /etc/hosts in containers by specifying --dns=none and --no-hosts, respectively, to podman run and podman create * The podman version command now supports the {{ json . }} template (which outputs JSON) * Podman can now forward ports using the SCTP protocol - Update conmon to cri-o 1.14.0 - Stop building for i586 (not supported by upstream, does not build) ------------------------------------------------------------------ ------------------ 2019-3-31 - Mar 31 2019 ------------------- ------------------------------------------------------------------ ++++ gpgme: - gpgme 1.13.0: * Support GPGME_AUDITLOG_DIAG for gpgsm * New context flag "trust-model". * Aligned the gpgrt-config code with our other libaries * Auto-check for all installed Python versions * Fixed generating card key in the C++ bindings * Fixed a segv due to bad parameters in genkey * Fixed crash if the plaintext is ignored in a CMS verify * Fixed test suite problems related to dtags * Fixed bunch of python bugs * Several fixes to the Common Lisp bindings * Fixed minor bugs in gpgme-json * Require trace level 8 to dump all I/O data * The compiler must now support variadic macros - drop gpgme-key-expirity.patch, included upstream ++++ zchunk: - Update to version 1.1.0 + Fix multipart boundary bug when dealing with lighttpd servers + Optimize chunk matching while downloading, significantly reducing CPU usage ------------------------------------------------------------------ ------------------ 2019-3-29 - Mar 29 2019 ------------------- ------------------------------------------------------------------ ++++ libsolv: - repo_add_rpmdb: do not copy bad solvables from the old solv file - fix cleandeps updates not updating all packages - experimental DISTTYPE_CONDA and REL_CONDA support - bump version to 0.7.4 ++++ qemu: - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host 0065-spapr-Simplify-handling-of-host-ser.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 ++++ slirp4netns: - Update to 0.3.0 * QMP-like JSON API for exposing node ports (--api-socket) ------------------------------------------------------------------ ------------------ 2019-3-28 - Mar 28 2019 ------------------- ------------------------------------------------------------------ ++++ fuse-overlayfs: - Create initial package for version 0.3 ++++ kernel-default: - config: arm64: enable CPPC support - commit c97748e ++++ Mesa: - Update to 19.0.1 * "This is the first bug fix release of the 19.0 branch. It's been a pretty calm cycle, and there's not too much here. I think things are looking pretty good overall." ++++ NetworkManager: - Fix systemd-network-config.patch which added lines starting with "+" to NetworkManager-wait-online.service ++++ mdadm: - imsm: finish recovery when drive with rebuild fails (bsc#1126975) 0010-imsm-finish-recovery-when-drive-with-rebuild-fails.patch - mdmon: don't attempt to manage new arrays when terminating (bsc#1127526) 0011-mdmon-don-t-attempt-to-manage-new-arrays-when-termin.patch ++++ openssh: - Fix a double free() in the KDF CAVS testing tool (bsc#1065237) * modify openssh-7.7p1-cavstest-kdf.patch ------------------------------------------------------------------ ------------------ 2019-3-27 - Mar 27 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default-base: - Limit build architectures on SLE to the ones that actually have a kernel in SLE (ie not i586). ++++ qemu: - Tweak last spec file change to guard new Requires with conditional - Fix DOS possibility in device tree processing (CVE-2018-20815 bsc#1130675) 0064-device_tree.c-Don-t-use-load_image.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 ------------------------------------------------------------------ ------------------ 2019-3-26 - Mar 26 2019 ------------------- ------------------------------------------------------------------ ++++ open-iscsi: - Added latest upstream changes, including: * Fix output of node printing for multiple paths. * Fix printing of node database again. * Add Restart=on-failure option to iscsid.service * Fix node print return value when no nodes. Updating: * open-iscsi-SUSE-latest.diff.bz2 ++++ kernel-default: - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" (boo#1130448). System still wakes up when connected BT device is powered off. - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature" (boo#1130448). - commit 1172cb0 - Revert "parport: daisy: use new parport device model" (http://lkml.kernel.org/r/20190313064557.GA14531@unicorn.suse.cz). - Delete patches.suse/parport-daisy-do-not-try-to-load-lowlevel-driver.patch. - commit 7da01f5 - patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch: Fix re-basing mistake - IBRS enabling should not be skipped for PV Xen. - commit 177c0f8 - parport: daisy: do not try to load lowlevel driver (http://lkml.kernel.org/r/20190313064557.GA14531@unicorn.suse.cz). - commit 4f8876e ++++ brltty: - Use alsa API properly. Consumers are expected to use instead of . This is in preparation of an change to pkgconfig(alsa) to not pollute CFLAGS with -I/usr/include/alsa anymore (bsc#1130333) brltty-alsa.patch ++++ libgcrypt: - libgcrypt-1.8.3-fips-ctor.patch changed the way the fips selftests are invoked as well as the state transition, adjust the code so a missing checksum file is not an issue in non-FIPS mode (bsc#1097073) * update libgcrypt-binary_integrity_in_non-FIPS.patch - Enforce the minimal RSA keygen size in fips mode (bsc#1125740) * add libgcrypt-fips_rsa_no_enforced_mode.patch ++++ snapper: - fixed seg.fault during rollback if the previous default subvolume is missing in the snapshot list (bsc#1130273) - version 0.8.3 ++++ pam-config: - Update to version 1.0: - Add search in different locations for config files - Add support for pam_mktemp [bsc#1123878] ++++ patterns-base: - Fix x11_raspberrypi (jsc#SLE-4142): * Use only Requires, on JeOS recommmends and suggests are no-ops * Remove xf86-input-void, obsolete (and not in SLE) * Require base and x11 patterns * Add some YaST modules, otherwise the control center is empty ++++ timezone: - timezone update 2019a: * Palestine "springs forward" on 2019-03-30 instead of 2019-03-23 * Metlakatla "fell back" to rejoin Alaska Time on 2019-01-20 at 02:00 * Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25) * zic now has an -r option to limit the time range of output data ++++ yast2: - Firewall: Zone name has been removed from the common attributes declaration as it cannot be modified through the firewalld API. (bsc#1130354) - 4.1.67 ------------------------------------------------------------------ ------------------ 2019-3-25 - Mar 25 2019 ------------------- ------------------------------------------------------------------ ++++ btrfsprogs: - Use correct path for dracut-fsck-help.txt in module-setup.sh (bsc#1122539) * Remove module-setup.sh * Add module-setup.sh.in ++++ kernel-default: - Update to 5.1-rc2 - New config options: - CHARLCD_BL_FLASH=y - PARPORT_PANEL=m (renamed from PANEL) - PANEL=m - commit ede8a59 ++++ graphene: - Update to version 1.8.6: + Bug fixes, bug fixes everywhere! Also: documentation changes to clarify what we do behind the veil of the various matrix multiplication functions. Hopefully, this should help people using Graphene especially when it comes to integration with other libraries. + Fix matrix multiplication when the result matrix is also one of the operands. + Fix check when converting a 4x4 matrix into an affine transformation matrix. + Fix interpolation between matrices with a perspective component. + Documentation fixes for matrix/matrix and matrix/vector multiplication operators. - Changes from version 1.8.4: + Mostly a bug fixing release, with an especially glaring bug fix in the point transformation function of graphene_matrix_t that was found thanks to GTK 4. Now the function is covered by the test suite, so it should not regress. + Another major fix is the ensuring that we have a description of the SIMD types through introspection, which means that language bindings can finally know how big every other structure using them is. The SIMD API is still not available through introspection, as it's a pure C convenience. + Require Meson ≥ 0.48.0. + Fix matrix/point transformation. + Build fixes for MSVC. + Introspection fixes for bool. + Fix the InitOnce checks on Windows. + Correctly parse SIMD types for introspection. + Build fixes for the pkg-config file. + Documentation fixes: - Clarify matrix/vector/point multiplication. - Clarify plane description. - Clarify the units for the matrix skew factors. - Document use of graphene-gobject with Meson. ++++ qemu: - Remove an unneeded BuildRequires which impacts bsc#1119414 fix Also add a corresponding Recommends for qemu-tools as part of this packaging adjustment (bsc#1130484) - Fix information leak in slirp (CVE-2019-9824 bsc#1129622) 0061-slirp-check-sscanf-result-when-emul.patch - Add method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (CVE-2019-8934 bsc#1126455) 0062-ppc-add-host-serial-and-host-model-.patch - Fix OOB memory access and information leak in virtual monitor interface (CVE-2019-03812 bsc#1125721) 0063-i2c-ddc-fix-oob-read.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 ++++ tar: - add tar-1.30-CVE-2018-20482.patch to fix a security issue where tar when "--sparse" option is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process [bsc#1120610] [CVE-2018-20482] - add tar-1.30-CVE-2019-9923.patch to fix a security issue where pax_decode_header in sparse.c in tar had a NULL pointer dereference when parsing certain archives that have malformed extended headers [bsc#1130496] [CVE-2019-9923] ++++ transactional-update: - Update to version 2.14.1 - Improve non-root fs changes checker based on feedback - Disable snapper's zypper plugin during transactional-update run - Allow parallel installation with snapper's zypper plugin (useful on read-write systems). ------------------------------------------------------------------ ------------------ 2019-3-24 - Mar 24 2019 ------------------- ------------------------------------------------------------------ ++++ plymouth: - Fix theme-bgrt dependencies (based on plugin-two-step with images from theme-spinner) ------------------------------------------------------------------ ------------------ 2019-3-22 - Mar 22 2019 ------------------- ------------------------------------------------------------------ ++++ gsettings-desktop-schemas: - Add adobe-sourcecodepro-fonts Recommends: New default font for monospace was added for version 3.32.x. ++++ kernel-default: - Do not provide kernel-default-srchash from kernel-default-base. - commit d6c71ce ++++ Mesa: - baselibs.conf: Mesa-libEGL-devel needs Mesa-KHR-devel (bsc#1117365) - Mesa-libEGL-devel needs Mesa-KHR-devel (bsc#1117365) ++++ libgcrypt: - Don't run full self-tests from constructor (bsc#1097073) * Don't call global_init() from the constructor, _gcry_global_constructor() from libgcrypt-1.8.3-fips-ctor.patch takes care of the binary integrity check instead. * Only the binary checksum will be verified, the remaining self-tests will be run upon the library initialization - Add libgcrypt-fips_ignore_FIPS_MODULE_PATH.patch - Drop libgcrypt-init-at-elf-load-fips.patch and libgcrypt-fips_run_selftest_at_constructor.patch ++++ podman: - Change default libpod.conf configuration file: use the runtimes section to allow users to specify different OCI runtimes. This allows user to choose which runtime to use on a per container basis. ------------------------------------------------------------------ ------------------ 2019-3-21 - Mar 21 2019 ------------------- ------------------------------------------------------------------ ++++ glibc: - pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018) ++++ gsettings-desktop-schemas: - Rebase gsettings-desktop-schemas-fate324570-Add-key-for-GDM-background-configuration.patch (bsc#1120178) ++++ kernel-default: - config: apply recent changes to ARM configs - CONFIG_PREEMPT_VOLUNTARY=y - disable CONFIG_IMA_ARCH_POLICY - enable CONFIG_IMA_APPRAISE_BOOTPARAM - CONFIG_LSM="" - commit fd95045 ++++ NetworkManager: - Fix the connectivity value of devices which was set to LIMITED when the connectivity check fails. Now if the connectivity is being set to LIMITED but the device state is DISCONNECTED, then the value is coerced to NONE. Add patch submitted to upstream (boo#1103678, glfdo#NetworkManager/NetworkManager#138): * 0001-Coerce-connectivity-LIMITED-to-NONE-when-device-is-d.patch - Fix the global connectivity value which wasn't updated when a device was removed. Which is a problem if the device being removed is the one providing the connectivity. Add patch submitted to upstream (boo#1103678, glfdo#NetworkManager/NetworkManager#141): * 0001-Update-connectivity-value-on-device-removal.patch ++++ libvirt: - apparmor: reintroduce upstream lxc mount rules Drop apparmor-no-mount.patch bsc#1130129 ++++ wayland: - Update to new upstream release 1.17 * There is now a protocol to express an internal server error message, and a new version of the wl_seat protocol with no changes other than keymaps must be private. ++++ libzypp: - KeyManager: Work around bsc#1127220 [libgpgme] no error upon incomplete import due to signal received. - MediaCurl: add hint to check SCC for an expired regcode on http error 403 (bsc#965786) - version 17.11.3 (9) ++++ zypper: - Add Requires: libaugeas0 >= 1.10.0 (fixes #265) - bash-completion: add package completion for addlock (bsc#1047962) - bash-completion: fix incorrect detection of command names (bsc#1049826) - version 1.14.27 ------------------------------------------------------------------ ------------------ 2019-3-20 - Mar 20 2019 ------------------- ------------------------------------------------------------------ ++++ chrony: - Fix ordering and dependencies of chronyd.service, so that it is started after name resolution is up (bsc#1129914). - Add chrony-service-ordering.patch ++++ health-checker: - Update to version 1.2.2 * Fix product namings ++++ kdump: - Use %license instead of %doc (bsc#1082318, bsc#1129947). - kdump-fix-multipath-user_friendly_names.patch: Fix multipath configuration with user_friendly_names and/or aliases (bsc#1111207, LTC#171953, bsc#1125218, LTC#175465). - kdump-recover-from-missing-CRASHTIME.patch: Recover from missing CRASHTIME= in VMCOREINFO (bsc#1112387). - kdump-fallback-re-register-fadump-from-userspace.patch: Re-register FADUMP from userspace if the kernel cannot do it (bsc#1108170, LTC#171288, bsc#1094016, LTC#168050) - kdump-Restore-only-static-routes-in-kdump-initrd.patch: Restore only static routes in kdump initrd (bsc#1093795). - kdump-on-error-option-yesno.patch: Support yes/no style for KDUMP_CONTINUE_ON_ERROR (bsc#1083155). - kdump-use-pbl.patch: Replace obsolete perl-Bootloader library with a simpler script (bsc#1050349). - Ensure added kdump-early.service is enabled properly after update (bsc#1021484). ++++ kernel-default: - config: arm64: Update to v5.1-rc1 - commit 590226b - rpm/kernel-subpackage-build: handle arm kernel zImage. - commit 81a63c3 - config: disable IMA_ARCH_POLICY for now When IMA_ARCH_POLICY was enabled during the 5.0-rc* stage, IMA causes kdump load to fail: kexec_file_load failed: Permission denied ima: impossible to appraise a kernel image without a file descriptor; try using kexec_file_load syscall. We have to fix kexec tooling before enabling IMA for everyone. BTW IMA_APPRAISE_BOOTPARAM was disabled by IMA_ARCH_POLICY=y. So restore the original state (and functionality). - commit f738bd5 - config: armv6hl: Update to v5.1-rc1 CONFIG_BPFILTER_UMH is disabled due to bsc#1127188 - commit 608f8e5 - rpm/kernel-source.changes.old: Really drop old changelogs (bsc#1098995) - commit 93056b5 ++++ Mesa: - Remove imx from ARM drivers (dropped upstream) ++++ gnutls: - FATE#327114 - Update gnutls to 3.6.6 to support TLS 1.3 * * libgnutls: gnutls_pubkey_import_ecc_raw() was fixed to set the number bits on the public key (#640). * * libgnutls: Added support for raw public-key authentication as defined in RFC7250. Raw public-keys can be negotiated by enabling the corresponding certificate types via the priority strings. The raw public-key mechanism must be explicitly enabled via the GNUTLS_ENABLE_RAWPK init flag (#26, #280). * * libgnutls: When on server or client side we are sending no extensions we do not set an empty extensions field but we rather remove that field competely. This solves a regression since 3.5.x and improves compatibility of the server side with certain clients. * * libgnutls: We no longer mark RSA keys in PKCS#11 tokens as RSA-PSS capable if the CKA_SIGN is not set (#667). * * libgnutls: The priority string option %NO_EXTENSIONS was improved to completely disable extensions at all cases, while providing a functional session. This also implies that when specified, TLS1.3 is disabled. * * libgnutls: GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION was marked as deprecated. The previous definition was non-functional (#609). * Removed patches: 0001-dummy_wait-correctly-account-the-length-field-in-SHA.patch 0002-dummy_wait-always-hash-the-same-amount-of-blocks-tha.patch 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch 0004-hmac-sha384-and-sha256-ciphersuites-were-removed-fro.patch * Added Patches: * * disable failing psk-file test (race condition): disable-psk-file-test.patch * * Patch configure script to accept specific versions of autotools and guile that are present in SUSE-SLE15. (A bug prevents configure from accepting a range of compatible versions. Upstream's solution is to hardwire for the most current versions.) gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch * Modified: * * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch ++++ libselinux: - Update to version 2.9 * Add security_reject_unknown(3) man page * Change matchpathcon usage to match with matchpathcon manpage * Do not define gettid() if glibc >= 2.30 is used * Fix RESOURCE_LEAK defects reported by coverity scan * Fix line wrapping in selabel_file.5 * Do not dereference symlink with statfs in selinux_restorecon * Fix overly strict validation of file_contexts.bin * Fix selinux_restorecon() on non-SELinux hosts * Fix the whatis line for the selinux_boolean_sub.3 manpage * Fix printf format string specifier for uint64_t * Fix handling of unknown classes/perms * Set an appropriate errno in booleans.c - Dropped python3.patch, is now upstream ++++ libsemanage: - Update to version 2.9 * Always set errno to 0 before calling getpwent() * Include user name in ROLE_REMOVE audit events * genhomedircon - improve handling large groups * improve semanage_migrate_store import failure * reset umask before creating directories * set selinux policy root around calls to selinux_boolean_sub * use previous seuser when getting the previous name ++++ libsepol: - Update to version 2.9 * Add two new Xen initial SIDs * Check that initial sid indexes are within the valid range * Create policydb_sort_ocontexts() * Eliminate initial sid string definitions in module_to_cil.c * Rename kernel_to_common.c stack functions * add missing ibendport port validity check * destroy the copied va_list * do not call malloc with 0 byte * do not leak memory if list_prepend fails * do not use uninitialized value for low_value * fix endianity in ibpkey range checks * ibpkeys.c: fix printf format string specifiers for subnet_prefix * mark permissive types when loading a binary policy ++++ policycoreutils: - Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now ++++ rpm: - Backport changelog cutoff date change from Factory (bnc#1129753) modified: macrosin.diff ++++ slirp4netns: - Change _service to use releases instead of git commit references ------------------------------------------------------------------ ------------------ 2019-3-19 - Mar 19 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Use %make_build in order to provide verbose output. ++++ grub2: - Use %doc for older products for compatibility, or may end up with unsuccessful build result * grub2.spec - Revert grub2-ieee1275-open-raw-mode.patch for regression of crashing lvm on multipath SAN (bsc#1113702) * deleted grub2-ieee1275-open-raw-mode.patch - Add exception handling to FCP lun enumeration (bsc#1113702) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch ++++ kernel-default: - config: armv7hl: Update to v5.1-rc1 CONFIG_BPFILTER_UMH is disabled due to bsc#1127188 - commit 0042582 ++++ fuse3: - Amend License: field with BSD2c, from https://github.com/libfuse/libfuse/commit/4c699e7debd99b178b9574e7dd20f36937ef296e#diff-3f1e2bdc537057b6ac2f74d095a431b8 ++++ libglvnd: - Update to release 1.1.1 * Fixed a potential race condition with entrypoint patching * Fixed the TSD dispatch stubs for PPC64LE * Fixed a segfault when generating GLX dispatch stubs for AARCH64 ++++ lvm2: - Use %make_build in order to provide verbose output. ++++ sqlite3: - CVE-2018-20346, bsc#1119687: Upgrade to the most recent version to fix a remote code execution vulnerability in FTS3 (Magellan). - Drop sqlite-fts5-link.patch and do it in the spec file instead. - Version 3.27.2: * Add the VACUUM INTO command * Issue an SQLITE_WARNING message on the error log if a double-quoted string literal is used * Add the remove_diacritics=2 option to FTS3 and FTS5. * Add the SQLITE_PREPARE_NO_VTAB option to sqlite3_prepare_v3(). Use that option to prevent circular references to shadow tables from causing resource leaks. * Enhancements to the sqlite3_deserialize() interface * Enhancements to the CLI, mostly to support testing and debugging of the SQLite library itself * Increased robustness against malicious SQL that is run against a maliciously corrupted database - Version 3.26.0: * Optimization: When doing an UPDATE on a table with indexes on expressions, do not update the expression indexes if they do not refer to any of the columns of the table being updated. * Allow the xBestIndex() method of virtual table implementations to return SQLITE_CONSTRAINT to indicate that the proposed query plan is unusable and should not be given further consideration. * Added the SQLITE_DBCONFIG_DEFENSIVE option which disables the ability to create corrupt database files using ordinary SQL. * Added support for read-only shadow tables when the SQLITE_DBCONFIG_DEFENSIVE option is enabled. * Added the PRAGMA legacy_alter_table command, which if enabled causes the ALTER TABLE command to behave like older version of SQLite (prior to version 3.25.0) for compatibility. * Added PRAGMA table_xinfo that works just like PRAGMA table_info except that it also shows hidden columns in virtual tables. * Added the explain virtual table as a run-time loadable extension. * Add a limit counter to the query planner to prevent excessive sqlite3_prepare() times for certain pathological SQL inputs. * Added support for the sqlite3_normalized_sql() interface, when compiling with SQLITE_ENABLE_NORMALIZE. * Enhanced triggers so that they can use table-valued functions that exist in schemas other than the schema where the trigger is defined. * Improvements to the ".help" command in the CLI. * The SQLITE_HISTORY environment variable, if it exists, specifies the name of the command-line editing history file. * The --deserialize option associated with opening a new database in the CLI cause the database file to be read into memory and accessed using the sqlite3_deserialize() API. This simplifies running tests on a database without modifying the file on disk. - Version 3.25.2: * Add the PRAGMA legacy_alter_table=ON command that causes the "ALTER TABLE RENAME" command to behave as in 3.24.0 and earlier * Fix issue with some expressions with windows functions in views - Version 3.25.1: * Avoid false-positive error checks on ALTER TABLE * Further ORDER BY LIMIT optimization fixes for window functions - Version 3.25.0: * Add support for window functions * Add support for renaming columns within a table * Query optimizer improvements * slightly better concurrency in multi-threaded environments * The ORDER BY LIMIT optimization might have caused an infinite loop in the byte code of the prepared statement under very obscure circumstances, due to a confluence of minor defects in the query optimizer - Version 3.24.0: * Add support for PostgreSQL-style UPSERT * Add support for auxiliary columns in r-tree tables * Add C-language APIs for discovering SQL keywords used by SQLite * Add C-language APIs for dynamic strings based on sqlite3_str * Enhance ALTER TABLE so that it recognizes "true" and "false" as valid arguments to DEFAULT * Add the sorter-reference optimization as a compile-time option * Improve the format of the EXPLAIN QUERY PLAN raw output, so that it gives better information about the query plan and about the relationships between the various components of the plan * Added the SQLITE_DBCONFIG_RESET_DATABASE option to the sqlite3_db_config() API. * Automatically intercept the raw EXPLAIN QUERY PLAN output an reformat it into an ASCII-art graph. * Lines that begin with "#" and that are not in the middle of an SQL statement are interpreted as comments * Add the --append option to the ".backup" command * Add the ".dbconfig" command * various performance improvements * various bug fixes ++++ systemd: - systemd-coredump: generate a stack trace of all core dumps (bsc#1128832 jsc#SLE-5933) This stack trace is logged to the journal. ++++ zlib: - Try to safely abort if we get NULL ptr bsc#1110304 bsc#1129576: * zlib-power8-fate325307.patch ++++ patterns-base: - Do not require openssh-askpass-gnome on openSUSE it doesn't make sense for most desktops (boo#1124865) - enhanced_base does not need to recommend sw_management or yast these are pulled in from enough other more sensible places. ++++ podman: - Add 'apparmor-parser' to list of requires (boo#1123387) ++++ u-boot-rpiarm64: - Update to v2019.04-rc4: * DPAA2 fixes and DDR errata workaround for LS1021A * UEFI fixes * Small fixes in several i.MX boards * SunXi fixes: axp818 fix, fix warnings for ethernet clock code * x86 fixes: ACPI changes and fixes to Intel Tangier/Edison, i8254 beeper fixes * SoC-FPGA: Arria10 DRAM fixes and Gen5 cache fixes * sh: More gen2/gen3 fixes * I2C fixes * SPI fixes - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.04 * Patches dropped: 0009-efi_loader-Fix-serial-console-size-.patch ++++ update-test-trivial: - Break broken package for all platforms ++++ yast2: - Require tar as a dependency for yast2-logs (bsc#1125142). - 4.1.66 ------------------------------------------------------------------ ------------------ 2019-3-18 - Mar 18 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Fix variable placement that wasn't properly reset within a loop missing to notify sockets. [bsc#1129083, bsc#1129470] * Added curl-singlesocket-sincebefore-placement.patch ++++ ignition: - Copy binary to dracut module directory as required by https://github.com/coreos/ignition-dracut/commit/b11553f9e2b530fbbb5a2504bc72b364829c879c ++++ kernel-default: - Update to 5.1-rc1 - Eliminated 74 patches (73 stable, 1 other) - ARM configs need update - Refresh patches.suse/btrfs-btrfs-use-the-new-VFS-super_block_dev.patch patches.suse/btrfs-fs-super.c-add-new-super-block-devices-super_block_d.patch patches.suse/genksyms-add-override-flag.diff patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch patches.suse/readahead-request-tunables.patch patches.suse/supported-flag patches.suse/vfs-add-super_operations-get_inode_dev - New config options: - General: - IO_URING=y - PRINTK_CALLER=n - File systems: - CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES=n - VALIDATE_FS_PARSER=n - Networking: - NET_DEVLINK=y - XDP_SOCKETS_DIAG=m - MT7603E=m - TI_CPSW_PHY_SEL=n - Power management: - CPU_IDLE_GOV_TEO=y - DAX: - DEV_DAX_KMEM=m - DEV_DAX_PMEM_COMPAT=m - USB: - USB_AUTOSUSPEND_DELAY=2 - USB_EHCI_FSL=m - Graphics: - DRM_ETNAVIV=n - DRM_NOUVEAU_SVM=n - VIDEO_FB_IVTV_FORCE_PAT=n - Sound: - SND_SOC_CROS_EC_CODEC=m - SND_SOC_CS35L36=m - SND_SOC_CS4341=m - SND_SOC_FSL_MICFIL=n - SND_SOC_MAX98373=m - SND_SOC_MT6358=n - SND_SOC_MTK_BTCVSD=m - SND_SOC_RK3328=n - SND_SOC_WM8904=n - SND_SOC_XILINX_AUDIO_FORMATTER=n - SND_SOC_XILINX_SPDIF=n - Input: - HID_MALTRON=m - HID_VIEWSONIC=m - TTY: - LDISC_AUTOLOAD=y - RTC: - RTC_DRV_ABEOZ9=m - RTC_DRV_RV3028=m - RTC_DRV_SD3078=m - RTC_DRV_WILCO_EC=m - Industrial IO: - AD7606_IFACE_PARALLEL=n - AD7606_IFACE_SPI=n - AD7768_1=n - MAX44009=m - PMS7003=n - SPS30=n - TI_DAC7612=n - Misc drivers: - ALTERA_FREEZE_BRIDGE=m - EDAC_I10NM=m - EXTCON_PTN5150=m - GNSS_MTK_SERIAL=m - GPIO_AMD_FCH=m - GPIO_TQMX86=m - HABANA_AI=m - INPUT_MSM_VIBRATOR=n - INTEL_MEI_HDCP=m - INTERCONNECT=m - IR_RCMM_DECODER=m - MFD_TQMX86=m - MLX_WDT=m - SPI_MTK_QUADSPI=m - SPI_NXP_FLEXSPI=n - SPI_SIFIVE=n - WILCO_EC=m - WILCO_EC_DEBUGFS=n - Virtualization: - HYPERV_IOMMU=y - Security: - LSM="" - SECURITY_SAFESETID=n - Testing: - TEST_LIVEPATCH=n - TEST_STACKINIT=n - TEST_VMALLOC=n - x86: - PCENGINES_APU2=m - ppc64/ppc64le: - NVRAM=m - KCOV=n - s390x: UID16=y DMA_FENCE_TRACE=n SCSI_GDTH=n UDMABUF=y - */debug: - PRINTK_CALLER=n - commit b493de0 - Trim build dependencies of sample subpackage spec file (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). - commit 2eae420 ++++ fuse3: - Update to 3.4.2 * The examples/passthrough_ll.c example filesystem has been significantly extended. * Support for copy_file_range has been added. * Build system updates for non-Linux systems. * Fixed a memory leak * Added OpenAFS and HFS+ to whitelist * Docu updates ++++ harfbuzz: - Update to 2.3.1: * too many changes to ever iterate, see NEWS for the details ++++ NetworkManager: - Update to version 1.16.0: + Check connectivity per address family. + Support "main.systemd-resolved" to let NetworkManager configure DNS settings in systemd-resolved without making it the main DNS plugin of NetworkManager. + Write "/var/run/NetworkManager/no-stub-resolv.conf" with original nameservers. That is useful with caching DNS plugins like "systemd-resolved" or "dnsmasq" where "/var/run/NetworkManager/resolv.conf" refers to localhost. + Change default "ipv4.dhcp-client-id" setting for the internal DHCP plugin from "duid" to "mac". This is a change in behavior on upgrade when using the internal DHCP plugin (unless the default is overwritten in "NetworkManager.conf" or specified per connection profile). + Improve handling of DHCP router options with internal DHCP plugin. For one, accept multiple routers and add a default-route to each. On D-Bus expose the original DNS and NTP servers without cleaning up local nameservers. + Allow binding a connections lifetime to the DBus client that activated it. + Add support for establishing Wi-Fi Direct connections (Wi-Fi P2P). + Add support for WireGuard VPN tunnels to NetworkManager. D-Bus API and libnm support all options. nmcli supports creating and managing WireGuard profiles, with the exception of configuring and showing peers. + Add initrd generator to be used by dracut and use it as new way of handling iBFT. + Deprecated "plugins.monitor-connection-files" setting in NetworkManager.conf. This option will have no effect in future versions. + Add AP and Ad-hoc support for iwd Wi-Fi backend. + Warn about invalid settings in "NetworkManager.conf". + Support announcing "ANDROID_METERED" DHCP option for shared mode. + Support SAE authentication as used for 802.11s Meshing and WPA3-Personal. + NetworkManager is no longer installed as D-Bus activatable service. + Mark docker bridges as unmanaged via udev rule. + Add new PolicyKit permission "org.freedesktop.NetworkManager.wifi.scan" for controlling Wi-Fi scanning. - Rebase systemd-network-config.patch and nm-dont-overwrite-resolv-conf.patch. - Drop NetworkManager-1.12.2-docker-unmanaged.patch and NM-add-wifi-scan-polkit-rule.patch: Fixed upstream (bsc#1128560). ++++ slirp4netns: - Update to 0.3.0-beta1 * Support protecting 127.0.0.1 on the host (--disable-host-loopback) * Support specifying CIDR like 10.0.2.0/24 (--cidr) * Fix CVE-2019-6778 * Synced with QEMU upstream ++++ u-boot-rpiarm64: - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.04 * Fix bsc#1124137 by: * Patches dropped: 0008-Revert-efi_loader-query-serial-cons.patch 0009-zynqmp-generic-fix-compilation.patch * Patches added: 0008-zynqmp-generic-fix-compilation.patch 0009-efi_loader-Fix-serial-console-size-.patch ------------------------------------------------------------------ ------------------ 2019-3-17 - Mar 17 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Drop stale disabled patches As discussed in http://mailman.suse.de/mlarch/SuSE/kernel/2019/kernel.2019.02/msg00118.html http://mailman.suse.de/mlarch/SuSE/kernel/2019/kernel.2019.03/msg00016.html some of our patches have been disabled for quite long and attempts to get them reviewed failed. Let's drop them now: patches.suse/0036-arm-Add-BTB-invalidation-on-switch_mm-for-Cortex-A9-.patch patches.suse/0037-arm-Invalidate-BTB-on-prefetch-abort-outside-of-user.patch patches.suse/0038-arm-KVM-Invalidate-BTB-on-guest-exit.patch patches.suse/0039-arm-Add-icache-invalidation-on-switch_mm-for-Cortex-.patch patches.suse/0040-arm-Invalidate-icache-on-prefetch-abort-outside-of-u.patch patches.suse/0041-arm-KVM-Invalidate-icache-on-guest-exit-for-Cortex-A.patch patches.suse/binutils2_26.patch patches.suse/dm-mpath-accept-failed-paths patches.suse/pstore-backend-autoaction - commit 55d6d1e - config: enable RANDOM_TRUST_CPU The outcome from mailing list discussion when this config option appeared was that it makes more sense to enable it by default and let those who do not trust their CPU override it on command line; but then I forgot to actually change the value. - commit 138b5df ++++ libnettle: - Update to 3.4.1 - FATE#327114 (bsc#1129598) * Fix CVE-2018-16869 (bsc#1118086) libnettle-CVE-2018-16869-3.4.patch (removed) All functions using RSA private keys are now side-channel silent, meaning that they try hard to avoid any branches or memory accesses depending on secret data. This applies both to the bignum calculations, which now use GMP's mpn_sec_* family of functions, and the processing of PKCS#1 padding needed for RSA decryption. * Changes in behavior: The functions rsa_decrypt and rsa_decrypt_tr may now clobber all of the provided message buffer, independent of the actual message length. They are side-channel silent, in that branches and memory accesses don't depend on the validity or length of the message. Side-channel leakage from the caller's use of length and return value may still provide an oracle useable for a Bleichenbacher-style chosen ciphertext attack. Which is why the new function rsa_sec_decrypt is recommended. * New features: A new function rsa_sec_decrypt. * Bug fixes: - Fix bug in pkcs1-conv, missing break statements in the parsing of PEM input files. - Fix link error on the pss-mgf1-test test, affecting builds without public key support. ++++ NetworkManager: - Do away with em dashes in summaries. - Combine %service_* calls to reduce generated boilerplate. ++++ libseccomp: - updated to 2.4.0 (bsc#1128828 CVE-2019-9893) - Update the syscall table for Linux v5.0-rc5 - Added support for the SCMP_ACT_KILL_PROCESS action - Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute - Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension - Added support for the parisc and parisc64 architectures - Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) - Return -EDOM on an endian mismatch when adding an architecture to a filter - Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() - Fix PFC generation when a syscall is prioritized, but no rule exists - Numerous fixes to the seccomp-bpf filter generation code - Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 - Numerous tests added to the included test suite, coverage now at ~92% - Update our Travis CI configuration to use Ubuntu 16.04 - Numerous documentation fixes and updates - now gpg signed, added key of Paul Moore from keyserver. ------------------------------------------------------------------ ------------------ 2019-3-16 - Mar 16 2019 ------------------- ------------------------------------------------------------------ ++++ podman: - Scriptlets contain sh-compatible code, so drop -p /bin/bash. ------------------------------------------------------------------ ------------------ 2019-3-15 - Mar 15 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update config files: disable CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER (bsc#1127552) The deferred fbcon takeover makes little sense with the current openSUSE boot setup, and it's harmful (more glitches, etc). Disable it for now. - commit 14fa903 - Remove the previous subpackage infrastructure. This partially reverts commit 9b3ca32c11854156b2f950ff5e26131377d8445e ("Add kernel-subpackage-build.spec (FATE#326579).") - commit a5ee24e - Add sample kernel-default-base spec file (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). - commit 35c4a52 ++++ kernel-default-base: - Separate kernel-deafult-base from kernel-default (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). ++++ dtc: - Upgrade to version 1.5.0 (bsc#1153301): * Added i2c-bus and spi-bus support * New "-T" option: "Annotate output .dts with input source file and line" * Added YAML output format * Record source positions * Use inttypes.h macros for printing. * Fix some minor bugs which may lead to SIGSEGV. * Adjusted source URL to working path [bug#1128943, use-tx-as-the-type-specifier-instead-of-zx.patch] ++++ libvirt: - supportconfig: collect rotated logs in /var/log/libvirt/* Modified libvirt-supportconfig bsc#1124667 ++++ python-rpm-macros: - Update to version 20190315.d3034bf bsc#1128323: * Rewrite pytest and pytest_arch into Lua macros with multiple arguments. ++++ transactional-update: - Update to version 2.14 - Warn user if contents of /var have been changed during update - Noteworthy: swapped position of upperdir and lowerdir in fstab for better readability - Major update to the transactional-update guide ------------------------------------------------------------------ ------------------ 2019-3-14 - Mar 14 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Bump version to 044.2 to provide a version to lock on to (bsc#1127891) ++++ health-checker: - Update to version 1.2.1 * Make sure telmetrics payload is not empty in success case ++++ hwinfo: - Update of pci and usb ids (bsc#1127840) (#77) - 21.64 ++++ kernel-default: - Install extra rpm scripts for kernel subpackaging (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). - commit ad7c227 - Linux 5.0.2 (bnc#1012628). - perf/x86/intel: Implement support for TSX Force Abort (bnc#1012628). - x86: Add TSX Force Abort CPUID/MSR (bnc#1012628). - perf/x86/intel: Generalize dynamic constraint creation (bnc#1012628). - perf/x86/intel: Make cpuc allocations consistent (bnc#1012628). - ath9k: Avoid OF no-EEPROM quirks without qca,no-eeprom (bnc#1012628). - scripts/gdb: replace flags (MS_xyz -> SB_xyz) (bnc#1012628). - staging: erofs: compressed_pages should not be accessed again after freed (bnc#1012628). - staging: erofs: keep corrupted fs from crashing kernel in erofs_namei() (bnc#1012628). - gfs2: Fix missed wakeups in find_insert_glock (bnc#1012628). - bpf: Stop the psock parser before canceling its work (bnc#1012628). - Revert "PCI/PME: Implement runtime PM callbacks" (bnc#1012628). - media: Revert "media: rc: some events are dropped by userspace" (bnc#1012628). - drm: disable uncached DMA optimization for ARM and arm64 (bnc#1012628). - ARM: dts: exynos: Fix max voltage for buck8 regulator on Odroid XU3/XU4 (bnc#1012628). - ARM: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU (bnc#1012628). - ARM: dts: exynos: Fix pinctrl definition for eMMC RTSN line on Odroid X2/U3 (bnc#1012628). - arm64: dts: hikey: Revert "Enable HS200 mode on eMMC" (bnc#1012628). - arm64: dts: hikey: Give wifi some time after power-on (bnc#1012628). - arm64: dts: zcu100-revC: Give wifi some time after power-on (bnc#1012628). - x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bnc#1012628). - scsi: aacraid: Fix missing break in switch statement (bnc#1012628). - iscsi_ibft: Fix missing break in switch statement (bnc#1012628). - Input: elan_i2c - add id for touchpad found in Lenovo s21e-20 (bnc#1012628). - Input: wacom_serial4 - add support for Wacom ArtPad II tablet (bnc#1012628). - media: uvcvideo: Fix 'type' check leading to overflow (bnc#1012628). - commit 815c1bc ++++ multipath-tools: - Disable kmod()-style dependencies for now (bsc#1119414) ++++ Mesa: - Update to 19.0.0 * bug fixes and performance improvements - adjusted n_drirc-disable-rgb10-for-chromium-on-amd.patch - supersedes u_wayland_egl-Ensure-EGL-surface.patch ++++ python-PyYAML: - Update to 5.1: * many changes, see CHANGES * bsc#1099308 CVE-2017-18342 PyYAML: yaml.load() API could execute arbitrary code ++++ suse-module-tools: - Update to version 15.1.13: * spec file: add conflicts for dracut < 44.2 (bsc#1127891) - Update to version 15.1.12 (git 1ab0b84): * modprobe.conf.common: add csiostor->cxgb4 dependency (bsc#1100989) * Load fbcon together with virtio_gpu on s390 (bsc#1121996, fate#327159) ++++ systemd-presets-common-SUSE: - enable nvmefc-boot-connections.service to discover network-provided nvme drives on boot (bsc#1128428) ++++ yast2: - Fixed evaluating the base product, the same products with the available and selected status must be treated as duplicate products (bsc#1129257) - 4.1.65 ------------------------------------------------------------------ ------------------ 2019-3-13 - Mar 13 2019 ------------------- ------------------------------------------------------------------ ++++ bc: - added patches Correct return value after 'q' [bsc#1129038] + bc-dc-correct-return-value.patch ++++ libjpeg-turbo: - security update - added patches CVE-2018-14498 [bsc#1128712] + libjpeg-turbo-CVE-2018-14498.patch ++++ libvirt: - hook: encode incoming XML to UTF-8 before passing to lxml etree fromstring method Modifed suse-qemu-domain-hook.py boo#1123642 - libxl: change autoballooning default to disabled suse-libxl-disable-autoballoon.patch jsc#SLE-3059 - conf: add new 'xenbus' controller type 09eb1ae0-conf-add-xenbus-controller.patch - libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller fb059757-libxl-add-xenbus-controller.patch, ec5a1191-libxl-support-max-grant-frames.patch, 5a64c202-xenconfig-support-max-grant-frames.patch bsc#1126325 - Replace patches with upstream variants Old: 0001-apparmor-Check-libvirtd-profile-status-by-name.patch, 0001-qemu-Fix-query-cpus-fast-target-architecture-detecti.patch New: 411cdaf8-apparmor-check-profile-name.patch, 696239ba-qemu-fix-query-cpus-fast.patch ++++ nvme-cli: - Add nvmefc-connect.target to allow stopping the parameterized services (bsc#1127076). Also change the service type so udevd doesn't have to wait for the termination of the service process. + 0102-Add-nvmefc-connect.target.patch + 0103-Change-service-to-type-simple.patch ++++ rpm: - Translate dashes to underscores in kmod provides (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1119414). refresh: findksyms.diff add: find-provides.ksyms, find-requires.ksyms ++++ yast2: - Process the "specialproduct" value like a linuxrc parameter (ignore "-_." characters, ignore case) (bsc#1128901) - 4.1.64 - Fix how a product features is read in a running system. - Update default path for base product licenses (fate#324053, jsc#SLE-4173). - 4.1.63 ------------------------------------------------------------------ ------------------ 2019-3-12 - Mar 12 2019 ------------------- ------------------------------------------------------------------ ++++ btrfsmaintenance: - Document and adjust balance thresholds and periods (FATE#325529 jsc#SLE-3188). * README: document impact of balance + quota groups * sysconfig: reduce default balance usage thresholds * sysconfig: document using systemd.time(7) for frequency of operations * btrfsmaintenance-refresh-cron.sh: validate periods for cron-based systems - Remove python dependency (FATE#326736 jsc#SLE-4130). * btrfs-defrag-plugin: remove dependency on zypp-plugin-python - Added patches: * 0001-README-document-impact-of-balance-quota-groups.patch * 0002-sysconfig-reduce-default-balance-usage-thresholds-fa.patch * 0003-sysconfig-document-using-systemd.time-7-for-frequenc.patch * 0004-btrfsmaintenance-refresh-cron.sh-validate-periods-fo.patch * 0005-btrfs-defrag-plugin-remove-dependency-on-zypp-plugin.patch - Added source: * btrfs-defrag-plugin.sh - Removed patch: * python3-support-bsc1070322.diff ++++ glib-networking: - Update to version 2.60.0.1: + Fix build with OpenSSL pkg-config unavailable. ++++ gsettings-desktop-schemas: - Update to version 3.32.0: + Updated translations. ++++ kernel-firmware: - Update to version 20190312: * drm/amdgpu: update picasso to latest from 18.50 branch * drm/amdgpu: update polaris12 to latest from 18.50 branch * drm/amdgpu: update vega20 to latest from 18.50 branch * rtw88: RTL8822C: update rtw8822c_fw.bin to v5.0 * rtl_bt: Update firmware for BT part of RTL8822C * linux-firmware: update Marvell 8787/8801/8887 firmware images * linux-firmware: update Marvell 8897/8997 firmware images * nfp: update Agilio SmartNIC firmware to rev 2.1.16.1 * QCA: Add the fw files for BT Chip QCA6174. ++++ openssl-1_1: - Fix segfault in openssl speed when an unknown algorithm is passed (bsc#1125494) * add 0001-apps-speed-fix-segfault-while-looking-up-algorithm-n.patch - Correctly skip binary curves in openssl speed to avoid spitting errors (bsc#1116833) * add openssl-speed_skip_binary_curves_NO_EC2M.patch ++++ plymouth: - Update to version 0.9.4+git20181219.c8f1256: * ply-pixel-buffer: Fix right and bottom edge rendering of scaled buffers. * Add support for translating the user visible strings in some themes * Prefix Title and Subtitle theme config keywords with an underscore * Add new reboot and system-upgrade modes * main: Remove private ply_mode_t * two-step: Make ProgressBarShowPercentComplete a per mode setting * plymouthd.defaults: Change default ShowDelay to 0 * ply-boot-splash: Do not add ply_boot_splash_update_progress timeout multiple times * logging: Minor log-message fixes. Improve logging format. * themes: Update spinner and bgrt theme offline updates mode * two-step: Add a per mode setting to suppress messages. Add progress-bar support. Add MessageBelowAnimation option. Add per mode settings. Drop background_is_bgrt view_t member * ply-progress-bar: Allow caller to specify the widgets width and height. Allow choosing fore- and back-ground color. Redraw on percentage update. * boot-server: fix type confusion when allocating connection object * ply-device-manager: Handle change events for monitor hotplugging. Consume all events in one go. * drm: Stop limiting preferred-mode picking to UEFI systems. Reset mode on display-port connected outputs with a bad link-status. Implement handle_change_event. Ensure heads are mapped before flushing them. Allow calling create_heads_for_active_connectors multiple times. Allow calling ply_renderer_head_add_connector with existing connector_id. Limit backend->resources lifetime to within query_device. Store and keep all the outputs in the backend. Add get_output_info helper function Stop storing a pointer to drmModeConnector in ply_output_t Stop keeing a drmModeConnector instance around. Refactor ply_renderer_head_add_connector and ply_renderer_head_new - Rebase 0002-Install-label-ft-plugin-into-initrd-if-available.patch ++++ openssh: - Minor clean-up of the fips patches, modified openssh-7.7p1-fips.patch openssh-7.7p1-fips_checks.patch ++++ raspberrypi-firmware-dt: - Handle properly the branch switch in get-from-git.sh script - Switch branch to 'rpi-5.0.y' to match the kernel version - Remove upstreamed patch: * upstream-rpi-ft5406-overlay.patch - Update to 00794df91 (2019-03-06): * remove adv7282m, adv728x-m, ov5647, tc358743 and tc358743-audio * update balena-fin ++++ yast2: - Fixed product filtering in product_reader.rb, fixes problem when upgrading SLE15-SP1 to SLE15-SP1 (usually used to fix a broken system) (bsc#1128459) - 4.1.62 ------------------------------------------------------------------ ------------------ 2019-3-11 - Mar 11 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-04-b66cf03e673e84902ce0330f88f84f4fbdc8c9e9.patch * Restore old position of ssh/sudo source of profile for bug bsc#1118364 but hopefully do not reintroduce bug boo#1088524 ++++ dracut: - Check SUSE kernel module dependencies recursively (bsc#1127891) * adds 0594-Check-SUSE-kernel-module-dependencies-recursively.patch ++++ glib-networking: - Update to version 2.60.0: + This is the first stable release featuring the new OpenSSL backend. Please be advised that this new backend is still experimental and known to not work on some systems, including Debian. Linux distributions are encouraged to stick to the default build options, where OpenSSL is not yet enabled. + Fix build with GnuTLS disabled. ++++ kernel-default: - Update patches.suse/0001-media-usb-pwc-Don-t-use-coherent-DMA-buffers-for-ISO.patch upstream reference. - commit ff7c8cd ++++ libssh2_org: - Security fixes: * [bsc#1128471, CVE-2019-3855] Possible integer overflow in transport read allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3855.patch * [bsc#1128472, CVE-2019-3856] Possible integer overflow in keyboard interactive handling allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3856.patch * [bsc#1128474, CVE-2019-3857] Possible integer overflow leading to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3857.patch * [bsc#1128476, CVE-2019-3858] Possible zero-byte allocation leading to an out-of-bounds read with a specially crafted SFTP packet - libssh2_org-CVE-2019-3858.patch * [bsc#1128480, CVE-2019-3859] Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev - libssh2_org-CVE-2019-3859.patch * [bsc#1128481, CVE-2019-3860] Out-of-bounds reads with specially crafted SFTP packets - libssh2_org-CVE-2019-3860.patch * [bsc#1128490, CVE-2019-3861] Out-of-bounds reads with specially crafted SSH packets - libssh2_org-CVE-2019-3861.patch * [bsc#1128492, CVE-2019-3862] Out-of-bounds memory comparison with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3862.patch * [bsc#1128493, CVE-2019-3863] Integer overflow in user authenicate keyboard interactive allows out-of-bounds writes with specially crafted keyboard responses - libssh2_org-CVE-2019-3863.patch ++++ systemd: - Stop installing macros.systemd There're no points in installing this file if we remove it right after. - Make sure systemd-network.rules take precedence over our polkit-default-privs (bsc#1125438) ++++ libtirpc: - Fix SLES 15 - yp_bind_client_create_v3: RPC: Unknown host (bsc#1126096). - Add upstream patch 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch - update patch 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch to avoid a file descriptor leak ++++ libvirt: - util: skip RDMA detection for non-PCI network devices f38ef0fa-no-RDMA-check.patch bsc#1112182 ++++ openssh: - Fix two race conditions in sshd relating to SIGHUP (bsc#1119183) * 0001-upstream-Fix-two-race-conditions-in-sshd-relating-to.patch ------------------------------------------------------------------ ------------------ 2019-3-10 - Mar 10 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Update to version 1.60.0: + gir: Update glib annotations. ++++ kernel-default: - Linux 5.0.1 (bnc#1012628). - exec: Fix mem leak in kernel_read_file (bnc#1012628). - Bluetooth: Fix locking in bt_accept_enqueue() for BH context (bnc#1012628). - Bluetooth: btrtl: Restore old logic to assume firmware is already loaded (bnc#1012628). - selftests: firmware: fix verify_reqs() return value (bnc#1012628). - Revert "selftests: firmware: remove use of non-standard diff - Z option" (bnc#1012628). - Revert "selftests: firmware: add CONFIG_FW_LOADER_USER_HELPER_FALLBACK to config" (bnc#1012628). - USB: serial: cp210x: fix GPIO in autosuspend (bnc#1012628). - gnss: sirf: fix premature wakeup interrupt enable (bnc#1012628). - xtensa: fix get_wchan (bnc#1012628). - aio: Fix locking in aio_poll() (bnc#1012628). - MIPS: irq: Allocate accurate order pages for irq stack (bnc#1012628). - alpha: wire up io_pgetevents system call (bnc#1012628). - applicom: Fix potential Spectre v1 vulnerabilities (bnc#1012628). - usb: xhci: Fix for Enabling USB ROLE SWITCH QUIRK on INTEL_SUNRISEPOINT_LP_XHCI (bnc#1012628). - xhci: tegra: Prevent error pointer dereference (bnc#1012628). - tracing: Fix event filters and triggers to handle negative numbers (bnc#1012628). - x86/boot/compressed/64: Do not read legacy ROM on EFI system (bnc#1012628). - x86/CPU/AMD: Set the CPB bit unconditionally on F17h (bnc#1012628). - tipc: fix RDM/DGRAM connect() regression (bnc#1012628). - team: Free BPF filter when unregistering netdev (bnc#1012628). - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79 (bnc#1012628). - sctp: call iov_iter_revert() after sending ABORT (bnc#1012628). - qmi_wwan: Add support for Quectel EG12/EM12 (bnc#1012628). - net-sysfs: Fix mem leak in netdev_register_kobject (bnc#1012628). - net: sched: put back q.qlen into a single location (bnc#1012628). - net: mscc: Enable all ports in QSGMII (bnc#1012628). - net: dsa: mv8e6xxx: fix number of internal PHYs for 88E6x90 family (bnc#1012628). - net: dsa: mv88e6xxx: handle unknown duplex modes gracefully in mv88e6xxx_port_set_duplex (bnc#1012628). - net: dsa: mv88e6xxx: add call to mv88e6xxx_ports_cmode_init to probe for new DSA framework (bnc#1012628). - ip6mr: Do not call __IP6_INC_STATS() from preemptible context (bnc#1012628). - staging: android: ashmem: Avoid range_alloc() allocation with ashmem_mutex held (bnc#1012628). - staging: android: ashmem: Don't call fallocate() with ashmem_mutex held (bnc#1012628). - staging: android: ion: fix sys heap pool's gfp_flags (bnc#1012628). - staging: wilc1000: fix to set correct value for 'vif_num' (bnc#1012628). - staging: comedi: ni_660x: fix missing break in switch statement (bnc#1012628). - staging: erofs: fix illegal address access under memory pressure (bnc#1012628). - staging: erofs: fix race of initializing xattrs of a inode at the same time (bnc#1012628). - staging: erofs: fix memleak of inode's shared xattr array (bnc#1012628). - staging: erofs: fix fast symlink w/o xattr when fs xattr is on (bnc#1012628). - driver core: Postpone DMA tear-down until after devres release (bnc#1012628). - USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485 (bnc#1012628). - USB: serial: cp210x: add ID for Ingenico 3070 (bnc#1012628). - USB: serial: option: add Telit ME910 ECM composition (bnc#1012628). - binder: create node flag to request sender's security context (bnc#1012628). - staging: erofs: fix mis-acted TAIL merging behavior (bnc#1012628). - cpufreq: Use struct kobj_attribute instead of struct global_attr (bnc#1012628). - commit 47a2a02 ++++ python-gobject: - Update to version 3.32.0: + No changes since 3.31.4. ------------------------------------------------------------------ ------------------ 2019-3-8 - Mar 8 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Add patches to fix use-after-free (boo#1127849): * 0001-connection_check-set-data-to-the-transfer-doing-the-.patch * 0002-connection_check-restore-original-conn-data-after-th.patch ++++ efivar: - Add efivar-bsc1127544-fix-ucs2len.patch to fix logic that checks for UCS-2 string termination (boo#1127544) - Add efivar-fix-efidp_ipv4_addr-fields-assignment.patch to fix the casting of IPv4 address. ++++ podman: - podman-cni-config: remove artificial conflicts with kubelet ++++ qemu: - Again address ipxe GCC 9 incompatibilities. Previously included patch to disable unneeded warning got muffed somehow (bsc#1121464) ++++ raspberrypi-firmware: - Update to fd15e070 (2019-03-08): * firmware: raspivid: Stop --raw option resetting --raw-format to YUV See: https://www.raspberrypi.org/forums/viewtopic.php?f=43&t=189830&start=25#p1432589 * firmware: Fixed up overflow in microsecond timer See: raspberrypi/userland#535 * firmware: camera_subsystem: Clean up disable_camera_led handling * firmware: smservice: Add defines for VPU allocations * smservice: Add support for reporting the supported version to the host * firmware: Camplus: cdi: Remove requirement for calibration functions * firmware: isp: Reinstate lres shift parameter accidentally dropped with gamma changes See: #1108 * firmware: mmal_ril: List all 4 Bayer orders if the IL component says it supports Bayer * firmware: camera/image_encode: Add timestamp to frames encoded with image_encode See: raspberrypi/linux#2351 ++++ raspberrypi-firmware-config: - Update to fd15e070 (2019-03-08): * firmware: raspivid: Stop --raw option resetting --raw-format to YUV See: https://www.raspberrypi.org/forums/viewtopic.php?f=43&t=189830&start=25#p1432589 * firmware: Fixed up overflow in microsecond timer See: raspberrypi/userland#535 * firmware: camera_subsystem: Clean up disable_camera_led handling * firmware: smservice: Add defines for VPU allocations * smservice: Add support for reporting the supported version to the host * firmware: Camplus: cdi: Remove requirement for calibration functions * firmware: isp: Reinstate lres shift parameter accidentally dropped with gamma changes See: #1108 * firmware: mmal_ril: List all 4 Bayer orders if the IL component says it supports Bayer * firmware: camera/image_encode: Add timestamp to frames encoded with image_encode See: raspberrypi/linux#2351 ++++ raspberrypi-firmware-dt: - Include README file for overlays as it contains useful information ++++ yast2: - bnc#1127798 - do not crash with internal error when enabling a network network service when no network service is active. - 4.1.61 ------------------------------------------------------------------ ------------------ 2019-3-7 - Mar 7 2019 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Add patch git-03-00d332a443062395957f422c89eaed9d0979ec00.patch * update logic for JRE_HOME env variable (bsc#1128246) ++++ branding-openSUSE: - Add systemd logo icons - Add LibreOffice branding - optipng everything - Base installer off of SVG ++++ kdump: - kdump-remove-noefi-and-acpi_rsdp-for-efi-firmware.patch: Remove noefi and acpi_rsdp for EFI firmware (bsc#1123940). ++++ kernel-default: - KMPs: provide and conflict a kernel version specific KMP name (bsc#1127155, bsc#1109137). - commit 5568093 ++++ multipath-tools: - Fix module name in multipath.conf (bsc#1119414) * The modules-load.d entry must match the filename exactly ++++ libgcrypt: - Skip all the self-tests except for binary integrity when called from the constructor (bsc#1097073) * Added libgcrypt-1.8.3-fips-ctor.patch ++++ openssl-1_1: - OpenSSL Security Advisory [6 March 2019] * Prevent long nonces in ChaCha20-Poly1305 (bsc#1128189, CVE-2019-1543) * add openssl-CVE-2019-1543.patch ++++ systemd: - Include the SUSE version along with the major version of systemd $ systemctl --version systemd 241 (+suse.42.g15a1b4d58) Note that the SUSE version format maybe subject to change and as such scripts should not try to parse it. ++++ patterns-base: - Add pattern x11_raspberrypi (fate#326509, jsc#SLE-4142) This is to cover the delta between SLES 15 GA and SP1 JeOS images to allow the user to recreate its IceWM desktop without requiring a lengthy list of packages. ++++ podman: - Disable build with PIE on ppc64le to avoid boo#1098017 ++++ python-rpm-macros: - Update to version 20190307.81ca329: * We should preserve existing PYTHONPATH. - bsc#1128323: Update to version 20190307.fbaed33 * Add --ignore to pytest calls to ignore build directories. ++++ python-gobject: - Update to version 3.31.4: + docs: document GObject.Object.weak_ref(). + cairo: - Add cairo pattern foreign struct support. - Add cairo_matrix_t converter to GValue. ------------------------------------------------------------------ ------------------ 2019-3-6 - Mar 6 2019 ------------------- ------------------------------------------------------------------ ++++ gsettings-desktop-schemas: - Update to version 3.31.92: + Drop legacy build systems. + Updated translations. ++++ kernel-default: - Revert "Drop multiversion(kernel) from the KMP template (fate#323189)" (bsc#1109137). This reverts commit 71504d805c1340f68715ad41958e5ef35da2c351. - commit adade9f ++++ systemd: - systemd-mini: explicitly disable some of the systemd components For some reasons, some build requirements get pulled in for the mini variant now, enabling some parts of the code that were expected to be turned OFF. ++++ libvirt: - qemu: s390: show correct CPU status after guest crash 0001-qemu-Fix-query-cpus-fast-target-architecture-detecti.patch bsc#1127841 - apparmor: fix more fallout from changing libvirtd profile to a named profile 4ec3cf9a-apparmor-rules.patch, 0001-apparmor-Check-libvirtd-profile-status-by-name.patch boo#1125841 ++++ podman: - Update to v1.1.2 * Fixed a bug where the podman image list, podman image rm, and podman container list had broken global storage options * Fixed a bug where the --label option to podman create and podman run was missing the -l alias * Fixed a bug where running Podman with the --config flag would not set an appropriate default value for tmp_dir * Fixed a bug where the podman logs command with the --timestamps flag produced unreadable output * Fixed a bug where the podman cp command would automatically extract .tar files copied into the container * The podman container stop command is now usable with the Podman remote client ++++ python-libvirt-python: - Update to 5.1.0 - Add all new APIs and constants in libvirt 5.1.0 - jsc#SLE-3887, jsc#SLE-4480, jsc#SLE-4577 ++++ u-boot-rpiarm64: - Drop am335x_boneblack and use am335x_evm instead, to follow upstream: * http://git.denx.de/?p=u-boot.git;a=commit;h=8fa7f65dd02c176ee6021eaf40114560b8954ba2 - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.04 * Patches added to fix bsc#1128099: 0009-zynqmp-generic-fix-compilation.patch ++++ yast2: - added "Modify" button label (related to bsc#1128279, or just as good gh#yast/yast-yast2#713) - 4.1.60 ------------------------------------------------------------------ ------------------ 2019-3-5 - Mar 5 2019 ------------------- ------------------------------------------------------------------ ++++ glib-networking: - Update to version 2.59.92: + GnuTLS: reject sync operations during handshake to avoid deadlocks. + Temporarily disable DTLS and OpenSSL tests due to bugs. ++++ glib2: - Add patch submitted upstream to handle an UNKNOWN NM connectivity the same as a NONE value. This partly fixes boo#1103678 (packagekit reports the network as available on a computer without network connectivity which makes plasma-pk-update start an update check which obviously fails). * 0001-Handle-an-UNKNOWN-NetworkManager-connectivity-as-NONE.patch ++++ glibc: - mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153) ++++ kernel-default: - config: disable BPFILTER_UMH on non-x86 architectures (bsc#1127188) CONFIG_BPFILTER_UMH depends on ability to compile and link a userspace binary so that it currently doesn't work in our kbuild check setups using a cross compiler. Disable the option on architectures where cross compiler is used (i.e. all except x86_64 and i386). - commit cfb8371 ++++ multipath-tools: - Add kmod(xyz) style dependencies for SLE15-SP1 (jsc#SLE-3853, fate#326579, bsc#1119414) - Update to version 0.7.9+128+suse.ae29865: - Bug fixes: * multipathd: Fix miscounting active paths (bsc#1125043) * multipathd: avoid null pointer dereference in LOG_MSG (bsc#1127873) * minor fixes suggested by coverity (bsc#1127879) ++++ systemd: - Upgrade to v241 (commit 15a1b4d58f1d2bc9c21c7cbab6fe63b58e48bda1) This includes the following bug fixes: - upstream commit c0d76959080e3ba6534bce1c7053c750668e8b55 (bsc#1160595) - upstream commit 7334ade4a7e103b1a01d1c8fe1ea7c7a854a1c31 (bsc#1123892) - upstream commit c7e93c4d15019323973baf12daa76357c83892c4 (boo#1111498) This also includes the following bug fixes released in v240: - upstream commit 2675747f3cdd6f1e6236bbb2f79abfa53fb307f1 (boo#1111498) - upstream commit 9eb0fc32d6cb63e71f2cfc1e7dd34c3ede4b48a3 (bsc#1140631) - upstream commit 1432d2dbdfa90963272a9b581dc4b55dd3ac514f (bsc#1155574) - upstream commit 26e35b164b8d0603629b3d394554cfa728e8c3e4 (bsc#1169488) - upstream commit a9fc640671ef60ac949f1ace6fa687ff242fc233 (fate#325697) ++++ u-boot-rpiarm64: - Add sifive_fu540 - Update to v2019.04-rc3: * Partial changelog: more DM enablement and Kconfig conversions, bananapi fixes, defconfig resync, Make FAT use less memory, drivers fixes, SPI-NOR support, Fixes for CVE-2018-18440 and CVE-2018-18439 * v2019.04-rc3 changelog info: - https://lists.denx.de/pipermail/u-boot/2019-March/360728.html * v2019.04-rc2 changelog info: - https://lists.denx.de/pipermail/u-boot/2019-February/359463.html * v2019.04-rc1 changelog info: - https://lists.denx.de/pipermail/u-boot/2019-February/357902.html ++++ yast2: - Added command line support also for the other Report module methods (related to bnc#1127685) - 4.1.59 - Fixed a failing testsuite, the Report.LongError used in the global exception handler did not support the command line mode (related to bnc#1127685) - 4.1.58 ------------------------------------------------------------------ ------------------ 2019-3-4 - Mar 4 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Update to version 1.59.5: + gir: - Include C header in cairo gir file. - Skip glib-enumtypes.h for GObject-2.0. ++++ glib2: - Update to version 2.60.0: + Further fixes to the Happy Eyeballs (RFC 8305) implementation. + Add support for the XDG trash portal. + Bugs fixed: glgo#GNOME/GLib#1653, glgo#GNOME/GLib#1658, glgo#GNOME/GLib#1668, glgo#GNOME/GLib#1675, glgo#GNOME/GLib#1676, glgo#GNOME/GLib#1679, glgo#GNOME/GLib#1693, glgo#GNOME/GLib#1697, glgo#GNOME/GLib#1698, glgo#GNOME/GLib!276, glgo#GNOME/GLib!639, glgo#GNOME/GLib!666, glgo#GNOME/GLib!674, glgo#GNOME/GLib!676, glgo#GNOME/GLib!677, glgo#GNOME/GLib!686, glgo#GNOME/GLib!688, glgo#GNOME/GLib!689, glgo#GNOME/GLib!691, glgo#GNOME/GLib!692, glgo#GNOME/GLib!696, glgo#GNOME/GLib!698, glgo#GNOME/GLib!699, glgo#GNOME/GLib!702, glgo#GNOME/GLib!703. + Updated translations. ++++ ignition: - Update to version 0.30.0+git20190301.2ce015b: * tests: add test ensuring correct ordering of nodes * tests: move failing tests to negative * stages/files: sort entries by resolved depth * Fix function comments based on best practices from Effective Go * tests: add bb test for mounting with sylminks * stages/mount: fail if mount paths involve symlinks * internal/exec/util: make SplitPath public * config/translate: add unit tests * config/translate: add reflection based translator * internal/distro: use relative paths * exec/util/passwd: rename authorized_keys.d fragment to "ignition" ++++ kernel-default: - KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137). - commit 821419f - Update to 5.0 final - Refresh configs - commit 8f71df2 ++++ util-linux: - Integrate pam_keyinit pam module to login (boo#1081947, login.pamd, remote.pamd). ++++ Mesa: - Don't enable gallium_loader on ppc and s390x - Fix configuration on non-gallium archs - u_dep_xcb.patch: fix missing xcb dependencies - avoid Mesa-drivers build failure for ppc64le reported by (boo#1127672) ++++ libvirt: - Update to libvirt 5.1.0 - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Dropped patches: 11c8aca9-libxl-set-mem-after-balloon.patch, 70c2933d-apparmor-named-profiles.patch, a3ab6d42-apparmor-conv-libvirtd-named-profile.patch, b6440119-qemu-conf-sev.patch, a404ac34-qemu-cgroup-sev.patch, 6fd4c8f8-qemu-domain-sev.patch, 17f6a257-security-dac-sev.patch, a2d3dea9-qemu-caps-dac-override-sev.patch, 620d9dd5-qemu-no-dac-override-nonroot.patch - jsc#SLE-3887, jsc#SLE-4480, jsc#SLE-4577 ++++ podman: - Update to v1.1.1 * Update release notes for v1.1.1 * Pull image for runlabel if not local * Fix SystemExec completion race * Fix link inconsistencies in man pages * Verify that used OCI runtime supports checkpoint * Should be defaulting to pull not pull-always * podman-commands script: refactor * Move Alias lines to descriptions of commands * Fix usage messages for podman image list, rm * Fix -s to --storage-driver in baseline test * No podman container ps command exists * Allow Exec API user to override streams * fix up a number of misplace commands * rootless, new[ug]idmap: on failure add output * [ci skip] Critical note about merge bot * podman port fix output * Fix ignored --time argument to podman restart * secrets: fix fips-mode with user namespaces * Fix four errors tagged by Cobra macro debugging * Clean up man pages to match commands * Add debugging for errors to Cobra compatibility macros * Command-line input validation: reject unused args * Fix ignored --stop-timeout flag to 'podman create' * fixup! Incorporate review feedback * fixup! missed some more: * fixup! Correction to 'checkpoint' * Followup to #2456: update examples, add trust * podman create: disable interspersed opts * fix up a number of misplace commands * Add a task to Cirrus gating to build w/o Varlink * Skip checkpoint/restore tests on Fedora for now * Fix build for non-Varlink-tagged Podman * Remove restore as podman subcommand * Better usage synopses for subcommands * Bump gitvalidation epoch * Bump to v1.2.0-dev * Centralize setting default volume path * Ensure volume path is set appropriately by default * Move all storage configuration defaults into libpod * rename pod when we have a name collision with a container * podman remote-client readme - Update package to ship varlink required files ++++ supportutils: - Updated to version 3.1.2 + Fixed missing sapconf and log (bsc#1081326) + Added timed_log_cmd to hwinfo and showmount commands (bsc#1120967) ++++ systemd-presets-branding-MicroOS: - Obsolete old CaaSP version to fix migration ++++ transactional-update: - Update to version 2.13.2 - add hooks for telemetrics ++++ util-linux-systemd: - Integrate pam_keyinit pam module to login (boo#1081947, login.pamd, remote.pamd). ++++ yast2: - bnc#1127685 - made Report module long message reporting popups adjustable - 4.1.57 ------------------------------------------------------------------ ------------------ 2019-3-1 - Mar 1 2019 ------------------- ------------------------------------------------------------------ ++++ rdma-core: - Add patches to enable Broadcom's 57500 RoCE adapter (bsc#1125651): - Update-kernel-headers.patch - bnxt_re-lib-Enable-Broadcom-s-57500-RoCE-adapter.patch ++++ spice: - Use plain python2 for SLE12 builds - Remove PYTHON=python3, configure will find and use the python3 ++++ supportutils: - Updated to version 3.1.1 + Fixed X missing /prob/fb error (bsc#1127069) + Fixed dasdview -f (bsc#1109664) + Clarified -t help description (bsc#1121043) + Fixed grep error in NTP when /etc/cron.d is empty (bsc#1127063) + Collects systemd journal with minimum install (bsc#1094225) + Supportconfig fails on bzip archives (bsc#1120049) + Get few drbd output & configuration #42 ------------------------------------------------------------------ ------------------ 2019-2-28 - Feb 28 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Handle non-versioned dependency in purge-kernels. ++++ kernel-firmware: - Update to version 20190221: * linux-firmware: Add AMD SEV firmware * WHENCE: Correct errant entries * amdgpu: update raven2 rlc firmware * amdgpu: drop raven2_sdma1.bin * linux-firmware: Update firmware file for Intel Bluetooth,9560 * linux-firmware: Update firmware file for Intel Bluetooth,9260 * qca: Add firmware files for BT chip wcn3990. * nvidia: add TU10x typec controller firmware ++++ brltty: - Update to version 6.0: + Too many changes; please read ChangeLog : - Rebased brltty-5.5-systemd-install.patch - api_version is now 0.7.0, and sover is now 0_7 - brltty-systemd-wrapper now installs into /usr/libexec - Pass libexecdir in configure - LICENSE-GPL no longer exists - Package binaries new in 6.0 ++++ libssh: - Avoid build cycle between curl and libssh by using obs hint to prefer curl-mini ++++ openssh: - Correctly filter out non-compliant algorithms when in FIPS mode (bsc#1126397) * A hunk was applied to a wrong place due to a patch fuzz when the fips patch was being ported to openssh 7.9p1 - update openssh-7.7p1-fips.patch ++++ salt: - No longer limiting Python3 version to <3.7 - Async batch implementation - Added: * async-batch-implementation.patch ------------------------------------------------------------------ ------------------ 2019-2-27 - Feb 27 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - BuildRequire libcurl4-mini for !bootstrap to avoid build cycles due to cmake pulling libcurl4 ++++ python-kiwi: - Bump version: 9.17.13 → 9.17.14 ++++ health-checker: - Update to version 1.2 * Add hooks to send telemetrics events ++++ ignition: - Update to version 0.30.0+git20190225.7de027b: * oem: add metal oem * internal/exec: use nonzero default file permissions * *: drop OEM terminology * tests: drop OEMLookaside type * *: drop OEM URI support * tests/validator: show formatted os.FileMode in validateMode error * doc/configuration-v3_0_exp: update with fs changes * tests: refactor bb tests, add mount/umount stages * exec/stages: add mount and umount stages * tests/*: update bb tests for new fs semantics * exec/*: rework files and filesystems * validate/report: add helpers to cut verbosity * engine: log configs on failure and fetched urls * engine: clear highlights before logging reports * internal/exec: log hashes of configs not configs ++++ kernel-default: - BPF: UMH: do not detect if compiler can link userspace program (boo#1127188). - commit 784e336 ++++ libcontainers-common: - Update to libpod v1.1.0 * Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman) * Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf ++++ libvirt: - spec: disable VirtualBox driver ++++ microos-tools: - Re-add requires for perl-JSON, required by create_autoyast_profile ++++ openssh: - Remove the "KexDHMin" config keyword (bsc#1127180) It used to allow lowering of the minimal allowed DH group size, which was increased to 2048 by upstream in the light of the Logjam attack. The code was broken since the upgrade to 7.6p1, but nobody noticed. As apparently no one needs the functionality any more, let's drop the patch. It's still possible to use the fixed 1024-bit diffie-hellman-group1-sha1 key exchange method when working with legacy systems. - drop openssh-7.7p1-disable_short_DH_parameters.patch - updated patches: openssh-7.7p1-fips.patch openssh-7.7p1-fips_checks.patch openssh-7.7p1-gssapi_key_exchange.patch ++++ patterns-base: - Don't hard-require busybox-static in minimal_base (bsc#1126436) - Run pre_checkin.sh ++++ podman: - Update to v1.1.0 * Added --latest and --all flags to podman mount and podman umount * Rootless Podman can now forward ports into containers (using the same -p and -P flags as root Podman) * Rootless Podman will now pull some configuration options (for example, OCI runtime path) from the default root libpod.conf if they are not explicitly set in the user's own libpod.conf * Added an alias -f for the --format flag of the podman info and podman version commands * Added an alias -s for the --size flag of the podman inspect command * Added the podman system info and podman system prune commands * Added the podman cp command to copy files between containers and the host * Added the --password-stdin flag to podman login * Added the --all-tags flag to podman pull * The --rm and --detach flags can now be used together with podman run * The podman start and podman run commands for containers in pods will now start dependency containers if they are stopped * Added the podman system renumber command to handle lock changes * The --net=host and --dns flags for podman run and podman create no longer conflict * Podman now handles mounting the shared /etc/resolv.conf from network namespaces created by ip netns add when they are passed in via podman run --net=ns: * Various bugfixes - full changelog https://github.com/containers/libpod/releases/tag/v1.1.0 - Removed obsolete patch containers-libpod-pull-2225.diff ++++ python-py: - Update to 1.8.0: * add ``"importlib"`` pyimport mode for python3.5+, allowing unimportable test suites to contain identically named modules. * fix ``LocalPath.as_cwd()`` not calling ``os.chdir()`` with ``None``, when being invoked from a non-existing directory. - Drop merged patch separators.patch ++++ salt: - Update to Salt 2019.2.0 release For further information see: https://docs.saltstack.com/en/latest/topics/releases/2019.2.0.html - Added: * add-virt.all_capabilities.patch * add-virt.volume_infos-and-virt.volume_delete.patch * don-t-call-zypper-with-more-than-one-no-refresh.patch * include-aliases-in-the-fqdns-grains.patch * temporary-fix-extend-the-whitelist-of-allowed-comman.patch - Removed: * accounting-for-when-files-in-an-archive-contain-non-.patch * add-engine-relaying-libvirt-events.patch * add-other-attribute-to-gecos-fields-to-avoid-inconsi.patch * add-support-for-python-3.7.patch * align-suse-salt-master.service-limitnofiles-limit-wi.patch * avoid-incomprehensive-message-if-crashes.patch * change-stringio-import-in-python2-to-import-the-clas.patch * decode-file-contents-for-python2-bsc-1102013.patch * do-not-override-jid-on-returners-only-sending-back-t.patch * don-t-error-on-retcode-0-in-libcrypto.openssl_init_c.patch * feat-add-grain-for-all-fqdns.patch * fix-async-call-to-process-manager.patch * fix-decrease-loglevel-when-unable-to-resolve-addr.patch * fix-deprecation-warning-bsc-1095507.patch * fix-diffing-binary-files-in-file.get_diff-bsc-109839.patch * fix-for-ec2-rate-limit-failures.patch * fix-for-errno-0-resolver-error-0-no-error-bsc-108758.patch * fix-for-sorting-of-multi-version-packages-bsc-109717.patch * fix-index-error-when-running-on-python-3.patch * fix-latin1-encoding-problems-on-file-module-bsc-1116.patch * fix-mine.get-not-returning-data-workaround-for-48020.patch * fix-unboundlocalerror-in-file.get_diff.patch * fixed-usage-of-ipaddress.patch * fixing-issue-when-a-valid-token-is-generated-even-wh.patch * get-os_family-for-rpm-distros-from-the-rpm-macros.-u.patch * improved-handling-of-ldap-group-id.patch * only-do-reverse-dns-lookup-on-ips-for-salt-ssh.patch * option-to-merge-current-pillar-with-opts-pillar-duri.patch * prepend-current-directory-when-path-is-just-filename.patch * prevent-zypper-from-parsing-repo-configuration-from-.patch * remove-old-hack-when-reporting-multiversion-packages.patch * retire-md5-checksum-for-pkg-mgmt-plugins.patch * show-recommendations-for-salt-ssh-cross-version-pyth.patch * strip-trailing-commas-on-linux-user-gecos-fields.patch * support-use-of-gce-instance-credentials-109.patch * update-error-list-for-zypper.patch * x509-fixes-for-remote-signing-106.patch - Modified: * add-all_versions-parameter-to-include-all-installed-.patch * add-cpe_name-for-osversion-grain-parsing-u-49946.patch * add-environment-variable-to-know-if-yum-is-invoked-f.patch * add-hold-unhold-functions.patch * add-saltssh-multi-version-support-across-python-inte.patch * azurefs-gracefully-handle-attributeerror.patch * bugfix-any-unicode-string-of-length-16-will-raise-ty.patch * debian-info_installed-compatibility-50453.patch * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch * fall-back-to-pymysql.patch * fix-for-suse-expanded-support-detection.patch * fix-git_pillar-merging-across-multiple-__env__-repos.patch * fix-ipv6-scope-bsc-1108557.patch * fix-issue-2068-test.patch * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch * fixes-cve-2018-15750-cve-2018-15751.patch * get-os_arch-also-without-rpm-package-installed.patch * integration-of-msi-authentication-with-azurearm-clou.patch * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch * use-adler32-algorithm-to-compute-string-checksums.patch * x509-fixes-111.patch * zypper-add-root-configuration-parameter.patch ++++ yast2: - Use /sbin/rpcinfo only, /usr/sbin/rpcinfo is gone (bsc#1127138). - Use the correct path for /usr/bin/ifconfig (bsc#1127138). - 4.1.56 ------------------------------------------------------------------ ------------------ 2019-2-26 - Feb 26 2019 ------------------- ------------------------------------------------------------------ ++++ libtirpc: - add option to enforce connection via protocol version 2 first (bsc#1120689) - add 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch ++++ podman: - Update to conmon from cri-o v1.13.1 * oci: read conmon process status ------------------------------------------------------------------ ------------------ 2019-2-25 - Feb 25 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - purge-kernels: Avoid endless loop when uninstalling kernels that depend on KMPs which in themselves depend on other packages (bsc#1125327) ++++ kernel-default: - Update to 5.0-rc8 - Eliminated 1 patch - commit 4ddf057 ++++ libssh: - Update to version 0.8.7 * Fixed handling extension flags in the server implementation * Fixed exporting ed25519 private keys * Fixed corner cases for rsa-sha2 signatures * Fixed some issues with connector ++++ libzypp: - Correctly handle exceptions when verifying the medium (bsc#1065022) - Only write type field when probing (bsc#1114908) - Don't blame user on TargetAbortedException (bsc#978193) - version 17.11.2 (9) ++++ zypper: - Offer to change the 'runSearchPackages' config option at the prompt (bsc#1119373, FATE#325599) - Prompt: provide a 'yes/no/always/never' prompt. - Prompt: support "#NUM" as answer to select the NUMth option... - Augeas: enable writing back changed option values (to ~/.zypper.conf) - removelocale: fix segfault - Move needs-restarting command to subpackage (fixes #254) - Allow empty string as argument (bsc#1125415) - Provide a way to delete cache for volatile repositories (bsc#1053177) - Adapt to boost-1.69 requiring explicit casts tribool->bool (fixes #255) - Show support status in info if not unknown (bsc#764147) - version 1.14.26 ------------------------------------------------------------------ ------------------ 2019-2-24 - Feb 24 2019 ------------------- ------------------------------------------------------------------ ++++ NetworkManager: - Update to version 1.14.6: + Fix memory corruption in internal DHCPv6 client (CVE-2018-15688). + No longer limit number of search entires in resolv.conf to 6. + Support restricting NetworkManager.conf device configuration based on used DHCP plugin. + Add "${MAC}" specifier for connection.stable-id. This uses the current MAC address for seeding the stable generation of MAC address, DHCP client-id or IPv6 stable-privacy interface identifier. + Support special value "duid" for "ipv4.dhcp-client-id". This generates an RFC4361-compliant client-id like the internal DHCP client used to do by default. Previously, there was no explicit name for such a client-id and it was not usable with dhclient DHCP plugin. This also generates the same client-id as systemd-networkd does by default. + Support and use a new kind of secret-key in "/var/lib/NetworkManager/secret_key". The secret-key represents the identity of the machine that is used for various purposes like generating IPv6 stable privacy addesses. It is now combined with "/etc/machine-id" so that changing only the machine-id results in new identifiers. That matters for example when cloning a virtual machine. Previously, the user hard to prune NetworkManager's secret-key to get a new identity, now regenerating machine-id suffices. Secret-keys generated by earlier versions of NetworkManager are not affected and keep their previous behavior. + Fix the DHCP client-ids based on the MAC address of IPoIB/infiniband devices. + Fix restoring IP configuration after interface went down. + No longer let NetworkManager touch rp_filter setting. The rp_filter sysctl must now be set outside of NetworkManager according to the admin's preference. Note that a strict rp_filter may break valid use-cases and interacts badly with connectivity checking. + Various bug fixes and improvements. ------------------------------------------------------------------ ------------------ 2019-2-22 - Feb 22 2019 ------------------- ------------------------------------------------------------------ ++++ ebtables: - Add upstream patches which improve handling stale locks. (boo#1126094) * 0001-Use-flock-for-concurrent-option.patch * 0002-Fix-locking-if-LOCKDIR-does-not-exist.patch ++++ kernel-default: - net: crypto set sk to NULL when af_alg_release (CVE-2019-8912 bsc#1125907). - commit 3aed52e - config: enable PREEMPT_VOLUNTARY (bsc#1125004) Switch to PREEMPT_VOLUNTARY everywhere except s390x/zfcpdump. - commit f62cec7 ++++ efivar: - Update to 37 + Improve ACPI device path formatting + Add support for SOC devices that use FDT as their PCI root node + Make devices we can't parse the "device" sysfs link for use DEV_ABBREV_ONLY + Handle SCSI port numbers better + Don't require an EUI for NVMe (boo#1100077) + Fix the accidental requirement on ACPI UID nodes existing + Add support for EMMC devices + Add support for PCI root nodes without a device link in sysfs + Add support for partitioned MD devices + Fix partition number detection when the number isn't provided + Add support for ACPI Generic Container and Embedded Controller root nodes (boo#1101023) + Add limited support for SAS/SATA port expanders - Add upstream patches to fix boo#1120862 + efivar-make-format_guid-handle-misaligned-guid-pointer.patch + efivar-Fix-all-the-places-Werror-address-of-packed-member-c.patch - Drop upstreamed reproducible.patch - Refresh libefiboot-export-disk_get_partition_info.patch - Use %license for COPYING ++++ qemu: - Package and cross-build rom files for aarch64 from SLE15/Leap15.0 to fix boo#1125964 - Add patch to fix seabios cross-compilation: * seabios-fix_cross_compilation.patch - Add patch to fix sgabios cross-compilation: * sgabios-fix-cross-build.patch ++++ rpm: - Re-add symset-table from SLE 12 (bsc#1126327). add: symset-table ------------------------------------------------------------------ ------------------ 2019-2-21 - Feb 21 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fixed disk detection from root device The method lookup_disk_device_from_root assigns the disk device matching the root device uuid. However in a multipath environment multiple disk devices matches the same root device. The code to assign the multipath map in this case was missing in the dracut code base. This Fixes #954 and Fixes bsc#1126283 and bsc#1126318 ++++ file: - Add patch 0002-PR-62-spinpx-limit-size-of-file_printable.patch to fix bsc#1126117, bsc#1126118, and bsc#1126119 for CVE-2019-8905, CVE-2019-8906, and CVE-2019-8907 ++++ glib-networking: - Update to version 2.59.91: + Update OpenSSL SSL struct when certificate is changed. + Fix tests build when GnuTLS is disabled. + Remove Fedora-specific PROFILE=SYSTEM default cipher list. + Fix some problems with the connection tests. ++++ gsettings-desktop-schemas: - Update to version 3.31.91: + Updated translations. ++++ python-rpm-macros: - Update to version 20190221.08f1194: * Actually make pytest into function to capture arguments as well * Add pytest definitions. ++++ qemu: - Fix _constraints to include all architectures for disk size (fix aarch64) ------------------------------------------------------------------ ------------------ 2019-2-20 - Feb 20 2019 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix LOADER_TYPE parsing in grub2-once (boo#1122569) ++++ Mesa: - remove n_Disable-Xshm-for-now-since-it-results-in-render-erro.patch; keeping that one reintroduced render errors and missing screen refreshes on GNOME3 in a qemu VM (cirrus emulation); the issue has been fixed in a different and better way since 18.3.3; this is related to bsc#1118149 ++++ libidn2: - update to 2.1.1 CVE-2019-18224 bsc#1154887: * Revert SONAME bump from release 2.1.0 * Fix NULL dereference in idn2_register_u8() and idn2_register_ul() * Fix free of random value in idn2_to_ascii_4i() * Improved fuzzer (which found the above issues) * Check for valid unicode input in punycode encoder * Avoid excessive CPU usage in punycode encoding with large inputs * Deprecate idn2_to_ascii_4i() in favor of idn2_to_ascii_4i2() * Restrict output length of idn2_to_ascii_4i() to 63 bytes ------------------------------------------------------------------ ------------------ 2019-2-19 - Feb 19 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 0.30.0+git20190215.cc767cc: * vendor: remove unused dependency go4.org * config: replace go4's errorutil with own impl ++++ kernel-default: - rpm/klp-symbols: Remove the second column in Symbols.list Symbols.list file contains also a symbol type next to its name. klp-convert cannot handle it well and it is superfluous anyway. - commit 62a0a00 ++++ libcontainers-common: - Upgrade to storage v1.10 * enable parallel blob reads * Teach images to hold multiple manifests * Move structs for storage.conf to pkg/config - Upgrade to libpod v1.0.1 * Do not unmarshal into c.config.Spec * spec: add nosuid,noexec,nodev to ro bind mount ++++ Mesa: - Update to 18.3.4 * A fix in the XvMC state-tracker, which was causing some video attributes to not take affect. On the video front the VAAPI state tracker has seen improvements with VP9 streams while the amdgpu driver advertises all available profiles. * On Intel side we have compiler fixes and extra PCI IDs for Coffee Lake and Ice Lake parts. In the Broadcom drivers a couple of memory leaks were addressed and the NEON assembly should compile properly on armhf. * Other drivers such as radeonsi, nouveau and freedreno have also seen some love. The RADV driver has seen addressed to compile correctly with GCC9 amongst other changes. * The Xlib based libGL have been addressed to work with X servers, which lacks the MIT-SHM extension such as XMing. * To top it up we have a few fixes to the meson build system. ++++ systemd: - Import commit a1d86af7ed49dacef671e8ec8dae9472a8fa47f5 92d860fc12 sysctl: Don't pass null directive argument to '%s' (bsc#1121563) 1379e30d59 Allocate temporary strings to hold dbus paths on the heap (bsc#1125352 CVE-2019-6454) b5569a03ae Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (bsc#1125352 CVE-2019-6454) ++++ libvirt: - qemu: don't use CAP_DAC_OVERRIDE capability if non-root 620d9dd5-qemu-no-dac-override-nonroot.patch boo#1125665 ++++ patterns-base: - ppc64-diag is required on ppc64le (bsc#1098849). ++++ podman: - Upgrade to v1.0.1 * rootless: join both userns and mount namespace with --pod * rootless: create the userns immediately when creating a new pod * Preserve exited state across reboot * podman image prune -- implement all flag * Add varlink support for prune * Make --quiet work in podman create/run * rootless: fix --pid=host without --privileged * podman-inspect: don't ignore errors ++++ systemd-presets-branding-MicroOS: - Make MicroOS specific (remove CaaSP specific services) ------------------------------------------------------------------ ------------------ 2019-2-18 - Feb 18 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.0-rc7 - commit b094e66 ++++ microos-tools: - Create own standalone microos-tools package - Update to version 1.0+git20190218.9e72dd7: * Move SUSE CaaS Platform specific code to CaaSP directory * Move core files to /var/tmp, /tmp could be tmpfs * Add service to print environment for debugging ++++ openssh: - Handle brace expansion in scp when checking that filenames sent by the server side match what the client requested [bsc#1125687] * openssh-7.9p1-brace-expansion.patch ++++ supportutils: - Corrected missed SUSE separation lines - Fixed invalid exit code commands (bsc#1125666) - CVE-2018-19640: supportutils: Users can kill arbitrary processes (CVE-2018-19640 bsc#1118463) - User can overwrite arbitrary log files in support tar (CVE-2018-19638 bsc#1118460) - Code execution if run with -v (CVE-2018-19639 bsc#1118462) - Static temporary filename allows overwriting of files (CVE-2018-19637 bsc#1117776) ++++ suse-module-tools: - Update to version 15.1.11 (git 54df192): * spec file: use more gentle wording in blacklist files * spec file: drop jffs2 and ubifs from blacklist ++++ systemd-presets-branding-MicroOS: - Enable tallow by default. ++++ yast2: - Fixed license file ordering issue causing a random test failure (bsc#1125722) - 4.1.55 ------------------------------------------------------------------ ------------------ 2019-2-17 - Feb 17 2019 ------------------- ------------------------------------------------------------------ ++++ gsettings-desktop-schemas: - Update to version 3.31.90: + Updated default monospace font. + More meson build fixes. + Updated translations. - Switch to meson build system, add meson BuildRequires and macros. - Drop obsolete gnome-common and intltool BuildRequires. ------------------------------------------------------------------ ------------------ 2019-2-15 - Feb 15 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Avoid "Failed to chown ... Operation not permitted" when run from non-root, by not copying xattrs. (osc#1092178) * adds 0593-dracut-only-copy-xattr-if-root.patch ++++ ignition: - Update to version 0.30.0+git20190206.aad24ad: * doc/development: add note to run individual blackbox tests * tests/types: add comments on some members of Test * internal/*: drop support for default.ign config files ++++ systemd: - Import commit 01b4746d3c6f6cbf969fa2176c77ac3f616a7eda 7af53e005b sd-bus: if we receive an invalid dbus message, ignore and proceeed 92dcbfdd7f bus: move BUS_DONT_DESTROY calls after asserts a83e7b3b43 automount: don't pass non-blocking pipe to kernel. 726127ea1d units: make sure initrd-cleanup.service terminates before switching to rootfs (bsc#1123333) a6347a3cb6 core: Fix use after free case in load_from_path() (bsc#1121563) 22e2550222 strv: rework FOREACH_STRING() macro (bsc#1121563) 2ddd38f41a test,systemctl,nspawn: use "const char*" instead of "char*" as iterator for FOREACH_STRING() c2c8333e0b strv: add new macro STARTSWITH_SET() 1db243a601 Update systemd-system.conf.xml (bsc#1122000) ++++ python-py: - Make tests never fail as they are borked on pytest-4 with most probably no intention of being ever fixed - Make tests really pass on pytest 3.x series - Add patch to operate better with serparators (from upstream git): * separators.patch ++++ qemu: - Revert upstream patch which declares x86 vmx feature a migration blocker. Given the proliferation of using vm's with host features passed through and the general knowledge that nested virtualization has many usage caveats, but still gets put in use in restricted scenarios, this patch did more harm than good, I feel. So despite this relaxation, please consider yourself warned that nested virtualization is not yet a supportable feature. (bsc#1121604) 0058-Revert-target-i386-kvm-add-VMX-migr.patch - Fix SEV VM device assignment (bsc#1123205) 0059-memory-Fix-the-memory-region-type-a.patch 0060-target-i386-sev-Do-not-pin-the-ram-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 ++++ supportutils: - Included additional SUSE separation (bsc#1125609) - Merged added listing of locked packes by zypper #41 ------------------------------------------------------------------ ------------------ 2019-2-14 - Feb 14 2019 ------------------- ------------------------------------------------------------------ ++++ gobject-introspection: - Update to version 1.59.4: + tests: Add functions using flat struct arrays. + Clean shebangs out of non-executable scripts and drop exec perm from xmlwriter.py. + maintransformer: parse deprecation annotations for section blocks. + repository: g_irepository_get_object_gtype_interfaces. + message: handle fatal errors even if warnings are disabled. + autotools: Fix build with ``-Wl,--as-needed``. + maintransformer: Don't warn on (optional) annotations on (inout). + girepository: Fix a possible use-after-free if g_mapped_file_new() fails and fix possible leak of transitive dependency names. ++++ glib-networking: - Update to version 2.59.90: + This release adds an OpenSSL backend, obsoleting the glib-openssl project. + The OpenSSL backend seems to be mature, though it is less well-tested for desktop usage than the GnuTLS backend. It will remain disabled by default at build time due to the GPL-incompatible nature of the OpenSSL license -- and the GPLv2-incompatible nature of the Apache license that will be used by future versions of OpenSSL -- and because the GnuTLS backend is sufficient for Linux distros. + Use the OpenSSL backend if you are building an embedded system where (GPLv2+ or LGPLv3+) dependencies are unacceptable (e.g. nettle or GMP, both dependencies of GnuTLS) and you are OK with the GPL-incompatible OpenSSL license. If the OpenSSL backend is enabled at build time, you should probably disable build of the GnuTLS backend, or it will take precedence over the OpenSSL backend at runtime. ++++ makedumpfile: - makedumpfile-ppc64-VA-range-SUSE.patch: Use correct l3 index size with SLE15-SP1 ppc64le kernels (bsc#1123015). - Update to 1.6.5 * Improve support for arm64 system with KASLR * Support kernels up to 4.19.4 ++++ openssh: - Updated security fixes: * [bsc#1121816, CVE-2019-6109] Sanitize scp filenames via snmprintf and have progressmeter force an update at the beginning and end of each transfer. Added patches: - openssh-CVE-2019-6109-sanitize-scp-filenames.patch - openssh-CVE-2019-6109-force-progressmeter-update.patch * [bsc#1121821, CVE-2019-6111] Check in scp client that filenames sent during remote->local directory copies satisfy the wildcard specified by the user. Added patch: - openssh-CVE-2019-6111-scp-client-wildcard.patch * Removed openssh-7.9p1-scp-name-validator.patch - Change the askpass wrapper to not use x11 interface: * by default we use the -gnome UI (which is gtk3 only, no gnome dep) * if desktop is KDE/LxQt we use ksshaskpass ++++ patterns-base: - Add busybox-static to Minimal system so people can recover really broken systems ++++ python-gobject: - Update to version 3.31.3: + Speed up destruction of boxed types and GObject.Value.set_value() calls. This makes appending to a Gtk.TreeModel nearly twice as fast for example. + Allow passing None for boolean parameters. + meson: Install .egg-info directory to arch'd dir. + gtk overrides: raise in case Gtk.Window is instantiated after gtk_init failed. + gio overrides: Warn when creating various dbus types without a constructor. + tests: - Fix tests with glib 2.59.x. - Fix test_atoms failing in some environments. ++++ sysconfig: - version 0.85.2 - Fixed changes file to mention relevant github pull requests. - Removed remaining preun rpm hook from EOL openSUSE versions - Merged /var/adm/netconfig move revert from openSUSE:Factory causing to not find md5 sums from previous netconfig version due to incorrectly merged hook in spec file and trouble on transactional systems without writeable /var/lib/netconfig. Removed obsoletes revert-var-adm-lib-netconfig-move.patch. (bsc#1124152,bsc#1124340). - Merged rpm spec bash section marks (gh#openSUSE/sysconfig#23) ++++ transactional-update: - Update to version 2.13.1 - Bugfix: Clean up empty /etc snapshot directories again - Use official release files from GitHub for building - Update to version 2.13 - Fix a serious data loss problem (deleting all files in /etc overlays) in case /var/lib/overlay/etc is not part of any snapshot any more. - Avoid error message in case a system has no /etc/fstab.sys ++++ u-boot-rpiarm64: - Add qemu-riscv64 - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.01 * Patches added to fix bsc#1124137: 0008-Revert-efi_loader-query-serial-cons.patch ------------------------------------------------------------------ ------------------ 2019-2-13 - Feb 13 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - Update to version 2.59.2: + Fix check on GDBusMessage size when reading it. + Add async GIO API: g_file_query_default_handler_async(), g_app_info_launch_uris_async(). + Fix some bugs in the Happy Eyeballs implementation. + Install a new generated header with enum types for Unicode enums. + Support the XDG trash portal. + Bugs fixed: glgo#GNOME/GLib#1224, glgo#GNOME/GLib#1249, glgo#GNOME/GLib#1347, glgo#GNOME/GLib#1376, glgo#GNOME/GLib#1642, glgo#GNOME/GLib#1646, glgo#GNOME/GLib#1649, glgo#GNOME/GLib#1673, glgo#GNOME/GLib!276, glgo#GNOME/GLib!481, glgo#GNOME/GLib!585, glgo#GNOME/GLib!593, glgo#GNOME/GLib!609, glgo#GNOME/GLib!619, glgo#GNOME/GLib!622, glgo#GNOME/GLib!626, glgo#GNOME/GLib!627, glgo#GNOME/GLib!629, glgo#GNOME/GLib!630. + Updated translations. ++++ kernel-firmware: - Update to version 20190212: * bnx2x: Add FW 7.13.11.0. (bsc#1132303,bsc#1136498) * amdgpu: add firmware for vega20 from 18.50 * amdgpu: bump year on license * linux-firmware: update Marvell PCIe-USB8997 firmware image * linux-firmware: update Marvell SD8897-B0 firmware image * linux-firmware: add Marvell SD8977 firmware image * ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00021 * ath10k: QCA988X hw2.0: update firmware-5.bin to 10.2.4-1.0-00043 * ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00024 * ath10k: QCA6174 hw3.0: update board-2.bin ++++ policycoreutils: - Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437) ------------------------------------------------------------------ ------------------ 2019-2-12 - Feb 12 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - Correct fix for displaying text on emergency consoles (boo#1124088) * removes 0589-Fix-displaying-text-on-emergency-consoles.patch * adds 0589-Fix-98dracut-systemd-dracut-emergency.sh.patch - 95iscsi: handle qedi like bnx2i (bsc#1113712) * adds 0592-95iscsi-handle-qedi-like-bnx2i.patch ++++ grub2: - Create compatibility sym-link of grub.xen in the old location to which old VM definition is pointing (bsc#1123942) ++++ mdadm: - Detail.c: do not skip first character when calling xstrdup in Detail() (bsc#1123814) 0009-Detail.c-do-not-skip-first-character-when-calling-xs.patch ++++ permissions: - Added 0001-whitelisting-update-virtualbox.patch (bsc#1120650) New whitelisting for /usr/lib/virtualbox/VirtualBoxVM and removed stale entries for VirtualBox - Added 0002-consistency-between-profiles.patch Ensure consistency of entries, otherwise switching between settings becomes problematic - Added 0003-var-run-postgresql.patch (bsc#1123886) Whitelist for postgresql. Currently the checker doesn't complain because the directories aren't packaged, but that might change and/or our checkers might improve ++++ python-py: - Drop the doc subpackage, no need for it really - Make sure the tests are realy executed ------------------------------------------------------------------ ------------------ 2019-2-11 - Feb 11 2019 ------------------- ------------------------------------------------------------------ ++++ glib2: - BuildIgnore glib2-devel: since we have to require gtk-doc in order to produce the doc, we gained an implicit dependency on ourselves. The gtk-doc dependency is correct, but glib happens to be buildable without this dependency too. - Rework the check section to be in an own if/endif block so that spec-cleaner is not getting confused by it. ++++ kernel-default: - Update to 5.0-rc6 - commit eb4b248 ++++ libdrm: - back to subpackage name libdrm-tools as requested by jengelh@inai.de ++++ mozjs60: - riscv-support.patch: fix last change ++++ openssl-1_1: - Add s390x poly1305 vectorized implementation (fate#326351) * https://github.com/openssl/openssl/pull/7991 - add 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch ++++ libssh: - Drop doxygen from dependencies to avoid buildcycle * the documentation is available online anyway for anyone to consume and consult http://api.libssh.org ++++ nvme-cli: - Regenerate documentation (bsc#1124713) * Add 0007-Regen-docs.patch - Minor cleanup for submit_io (bsc#1124713) * Add 0008-nvme-cli-minor-cleanup-for-submit_io.patch - Regenerate documentation ((bsc#1124713) * Add 0009-Regen-documentation.patch - Fix fc_trtype string (bsc#1124713) * Add 0010-nvme-cli-fix-fc-trtype-string.patch - Add 71-nvme-iopolicy-netapp.rules (bsc#1124564) * Add 0101-71-nvme-iopolicy-netapp.rules-add-default-rules-for-.patch ++++ qemu: - Remove 71-sev.rules, which modifies the default permissions of /dev/sev by adding the kvm group as reader/writer. Upstream decided to take a different approach for libvirt to manage SEV due to security concerns which I agree overrides the convenience of providing /dev/sev access to all the kvm group (bsc#1124842 bsc#1102604) ++++ zypper: - Fix installing plain rpm files with `zypper in` (bsc#1124897) - Show only required info in the summary in quiet mode (bsc#993025) - version 1.14.25 ------------------------------------------------------------------ ------------------ 2019-2-9 - Feb 9 2019 ------------------- ------------------------------------------------------------------ ++++ sysconfig: - HOTPATCH (to be reverted): revert-var-adm-lib-netconfig-move.patch ------------------------------------------------------------------ ------------------ 2019-2-8 - Feb 8 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/kernel-binary.spec.in: Build livepatch support in SUSE release projects (bsc#1124167). - commit 7519080 ++++ libvirt: - qemu: fix issues related to restricted permissions on /dev/sev b6440119-qemu-conf-sev.patch, a404ac34-qemu-cgroup-sev.patch, 6fd4c8f8-qemu-domain-sev.patch, 17f6a257-security-dac-sev.patch, a2d3dea9-qemu-caps-dac-override-sev.patch bsc#1124842 ++++ suse-module-tools: - Update to version 15.1.10 (git b28b13d): - implemented fs blacklisting logic (jsc#SLES-4085, fate#326832) ------------------------------------------------------------------ ------------------ 2019-2-7 - Feb 7 2019 ------------------- ------------------------------------------------------------------ ++++ dracut: - 91zipl: Don't use contents of commented lines (osc#1119499) * adds 0591-91zipl-Don-t-use-contents-of-commented-lines.patch ++++ yast2: - Firewall: added some help methods for moving interfaces between zones in a safe way (fate#324662). - 4.1.54 ++++ zypper: - Stay with legacy behavior and return ZYPPER_EXIT_INF_REBOOT_NEEDED only for patches. We don't extend this return code to packages, although they may also carry the 'reboot-needed' attribute. The preferred way to test whether the system needs to be rebooted is `zypper needs-rebooting`. (openSUSE/zypper#237) - Skip repository on error (bsc#1123967) - Adapt testcase as repeated options lo longer throw (bsc#1123865) - version 1.14.24 ------------------------------------------------------------------ ------------------ 2019-2-6 - Feb 6 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - update to version 7.64.0 [bcs#1123371, CVE-2018-16890][bcs#1123377, CVE-2019-3822] [bcs#1123378, CVE-2019-3823] * Changes: - cookies: leave secure cookies alone - hostip: support wildcard hosts - http: Implement trailing headers for chunked transfers - http: added options for allowing HTTP/0.9 responses - timeval: Use high resolution timestamps on Windows * Bugfixes: - CVE-2018-16890: NTLM type-2 out-of-bounds buffer read - CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow - CVE-2019-3823: SMTP end-of-response out-of-bounds read - FAQ: remove mention of sourceforge for github - OS400: handle memory error in list conversion - OS400: upgrade ILE/RPG binding. - README: add codacy code quality badge - Revert http_negotiate: do not close connection - THANKS: added several missing names from year <= 2000 - build: make 'tidy' target work for metalink builds - cmake: added checks for variadic macros - cmake: updated check for HAVE_POLL_FINE to match autotools - cmake: use lowercase for function name like the rest of the code - configure: detect xlclang separately from clang - configure: fix recv/send/select detection on Android - configure: rewrite --enable-code-coverage - conncache_unlock: avoid indirection by changing input argument type - cookie: fix comment typo - cookies: allow secure override when done over HTTPS - cookies: extend domain checks to non psl builds - cookies: skip custom cookies when redirecting cross-site - curl --xattr: strip credentials from any URL that is stored - curl -J: refuse to append to the destination file - curl/urlapi.h: include "curl.h" first - curl_multi_remove_handle() don't block terminating c-ares requests - darwinssl: accept setting max-tls with default min-tls - disconnect: separate connections and easy handles better - disconnect: set conn->data for protocol disconnect - docs/version.d: mention MultiSSL - docs: fix the --tls-max description - docs: use $(INSTALL_DATA) to install man page - docs: use meaningless port number in CURLOPT_LOCALPORT example - gopher: always include the entire gopher-path in request - http2: clear pause stream id if it gets closed - if2ip: remove unused function Curl_if_is_interface_name - libssh: do not let libssh create socket - libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh - libssh: free sftp_canonicalize_path() data correctly - libtest/stub_gssapi: use "real" snprintf - mbedtls: use VERIFYHOST - multi: multiplexing improvements - multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time - ntlm: fix NTMLv2 compliance - ntlm_sspi: add support for channel binding - openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated - openssl: fix the SSL_get_tlsext_status_ocsp_resp call - openvms: fix OpenSSL discovery on VAX - openvms: fix typos in documentation - os400: add a missing closing bracket - os400: fix extra parameter syntax error - pingpong: change default response timeout to 120 seconds - pingpong: ignore regular timeout in disconnect phase - printf: fix format specifiers - runtests.pl: Fix perl call to include srcdir - schannel: fix compiler warning - schannel: preserve original certificate path parameter - schannel: stop calling it "winssl" - sigpipe: if mbedTLS is used, ignore SIGPIPE - smb: fix incorrect path in request if connection reused - ssh: log the libssh2 error message when ssh session startup fails - test1558: verify CURLINFO_PROTOCOL on file:// transfer - test1561: improve test name - test1653: make it survive torture tests - tests: allow tests to pass by 2037-02-12 - tests: move objnames-* from lib into tests - timediff: fix math for unsigned time_t - timeval: Disable MSVC Analyzer GetTickCount warning - tool_cb_prg: avoid integer overflow - travis: added cmake build for osx - urlapi: Fix port parsing of eol colon - urlapi: distinguish possibly empty query - urlapi: fix parsing ipv6 with zone index - urldata: rename easy_conn to just conn - winbuild: conditionally use /DZLIB_WINAPI - wolfssl: fix memory-leak in threaded use - spnego_sspi: add support for channel binding ++++ rdma-core: - Update to rdma-core v22.1 (bsc#1104280) * No release notes available ++++ read-only-root-fs: - Update description to reflect new behaviour - Fix creation of overlay directories - Fix file list - Update to version 1.0+git20190206.586e9f1: * Remove migration code, only handle the initial setup here * Drop use of fstab.sys * Use a dracut config file instead of a module ++++ runc: - Add fix for CVE-2019-5736 (effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary). bsc#1121967 + CVE-2019-5736.patch ------------------------------------------------------------------ ------------------ 2019-2-5 - Feb 5 2019 ------------------- ------------------------------------------------------------------ ++++ policycoreutils: - Replace overly complicated %setup calls. ------------------------------------------------------------------ ------------------ 2019-2-4 - Feb 4 2019 ------------------- ------------------------------------------------------------------ ++++ cyrus-sasl: - bnc#1044840 syslog is polluted with messages "GSSAPI client step 1" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I've removed it. * add cyrus-sasl-fix-logging-in-gssapi.patch ++++ dracut: - Fix displaying text on emergency consoles (boo#1124088) - adds 0589-Fix-displaying-text-on-emergency-consoles.patch - Fix systemd version check, will be required for systemd v241 - 0590-00systemd-check-if-systemd-version-is-a-number.patch ++++ health-checker: - Update to version 1.1 * new plugins for crio and kubelet - Add new sub-package with test cases for openSUSE Kubic ++++ Mesa: - Update to 18.3.3 * In this release we have: A memory leak fix in the etnaviv driver, better NEON assembly code in vc4 and couple of stability improvements to the radeonsi driver. Another memory leak affecting all gallium drivers have also been addressed. * The time required to compile GLSL shaders with large amount of uniforms, such as Godot, has been improved. * GLX and swrast have also seen some improvements. * On the Vulkan side, the ANV driver adjusted the number of images supported for gen8 and earlier to 8, while for newer hardware it remains the same 64. The RADV driver has seens a collection of stability improvements and fix for the Vulkan version advertised in some corner cases. * To top it all up, the meson build system has seen a steady amount of fixes: the DSO version for the VDPAU drivers is now included, ICC compatibility patches, opencl handling and relaxed handling when building osmesa. - adjusted n_Disable-Xshm-for-now-since-it-results-in-render-erro.patch ++++ policycoreutils: - Removed hardcoded python 3.6 path from spec file ++++ selinux-policy: - Update to refpolicy 20190201. New modules for chromium, hostapd, and sigrok and minor fixes for existing modules. Refreshed suse_modifications_usermanage.patch ------------------------------------------------------------------ ------------------ 2019-2-3 - Feb 3 2019 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update to 5.0-rc5 - Config changes: - x86: - X86_RESCTRL renamed to X86_CPU_RESCTRL - commit a42dcc6 ++++ mozjs60: - update to ESR codebase (60.4.0) - rebased riscv-support.patch ------------------------------------------------------------------ ------------------ 2019-2-2 - Feb 2 2019 ------------------- ------------------------------------------------------------------ ++++ libcontainers-common: - Restore non-upstream storage.conf, needed by CRI-O ++++ mozjs60: - mozjs60-mozilla-s390-bigendian.patch: rediff and apply on more big endian archs - mozjs60-xulrunner-24.0-s390-inlines.patch: remove - Replace icudt58b.dat.xz by icudt60b.dat.xz - riscv-support.patch: add basic support for riscv64 ------------------------------------------------------------------ ------------------ 2019-2-1 - Feb 1 2019 ------------------- ------------------------------------------------------------------ ++++ lvm2-device-mapper: - Disable the LVM lock daemon using sanlock, in order to avoid the dependence on sanlock related packages (bsc#1121382) ++++ util-linux: - libmount: print a blacklist hint for "unknown filesystem type" (jsc#SUSE-4085, fate#326832), and add documentation * add libmount-print-a-blacklist-hint-for-unknown-filesyst.patch * add Add-documentation-on-blacklisted-modules-to-mount-8-.patch ++++ lvm2: - Disable the LVM lock daemon using sanlock, in order to avoid the dependence on sanlock related packages (bsc#1121382) ++++ qemu: - Increase memory needed to build qemu-testsuite for ppc* arch's in _constraints file ++++ util-linux-systemd: - libmount: print a blacklist hint for "unknown filesystem type" (jsc#SUSE-4085, fate#326832), and add documentation * add libmount-print-a-blacklist-hint-for-unknown-filesyst.patch * add Add-documentation-on-blacklisted-modules-to-mount-8-.patch ------------------------------------------------------------------ ------------------ 2019-1-31 - Jan 31 2019 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fixup code issues reported by new flake8 version Travis has updated the flake8 version which caused more strict issue reports on the code. This commit fixes the new issues reported by flake8 - Changed default value for bundler compression If no compression is configured in the kiwi config file the default was set to: False. However this lead to big trouble on the obs side for images which has fixed storage disk sizes configured, e.g Azure images which requests 30G disk size per instance. Thus the default for the bundler compression has changed to be: True ++++ mozilla-nss: - update to NSS 3.41.1 * (3.41) required by Firefox 65.0 New functionality * Implemented EKU handling for IPsec IKE. (bmo#1252891) * Enable half-closed states for TLS. (bmo#1423043) * Enabled the following ciphersuites by default: (bmo#1493215) TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_GCM_SHA384 Notable changes * The following CA certificates were added: CN = Certigna Root CA CN = GTS Root R1 CN = GTS Root R2 CN = GTS Root R3 CN = GTS Root R4 CN = UCA Global G2 Root CN = UCA Extended Validation Root * The following CA certificates were removed: CN = AC Raíz Certicámara S.A. CN = Certplus Root CA G1 CN = Certplus Root CA G2 CN = OpenTrust Root CA G1 CN = OpenTrust Root CA G2 CN = OpenTrust Root CA G3 Bugs fixed * Reject empty supported_signature_algorithms in Certificate Request in TLS 1.2 (bmo#1412829) * Cache side-channel variant of the Bleichenbacher attack (bmo#1485864) (CVE-2018-12404) * Resend the same ticket in ClientHello after HelloRetryRequest (bmo#1481271) * Set session_id for external resumption tokens (bmo#1493769) * Reject CCS after handshake is complete in TLS 1.3 (bmo#1507179) * Add additional null checks to several CMS functions to fix a rare CMS crash. (bmo#1507135, bmo#1507174) (3.41.1) - removed obsolete patches nss-disable-ocsp-test.patch ++++ NetworkManager: - Add NM-add-wifi-scan-polkit-rule.patch: Adding a new polkit action "org.freedesktop.NetworkManager.wifi-scan" so that distributions can add specific rule to allow Wi-Fi scans (bsc#1122262, glfo#NetworkManager/NetworkManager!68). ++++ libzypp: - CheckAccessDeleted: Suppress reporting `/memfd:` pseudo files (bsc#1123843) - MediaCurl: improve reporting https->http redirection errors - Prevent SEGV if the application sets an empty TextLocale - Url: don't force printing an empty authority if the schema does not allow authority at all - Try to the missing rpmDB compat symlink in case the rpm package got deleted (bsc#1122471) - version 17.11.1 (9) ++++ policycoreutils: - Fix build with python 3.7 ++++ raspberrypi-firmware: - Update to 81cca1a (2019-01-22): * firmware: Added ability to have an third transpose buffer See: #837 * firmware: isp: Correct the conversion tables changed in adding the gamma block See: #1084 * firmware: raspberrypi_full variant: Drop unused Camplus sw stages * bootcode: Reset WiFi and BT devices before resetting the expander See: #1088 * bootcode: Fix Ethernet boot on a different subnet See: #1078 * firmware: interface: Drop vcfiled See: raspberrypi/userland#525 * firmware: Add reference counting to the local audio players See: #547 * firmware: arm_loader: Add reporting the firmware git hash via the mailbox * firmware: vcos: Add reporting of which variant was built See: raspberrypi/linux#2806 * firmware: Update vcdbg help See: #594 ++++ raspberrypi-firmware-config: - Update to 81cca1a (2019-01-22): * firmware: Added ability to have an third transpose buffer See: #837 * firmware: isp: Correct the conversion tables changed in adding the gamma block See: #1084 * firmware: raspberrypi_full variant: Drop unused Camplus sw stages * bootcode: Reset WiFi and BT devices before resetting the expander See: #1088 * bootcode: Fix Ethernet boot on a different subnet See: #1078 * firmware: interface: Drop vcfiled See: raspberrypi/userland#525 * firmware: Add reference counting to the local audio players See: #547 * firmware: arm_loader: Add reporting the firmware git hash via the mailbox * firmware: vcos: Add reporting of which variant was built See: raspberrypi/linux#2806 * firmware: Update vcdbg help See: #594 ++++ raspberrypi-firmware-dt: - Update to 8f862eec9 (2019-01-29): * dtoverlays: Correct DT handling camera GPIOs * overlays: Add mcp342x overlay * overlays: mcp23017: Support the MCP23008 * overlays: Add ssd1306 overlay for OLED display * overlays: sdio: Add enhanced 1-bit support * dtoverlays: fe-pi-audio: fix sgtl5000 compatible string * overlays: Update README with removal of lirc-rpi * Add overlay for SLB9760 Iridium /LetsTrust TPM * lirc-rpi: Remove in favour of gpio-ir * overlays: Update upstream overlay * dtoverlays: Add i2c on 0&1 option to TC358743, ADV7282 and OV5647 * overlays: Remove superfluous #address/size-cells * dtoverlays: Add support for ADV7280-M, ADV7281-M and ADV7281-MA chips. * arm: dt: Add DT overlays for ADV7282M, OV5647, and TC358743 * overlays: uart0 - return GPIOs 14 and 15 to inputs * overlays: pi3-disable-bt: Clear out bt_pins node * overlays: Add gpio-no-bank0-irq overlay * overlays: add overrides for PoE HAT fan control * Update gpio-fan-overlay.dts (#2711) * devicetree: add RPi CM3 dts to arm64; mimic the RPi 3B arm64 dts implementation, by referring to the actual dts file in the arm directory - Remove upstream-aux-interrupt-overlay.dts as it is already in arch/arm/boot/dts/overlays/upstream-aux-interrupt-overlay.dts ++++ suse-module-tools: - Update to version 15.1.0 (git 6b07b88): * 50-blacklist.conf is not added in Leap before 15.1. fix conditionals and bump version accordingly. ++++ system-users: - Add cpacfstats, ts-shell, and zkeyadm groups for s390-tools (bsc#1123730) ++++ xkeyboard-config: - U_Map-evdev-keycodes-KEY_RFKILL-and-KEY_WWAN-to-XF86RF.patch * fixes missing mappings for evdev keys KEY_RFKILL and KEY_WWAN (boo#1123784) ++++ zypper: - New commands for locale management: locales addlocale removelocale Inspect and manipulate the systems `requested locales`, aka. the languages software packages should try support by installing translations, dictionaries and tools, as far as they are available. - Don't throw, just warn if options are repeated (bsc#1123865) - Fix detection whether stdout is a tty (happened too late) - Fix broken --plus-content switch (fixes bsc#1123681) - Fix broken --replacefiles switch (fixes bsc#1123137) - Extend zypper source-install (fixes bsc#663358) - Fix inconsistent results for search (bsc#1119873) - Show reboot hint in zypper ps and summary (fixes bnc#1120263) - version 1.14.23 ------------------------------------------------------------------ ------------------ 2019-1-30 - Jan 30 2019 ------------------- ------------------------------------------------------------------ ++++ ignition: - Update to version 0.30.0+git20190124.fd1e703: * docs: fix stale link to config 2.x ++++ ipset: - add ipset-6.36_service_names_for_ports.patch to fix parsing service names for ports. Parsing is attempted both for numbers and service names and the temporary stored error message triggered to reset the state parameters about the set [bsc#1122853] ++++ kernel-default: - rpm/kernel-binary.spec.in: fix initrd permissions (bsc#1123697) dracut has been using permissions 0600 for the initrd for a long time. On SLE15 or higher, that leads to a permission mismatch reported by "rpm -V". Set the permissions correctly for our ghost file. - commit 9e5e2a5 ++++ krb5: - Upgrade to 1.16.3 * Fix a regression in the MEMORY credential cache type which could cause client programs to crash. * MEMORY credential caches will not be listed in the global collection, with the exception of the default credential cache if it is of type MEMORY. * Remove an incorrect assertion in the KDC which could be used to cause a crash [CVE-2018-20217]. * Fix bugs with concurrent use of MEMORY ccache handles. * Fix a KDC crash when falling back between multiple OTP tokens configured for a principal entry. * Fix memory bugs when gss_add_cred() is used to create a new credential, and fix a bug where it ignores the desired_name. * Fix the behavior of gss_inquire_cred_by_mech() when the credential does not contain an element of the requested mechanism. * Make cross-realm S4U2Self requests work on the client when no default_realm is configured. * Add a kerberos(7) man page containing documentation of the environment variables that affect Kerberos programs. - Use systemd-tmpfiles to create files under /var/lib/kerberos, required by transactional updates; (bsc#1100126); - Rename patches: * krb5-1.12-pam.patch => 0001-krb5-1.12-pam.patch * krb5-1.9-manpaths.dif => 0002-krb5-1.9-manpaths.patch * krb5-1.12-buildconf.patch => 0003-krb5-1.12-buildconf.patch * krb5-1.6.3-gssapi_improve_errormessages.dif to 0004-krb5-1.6.3-gssapi_improve_errormessages.patch * krb5-1.6.3-ktutil-manpage.dif => 0005-krb5-1.6.3-ktutil-manpage.patch * krb5-1.12-api.patch => 0006-krb5-1.12-api.patch * krb5-1.12-ksu-path.patch => 0007-krb5-1.12-ksu-path.patch * krb5-1.12-selinux-label.patch => 0008-krb5-1.12-selinux-label.patch * krb5-1.9-debuginfo.patch => 0009-krb5-1.9-debuginfo.patch ++++ libsolv: - fixed a couple of null pointer derefs [bnc#1120629] [bnc#1120630] [bnc#1120631] [CVE-2018-20532] [CVE-2018-20533] [CVE-2018-20534] - do favor evaluation before pruning allowing to (dis)favor specific package versions - no longer disable infarch rules when they don't conflict with the job - bump version to 0.7.3 ++++ podman: - Fix rootless mode with AppArmor https://github.com/containers/libpod/pull/2225 Add patch containers-libpod-pull-2225.diff ++++ qemu: - Return specification exception for unimplemented diag 308 subcodes rather than a hardware error (bsc#1123179) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1 * Patches added: 0057-s390x-Return-specification-exceptio.patch ++++ supportutils: - Corrected spec file errors ++++ suse-module-tools: - Update to version 15.0.20 (git 1396df5): - Fix driver-check.sh (boo#1123697, boo#1123704) - add /etc/modprobe.d/50-blacklist.conf from sysconfig package (boo#1107611) - Remove hard dependency on mkinitrd (boo#1123721) - Make sure code works also without kmod-compat - Replace file dependency on /sbin/depmod by weak package dependency ------------------------------------------------------------------ ------------------ 2019-1-29 - Jan 29 2019 ------------------- ------------------------------------------------------------------ ++++ catatonit: - Update to catatonit v0.1.4, which includes support for "-g". ++++ curl: - Security fix [bsc#1123378, CVE-2019-3823] * SMTP end-of-response out-of-bounds read * Added patch curl-CVE-2019-3823.patch - Security fix [bsc#1123377, CVE-2019-3822] * NTLMv2 type-3 header stack buffer overflow * Added patch curl-CVE-2019-3822.patch ++++ python-kiwi: - Bump version: 9.16.19 → 9.17.13 This version upgrade contains fixes for: * Support alternative EFI and grub modules paths In SUSE products EFI binaries are historically located in /usr/lib*/efi. In a recent move to package grub2 as noarch fate#326960, a collision between x86_64 and aarch64 has been identified, as both place platform-specific files in the same spot. To rectify this, a new location was devised: /usr/share/efi/$(uname -m). At the same time /usr/lib/grub2 will move to /usr/share/grub2. This Fixes #924 * Fixed Xen guest detection We only support Xen setup e.g in the Amazon Cloud for the x86_64 architecture. This Fixes bsc#1123186 and bsc#1123185 * Fixed location of grub unicode font file grub2 is expecting the unicode font below the fonts directory in the /boot/grub*/ depending on how the distribution installs grub2. This Fixes bsc#1119416 * Add Codec utils for bytes literals decoding In case of a literal decoding failure it tries to decode the result in utf-8. This is handy in python2 environments where python and the host might be using different charset configurations. In python3 this issue seams to be solved. Fixes #829 and bsc#1110871 * Fixed URI handling with token query option So far only the query format ?credentials=... was supported. In case of ?random_token_data the returned uri was truncated and also the format check on the query caused a python trace. This Fixes #830 and Fixes #828 and bsc#1110869 and bsc#1108508 ++++ glib2: - Conditionalize enabling of systemtap, default disabled: it creates a build loop. ++++ python-msgpack: - Use %license ++++ u-boot-rpiarm64: - Patch queue updated from git://github.com/openSUSE/u-boot.git tumbleweed-2019.01 * Patch added to fix boo#1123170: 0007-boo-1123170-Remove-ubifs-support-fr.patch ------------------------------------------------------------------ ------------------ 2019-1-28 - Jan 28 2019 ------------------- ------------------------------------------------------------------ ++++ curl: - Fix wrong summary, curl is at version 7, not 4. - Security fix [bsc#1123371, CVE-2018-16890] * NTLM type-2 out-of-bounds buffer read * Added patch curl-CVE-2018-16890.patch ++++ grub2: - Add patch to fix ARM boot, when kernel become too big: * grub2-move-initrd-upper.patch (boo#1123350) ++++ kernel-default: - doc/README.SUSE: Correct description for building a kernel (bsc#1123348) The obsoleted make cloneconfig is corrected. Also the order of make scripts and make prepare are corrected as well. - commit 17a2073 - rpm/release-projects: Add SUSE:Maintenance:* for MU kernels (bsc#1123317) - commit c784b79 - Update to 5.0-rc4 - commit 8e6abff ++++ spice: - Fix OOB memory access in internal tracking of slot_ids and group_ids. (CVE-2019-3813 bsc#1122706) * 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch - Remove celt051 Requires directive ++++ nvme-cli: - Update to version 1.7: * Use tnvmcap register for creating namespace * don't execute a command if --dry-run is supplied * Remove trailing "\n" so that the output is valid json * nvme-cli: remove unnecessary assignments * nvme-print.c : fix ns-descs JSON output * nvme-cli: fix typo in json_print_list_items * nvme-get-property : Add documentation * fabrics: write ctrl_loss_tmo to fabrics device on connect * fabrics: write keep-alive-timeout to fabrics device on connect * nvme-models.c - search for pci.ids * nvme-cli add ns write protect feature support * nvme-cli: add minimal ana-log page support * nvme-cli: add ana-log documentation * Fix print format specifier for 64-bit * nvme-ana-log: fixup compiler warning in show_ana_log() * nvme-vendor: fixup c99 declaration in huawei plugin * nvme-discover: sanitize options * Fix nvme id namespace struct * nvme-cli: make show_registers_cap() static * nvme-cli: wdc-plugin mark array static declaration * nvme-cli: fix sparse warnings for declaration * nvme-cli: don't use unsigned for fd in lnvm-nvme.c * nvme-cli: remove always true condition for u8 * nvme-cli: fix dead-code nvmf log page discovery * nvme-cli: code cleanup for passthru() handlers * nvme-cli: fix scaandir() return value * nvme-cli: netapp plugin handle empty strings * nvme-cli: Fix the displayed metadata length value on Big Endian systems. * nvme list : fix nvme list output if identify failed on device * nvme-cli: use uniform error message for open * nvme-cli: fix indentation * nvme-cli: make wdc plug-in functions static * nvme-cli: mark functions static * nvme-cli: make malloc error handling uniform * Enlarge local char[] so snprintf(3) can't truncate path. * fabrics: make some arguments integers * fabrics: don't fail empty discovery log page * nvme: commonize subsystems info in a helper * fabrics: add disconnect-all command * Regen documentation * attach-ns : fix segfault for ctrl list wrong input * nvme-discover: Retry discovery log if the generation counter changes * nvme-ioctl: retrieve log pages in 4k chunks * nvme-discover: Re-check generation counter after log page transfer * seagate-nvme: fixup coding style * nvme-cli: Add 'rae' argument to nvme_get_log() * nvme-cli: kill nvme_passthru_admin() * nvme-cli: print "\n" after nvme list-subsys -o json * nvme-cli: tests: fix fw_log test coding style * nvme-cli: tests: fix id_ctrl test coding style * nvme-cli: tests: fix id_ns test coding style * nvme-cli: tests: Add get_id_ctrl function * Update gitignore for generated test files * Add PCI device id checking for the WDC plugin commands. * Fix nvme test device selection to use controller value defined in the config.json file. Before this fix, the value was hard coded to nvme0. * nvme-cli: prevent resv action field overflow * nvme-cli: report subsystem-reset not supported by controller * nvme-cli: fix indentation for dir_[send/receive] * nvme-cli: make read error handling uniform * Use sys/ioctl.h to pull in definitions. * Remove unnecessary asm/byteorder.h * Remove unnecessary linux/types.h include. * Include libgen.h for basename prototype. * Include sys/stat.h * nvme-cli: remove endian.h * We don't need to include linux/types.h here. * Initialize line. * Use standard interfaces to get timezone offsets. * nvme-cli: fix ioctl argument * nvme-cli: fix a typo * Enable code block syntax highlight in README.md * Makefile: fix bash completion install path * NVMe-CLI WDC Plugin - Simplify the device id checking routines. * nvme-cli: Add wdc-plugin command vs-internal-log and update wdc-plug cap-diag command with transfer-size parameter. * nvme-cli: Add help text for wdc-plugin command vs-internal-log. Update help text for wdc-plugin command cap-diag. * Update documentation * nvme.spec.in : fix bash completion path, require * nvme-cli wdc plugin: Add get pfail dump command. * nvme-cli wdc plugin: Add documentation for pfail dump. * Re-gen documentation for new files * wdc: Fix strncpy warning * Refactor plugins in a file hierarchy * nvme-cli: fix sanitize status endianness * nvme-cli: fix ana-log endianness * wdc: Use const string for suffix * nvme-cli:fix a typo in SELF-TEST log * nvme-cli: fix a typo * nvme-cli: fix array len to hold string of size 4 * nvme-cli: fix endianness for the structure field * nvme: Handle supported capabilities result for get features * connect-all: special treatment to EALREADY afetr write to /dev/nvme-fabrics * Added zsh completion installation * nvme-cli: fix a typo * nvme: fixup ANA group descriptor offset * nvme: introduce get_nvme_ctrl_attr() * nvme: print out controller state for 'list-subsys' * nvme-list-subsys: Add device name argument and print out ANA state * list-subsys: Preserve line breaks and spaces * Regen documentation * In json output, if the commands add zero length string, it occur allocation fail & abort (cannot display empty value) * Fix printing of large ANAGRPID values * micron-nvme: Replace direct use of ioctl * Fix printing of large ANAGRPID values * Fix typos in docs * Fix typos in tests and utils * fabrics: support fabrics sq flow control disable * fabrics: use trtype_str when parsing a discovery log entry * nvme: Add TCP transport * fabrics: add tcp port tsas decoding * fabrics: add transport header and data digest * nvme-ioctl: clear rae for discovery log pages * Added support for virtualization-management command * nvme-cli: Don't print result on passthru error * nvme-cli: readme: fix typo in Alpine distro support * Added gentoo to README.md * fabrics: pass in number of write queues * fabrics: pass in number of polling queues * Update documentation * README: update Arch Linux install instructions * fabrics: allow nr_io/write/poll_queues and queue size to discovery * nvme: Adding a block size selector to format * nvme: Regenerate documentation * timeout option added to ns_create/delete (#440) * nvme: Remove duplicate error message * rpm spec file: add zsh completion (#447) * nvme: Release 1.7 - Drop obsolete patches: - 0001-Use-tnvmcap-register-for-creating-namespace.patch - 0002-don-t-execute-a-command-if-dry-run-is-supplied.patch - 0003-Remove-trailing-n-so-that-the-output-is-valid-json.patch - 0004-nvme-cli-remove-unnecessary-assignments.patch - 0005-nvme-print.c-fix-ns-descs-JSON-output.patch - 0006-nvme-cli-fix-typo-in-json_print_list_items.patch - 0007-nvme-get-property-Add-documentation.patch - 0008-fabrics-write-ctrl_loss_tmo-to-fabrics-device-on-con.patch - 0009-fabrics-write-keep-alive-timeout-to-fabrics-device-o.patch - 0010-nvme-models.c-search-for-pci.ids.patch - 0011-nvme-cli-add-ns-write-protect-feature-support.patch - 0012-nvme-cli-add-minimal-ana-log-page-support.patch - 0013-nvme-cli-add-ana-log-documentation.patch - 0014-Fix-print-format-specifier-for-64-bit.patch - 0015-nvme-ana-log-fixup-compiler-warning-in-show_ana_log.patch - 0016-nvme-vendor-fixup-c99-declaration-in-huawei-plugin.patch - 0017-nvme-discover-sanitize-options.patch - 0018-Fix-nvme-id-namespace-struct.patch - 0019-nvme-cli-make-show_registers_cap-static.patch - 0020-nvme-cli-wdc-plugin-mark-array-static-declaration.patch - 0021-nvme-cli-fix-sparse-warnings-for-declaration.patch - 0022-nvme-cli-don-t-use-unsigned-for-fd-in-lnvm-nvme.c.patch - 0023-nvme-cli-remove-always-true-condition-for-u8.patch - 0024-nvme-cli-fix-dead-code-nvmf-log-page-discovery.patch - 0025-nvme-cli-code-cleanup-for-passthru-handlers.patch - 0026-nvme-cli-fix-scaandir-return-value.patch - 0027-nvme-cli-netapp-plugin-handle-empty-strings.patch - 0028-nvme-cli-Fix-the-displayed-metadata-length-value-on-.patch - 0029-nvme-list-fix-nvme-list-output-if-identify-failed-on.patch - 0030-nvme-cli-use-uniform-error-message-for-open.patch - 0031-nvme-cli-fix-indentation.patch - 0032-nvme-cli-make-wdc-plug-in-functions-static.patch - 0033-nvme-cli-mark-functions-static.patch - 0034-nvme-cli-make-malloc-error-handling-uniform.patch - 0035-Enlarge-local-char-so-snprintf-3-can-t-truncate-path.patch - 0036-fabrics-make-some-arguments-integers.patch - 0037-fabrics-don-t-fail-empty-discovery-log-page.patch - 0038-nvme-commonize-subsystems-info-in-a-helper.patch - 0039-fabrics-add-disconnect-all-command.patch - 0040-Regen-documentation.patch - 0041-attach-ns-fix-segfault-for-ctrl-list-wrong-input.patch - 0042-nvme-discover-Retry-discovery-log-if-the-generation-.patch - 0043-nvme-ioctl-retrieve-log-pages-in-4k-chunks.patch - 0044-nvme-discover-Re-check-generation-counter-after-log-.patch - 0045-seagate-nvme-fixup-coding-style.patch - 0046-nvme-cli-Add-rae-argument-to-nvme_get_log.patch - 0047-nvme-cli-kill-nvme_passthru_admin.patch - 0048-nvme-cli-print-n-after-nvme-list-subsys-o-json.patch - 0049-nvme-cli-tests-fix-fw_log-test-coding-style.patch - 0050-nvme-cli-tests-fix-id_ctrl-test-coding-style.patch - 0051-nvme-cli-tests-fix-id_ns-test-coding-style.patch - 0052-nvme-cli-tests-Add-get_id_ctrl-function.patch - 0054-Add-PCI-device-id-checking-for-the-WDC-plugin-comman.patch - 0055-Fix-nvme-test-device-selection-to-use-controller-val.patch - 0056-nvme-cli-prevent-resv-action-field-overflow.patch - 0057-nvme-cli-report-subsystem-reset-not-supported-by-con.patch - 0058-nvme-cli-fix-indentation-for-dir_-send-receive.patch - 0059-nvme-cli-make-read-error-handling-uniform.patch - 0060-Use-sys-ioctl.h-to-pull-in-definitions.patch - 0061-Remove-unnecessary-asm-byteorder.h.patch - 0062-Remove-unnecessary-linux-types.h-include.patch - 0063-Include-libgen.h-for-basename-prototype.patch - 0064-Include-sys-stat.h.patch - 0065-nvme-cli-remove-endian.h.patch - 0066-We-don-t-need-to-include-linux-types.h-here.patch - 0067-Initialize-line.patch - 0068-Use-standard-interfaces-to-get-timezone-offsets.patch - 0069-nvme-cli-fix-ioctl-argument.patch - 0070-nvme-cli-fix-a-typo.patch - 0071-Enable-code-block-syntax-highlight-in-README.md.patch - 0072-Makefile-fix-bash-completion-install-path.patch - 0073-NVMe-CLI-WDC-Plugin-Simplify-the-device-id-checking-.patch - 0074-nvme-cli-Add-wdc-plugin-command-vs-internal-log-and-.patch - 0075-nvme-cli-Add-help-text-for-wdc-plugin-command-vs-int.patch - 0076-Update-documentation.patch - 0077-nvme.spec.in-fix-bash-completion-path-require.patch - 0078-nvme-cli-wdc-plugin-Add-get-pfail-dump-command.patch - 0079-nvme-cli-wdc-plugin-Add-documentation-for-pfail-dump.patch - 0080-Re-gen-documentation-for-new-files.patch - 0081-wdc-Fix-strncpy-warning.patch - 0082-Refactor-plugins-in-a-file-hierarchy.patch - 0083-nvme-cli-fix-sanitize-status-endianness.patch - 0084-nvme-cli-fix-ana-log-endianness.patch - 0085-wdc-Use-const-string-for-suffix.patch - 0086-nvme-cli-fix-a-typo-in-SELF-TEST-log.patch - 0087-nvme-cli-fix-a-typo.patch - 0088-nvme-cli-fix-array-len-to-hold-string-of-size-4.patch - 0089-nvme-cli-fix-endianness-for-the-structure-field.patch - 0090-nvme-Handle-supported-capabilities-result-for-get-fe.patch - 0091-connect-all-special-treatment-to-EALREADY-afetr-writ.patch - 0092-Added-zsh-completion-installation.patch - 0093-nvme-cli-fix-a-typo.patch - 0094-nvme-fixup-ANA-group-descriptor-offset.patch - 0095-nvme-introduce-get_nvme_ctrl_attr.patch - 0096-nvme-print-out-controller-state-for-list-subsys.patch - 0097-nvme-list-subsys-Add-device-name-argument-and-print-.patch - 0098-list-subsys-Preserve-line-breaks-and-spaces.patch - 0099-Regen-documentation.patch - 0100-In-json-output-if-the-commands-add-zero-length-strin.patch - 0101-Fix-printing-of-large-ANAGRPID-values.patch - 0102-micron-nvme-Replace-direct-use-of-ioctl.patch - 0104-Fix-typos-in-docs.patch - 0105-Fix-typos-in-tests-and-utils.patch - 0106-fabrics-support-fabrics-sq-flow-control-disable.patch - 0107-fabrics-use-trtype_str-when-parsing-a-discovery-log-.patch - 0108-nvme-Add-TCP-transport.patch - 0109-fabrics-add-tcp-port-tsas-decoding.patch - 0110-fabrics-add-transport-header-and-data-digest.patch - 0111-nvme-ioctl-clear-rae-for-discovery-log-pages.patch - 0112-Added-support-for-virtualization-management-command.patch - 0113-nvme-cli-Don-t-print-result-on-passthru-error.patch - 0114-nvme-cli-readme-fix-typo-in-Alpine-distro-support.patch - 0115-Added-gentoo-to-README.md.patch - 0116-fabrics-pass-in-number-of-write-queues.patch - 0117-fabrics-pass-in-number-of-polling-queues.patch - 0118-Update-documentation.patch - 0119-README-update-Arch-Linux-install-instructions.patch - 0120-fabrics-allow-nr_io-write-poll_queues-and-queue-size.patch - 0121-nvme-Adding-a-block-size-selector-to-format.patch - 0122-nvme-Regenerate-documentation.patch - 0123-timeout-option-added-to-ns_create-delete-440.patch - 0124-nvme-Remove-duplicate-error-message.patch - Add patches from upstream git tree (FATE#326925) + 0001-wdc-Change-device-capability-checking.patch + 0002-wdc-Add-additional-device-for-vs-internal-log.patch + 0003-generate-new-documentation.patch + 0004-Fix-compilation-with-GCC-8.patch + 0005-Fix-CFLAGS-parameter.patch + 0006-nvme-cli-fix-compilation-with-uint64_t-cast.patch - Add FC-NVMe autoconnect scripts (bsc#1103354) + 0100-nvme_fc-auto-connect-scripts.patch ++++ openssh: - Remove old conditionals ++++ podman: - Stop using conmon from random git commits, use cri-o releases - Update to conmon from cri-o v1.13.0 * Solve gh#containers/libpod#527 - Tidy up .gitignore files from podman-1.0.0.tar.xz ++++ supportutils: - Added firewall-cmd info - btrfs filesystem usage - Add ls -lA --time-style=long-iso /etc/products.d/ - Dump lsof errors - Added corosync status to ha_info ++++ transactional-update: - Update to version 2.12 - Implements support for needs-restart (Fate#326451) - Adds easy rollback to last known working snapshot by using "last" as the snapshot number - Migrate /etc/fstab.sys entires to /etc/fstab for systemd being able to create mount units; this will prevent errors on unmount - Remove implicit --no-allow-vendor-change - this option can be configured in zypper's configuration file now - Add support for mounting the /etc overlay file system as a systemd unit in /etc/fstab on a read-only system (replacing /etc/fstab.sys in the long run) - Various bugfixes: - Only remove /etc overlays on read-only root file systems [boo#1122455] - Disable "Persistent" flag in systemd timer unit to prevent updates during or immediately after the boot phase - Don't set global zypper options during migration - this is not supported by the migration plugin - Fix error handling when interrupting while rsync is running - Filter out security.selinux attributes during rsync